www.upmedia.mg Open in urlscan Pro
192.124.249.153 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Submission: On January 05 via manual (January 5th 2024, 4:18:05 am UTC) from TW — Scanned from DE

Summary HTTP 274 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 74 IPs in 8 countries across 53 domains to perform 274 HTTP transactions. The main IP is 192.124.249.153, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.upmedia.mg. The Cisco Umbrella rank of the primary domain is 278757.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on May 8th 2023. Valid for: a year.

This is the only time www.upmedia.mg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
35	192.124.249.153 192.124.249.153	30148 (SUCURI-SEC) (SUCURI-SEC)
8	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2	18.239.83.98 18.239.83.98	16509 (AMAZON-02) (AMAZON-02)
16	2606:4700:10:... 2606:4700:10::ac43:290a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.186.245.165 35.186.245.165	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	34.96.95.4 34.96.95.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
44	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700:10:... 2606:4700:10::6816:2b5e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:d400:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:3af9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3bf9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.143.114.132 18.143.114.132	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
1	54.246.43.192 54.246.43.192	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:23::9	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2016	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:236... 2600:9000:236e:de00:2:d490:4d80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	34.111.12.34 34.111.12.34	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.150.21 34.107.150.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	13.251.113.110 13.251.113.110	16509 (AMAZON-02) (AMAZON-02)
3	34.102.218.41 34.102.218.41	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.251.113.78 13.251.113.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:9ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	52.163.200.170 52.163.200.170	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	125.227.53.93 125.227.53.93	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3	34.96.83.10 34.96.83.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	35.244.186.85 35.244.186.85	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	() ()
1	2a00:1450:400... 2a00:1450:4001:809::2001	() ()
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	() ()
1	145.40.97.67 145.40.97.67	() ()
1	88.221.169.49 88.221.169.49	() ()
1	5.135.209.97 5.135.209.97	() ()
1	2606:4700:440... 2606:4700:4400::ac40:994e	() ()
1	2602:803:c003... 2602:803:c003:200::45	() ()
1	34.120.63.153 34.120.63.153	() ()
1	2a02:2638:3::7 2a02:2638:3::7	() ()
1	51.75.86.98 51.75.86.98	() ()
4	2a00:1450:400... 2a00:1450:4001:82f::2001	() ()
274	74

35 192.124.249.153 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10153.sucuri.net

www.upmedia.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.131.52 (United States)

ASN54113 (FASTLY, US)

rtbcdn.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbpass-us.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.239.83.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-98.ams58.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:10::ac43:290a (United States)

ASN13335 (CLOUDFLARENET, US)

api.pvmax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.pvmax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.245.165 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 165.245.186.35.bc.googleusercontent.com

pvmax.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.95.4 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.95.96.34.bc.googleusercontent.com

auto-load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:2b5e (United States)

ASN13335 (CLOUDFLARENET, US)

avivid.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avividone.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:d400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:3af9 (United States)

ASN13335 (CLOUDFLARENET, US)

sun.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3bf9 (United States)

ASN13335 (CLOUDFLARENET, US)

auto-load-balancer.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

rtbdemand.apiip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.143.114.132 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-114-132.ap-southeast-1.compute.amazonaws.com

prebid.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.246.43.192 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:23::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr4---sn-4g5edndk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:236e:de00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)

wrappers.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com

ad.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com

uec.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.113.110 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-113-110.ap-southeast-1.compute.amazonaws.com

kinesis.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com

ecs.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.113.78 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-113-78.ap-southeast-1.compute.amazonaws.com

firehose.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:9ee (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.163.200.170 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 125.227.53.93 (Taipei, Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 125-227-53-93.hinet-ip.hinet.net

dmp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com

event.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.186.85 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 85.186.244.35.bc.googleusercontent.com

ttd-cm.tagtoo.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (None, )

ASN- ()

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (None, )

ASN- ()

62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (None, )

ASN- ()

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.67 (None, )

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.49 (None, )

ASN- ()

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.135.209.97 (None, )

ASN- ()

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:994e (None, )

ASN- ()

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::45 (None, )

ASN- ()

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (None, )

ASN- ()

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (None, )

ASN- ()

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (None, )

ASN- ()

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	gstatic.com fonts.gstatic.com www.gstatic.com	3 MB
35	upmedia.mg www.upmedia.mg — Cisco Umbrella Rank: 278757	4 MB
21	youtube.com www.youtube.com — Cisco Umbrella Rank: 79	1 MB
16	pvmax.net api.pvmax.net — Cisco Umbrella Rank: 759124 cdn.pvmax.net	630 KB
14	tenmax.io 2 redirects pvmax.tenmax.io — Cisco Umbrella Rank: 800598 ssp.tenmax.io — Cisco Umbrella Rank: 144342 dmp.tenmax.io — Cisco Umbrella Rank: 139017	16 KB
12	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 static.doubleclick.net — Cisco Umbrella Rank: 371 cm.g.doubleclick.net — Cisco Umbrella Rank: 338	207 KB
9	likr.tw avivid.likr.tw — Cisco Umbrella Rank: 37225 avividone.likr.tw — Cisco Umbrella Rank: 69484	156 KB
8	tagtoo.co ad.tagtoo.co — Cisco Umbrella Rank: 111868 uec.tagtoo.co — Cisco Umbrella Rank: 118620 ecs.tagtoo.co — Cisco Umbrella Rank: 101464 event.tagtoo.co — Cisco Umbrella Rank: 109144	48 KB
8	googlevideo.com rr4---sn-4g5edndk.googlevideo.com — Cisco Umbrella Rank: 41670	1 MB
8	popin.cc api.popin.cc — Cisco Umbrella Rank: 21719 tw.popin.cc — Cisco Umbrella Rank: 104701 log.popin.cc — Cisco Umbrella Rank: 22400 r.popin.cc — Cisco Umbrella Rank: 23305	141 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	557 KB
6	googlesyndication.com pagead2.googlesyndication.com 62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com tpc.googlesyndication.com	111 KB
5	advividnetwork.com sun.advividnetwork.com — Cisco Umbrella Rank: 49166 auto-load-balancer.advividnetwork.com — Cisco Umbrella Rank: 73022	18 KB
5	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 708 jnn-pa.googleapis.com — Cisco Umbrella Rank: 306	70 KB
4	amazonaws.com kinesis.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 43899 firehose.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 39395	1 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 597 mug.criteo.com — Cisco Umbrella Rank: 1867 bidder.criteo.com	7 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	21 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	177 KB
3	4dex.io script.4dex.io mp.4dex.io	25 KB
3	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 104	226 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 2214 google-bidout-d.openx.net — Cisco Umbrella Rank: 2217	822 B
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 98	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4002	669 B
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1679 syndication.twitter.com — Cisco Umbrella Rank: 1999	132 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	42 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	122 KB
3	andbeyond.media rtbcdn.andbeyond.media — Cisco Umbrella Rank: 29107 rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 38898 prebid.andbeyond.media — Cisco Umbrella Rank: 31624	213 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 193	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1218 id5-sync.com — Cisco Umbrella Rank: 658	34 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	12 KB
2	likr.com.tw auto-load-balancer.likr.com.tw — Cisco Umbrella Rank: 111193	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	22 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 395	20 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 274	3 KB
1	onetag-sys.com onetag-sys.com	411 B
1	media.net prebid.media.net	647 B
1	rubiconproject.com fastlane.rubiconproject.com	849 B
1	smartadserver.com prg-apac.smartadserver.com	564 B
1	teads.tv a.teads.tv	381 B
1	a-mo.net prebid.a-mo.net	170 B
1	tagtoo.com.tw ttd-cm.tagtoo.com.tw — Cisco Umbrella Rank: 156478	161 B
1	cacafly.net tenmax-static.cacafly.net — Cisco Umbrella Rank: 153978	41 KB
1	geoedge.be wrappers.geoedge.be — Cisco Umbrella Rank: 19388	4 KB
1	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 20371	4 KB
1	apiip.net rtbdemand.apiip.net — Cisco Umbrella Rank: 22006	396 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2532	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3276	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	13 KB
0	bidswitch.net Failed grid.bidswitch.net Failed
0	adnxs.com Failed ib.adnxs.com Failed
0	adtelligent.com Failed ghb.adtelligent.com Failed
0	adgeek.com.tw Failed sslcode.adgeek.com.tw Failed
0	alexametrics.com Failed certify-js.alexametrics.com Failed
274	53

	Domain	Requested by
44	fonts.gstatic.com	www.upmedia.mg www.youtube.com
35	www.upmedia.mg	www.upmedia.mg
21	www.youtube.com	www.upmedia.mg www.youtube.com
12	cdn.pvmax.net	www.upmedia.mg
9	ssp.tenmax.io	tenmax-static.cacafly.net www.upmedia.mg
8	rr4---sn-4g5edndk.googlevideo.com	www.youtube.com
8	avivid.likr.tw	www.upmedia.mg
8	www.googletagmanager.com	www.upmedia.mg www.googletagmanager.com
5	securepubads.g.doubleclick.net	www.googletagservices.com www.upmedia.mg securepubads.g.doubleclick.net
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	jnn-pa.googleapis.com	www.youtube.com
4	sun.advividnetwork.com	www.upmedia.mg
4	api.pvmax.net	www.upmedia.mg api.pvmax.net
4	connect.facebook.net	www.upmedia.mg connect.facebook.net
3	event.tagtoo.co	ecs.tagtoo.co
3	dmp.tenmax.io	2 redirects www.upmedia.mg
3	ecs.tagtoo.co	ad.tagtoo.co ecs.tagtoo.co
3	log.popin.cc	www.upmedia.mg
3	www.gstatic.com	www.youtube.com www.gstatic.com www.upmedia.mg
3	i.ytimg.com	www.upmedia.mg
3	www.google.com	www.upmedia.mg www.youtube.com tpc.googlesyndication.com
3	www.facebook.com	1 redirects www.upmedia.mg connect.facebook.net
3	www.google.de	www.upmedia.mg
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.youtube.com
3	api.popin.cc	www.upmedia.mg api.popin.cc
3	www.google-analytics.com	www.upmedia.mg www.google-analytics.com www.googletagmanager.com
3	www.googletagservices.com	www.upmedia.mg www.googletagmanager.com securepubads.g.doubleclick.net
2	script.4dex.io	rtbpass-us.andbeyond.media script.4dex.io
2	firehose.ap-southeast-1.amazonaws.com	avivid.likr.tw
2	kinesis.ap-southeast-1.amazonaws.com	avivid.likr.tw
2	gum.criteo.com	1 redirects static.criteo.net
2	oajs.openx.net	1 redirects www.upmedia.mg
2	yt3.ggpht.com	www.youtube.com www.upmedia.mg
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	auto-load-balancer.likr.com.tw	www.upmedia.mg
2	pvmax.tenmax.io	www.upmedia.mg api.pvmax.net
2	cdn.jsdelivr.net	www.upmedia.mg securepubads.g.doubleclick.net
2	platform.twitter.com	www.upmedia.mg platform.twitter.com
2	cdnjs.cloudflare.com	www.upmedia.mg
2	sb.scorecardresearch.com	www.upmedia.mg
1	onetag-sys.com	rtbpass-us.andbeyond.media
1	bidder.criteo.com	rtbpass-us.andbeyond.media
1	prebid.media.net	rtbpass-us.andbeyond.media
1	fastlane.rubiconproject.com	rtbpass-us.andbeyond.media
1	mp.4dex.io	rtbpass-us.andbeyond.media
1	prg-apac.smartadserver.com	rtbpass-us.andbeyond.media
1	a.teads.tv	rtbpass-us.andbeyond.media
1	prebid.a-mo.net	rtbpass-us.andbeyond.media
1	62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
1	ttd-cm.tagtoo.com.tw	uec.tagtoo.co
1	r.popin.cc	www.upmedia.mg
1	cm.g.doubleclick.net	1 redirects
1	tenmax-static.cacafly.net	api.pvmax.net
1	uec.tagtoo.co	api.popin.cc
1	ad.tagtoo.co	api.popin.cc
1	tw.popin.cc	api.popin.cc
1	avividone.likr.tw	www.upmedia.mg
1	google-bidout-d.openx.net	oa.openxcdn.net
1	wrappers.geoedge.be	rtbpass-us.andbeyond.media
1	mug.criteo.com	www.upmedia.mg
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	id5-sync.com	cdn.id5-sync.com
1	prebid.andbeyond.media	rtbcdn.andbeyond.media
1	p.adlooxtracking.com	rtbcdn.andbeyond.media
1	rtbpass-us.andbeyond.media	rtbcdn.andbeyond.media
1	rtbdemand.apiip.net	rtbcdn.andbeyond.media
1	auto-load-balancer.advividnetwork.com	www.upmedia.mg
1	static.doubleclick.net	www.youtube.com
1	syndication.twitter.com	platform.twitter.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	ajax.googleapis.com	www.upmedia.mg
1	rtbcdn.andbeyond.media	www.upmedia.mg
0	grid.bidswitch.net Failed	rtbpass-us.andbeyond.media
0	ib.adnxs.com Failed	rtbpass-us.andbeyond.media
0	ghb.adtelligent.com Failed	rtbpass-us.andbeyond.media
0	sslcode.adgeek.com.tw Failed
0	certify-js.alexametrics.com Failed	www.upmedia.mg
274	83

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
twitter.com
buy.yungching.com.tw
www.cic.police.ntpc.gov.tw
www.fsc.gov.tw
linktr.ee
pvmax.tenmax.io
goo.gl

Subject Issuer	Validity	Valid
upmedia.mg ZeroSSL RSA Domain Secure Site CA	`2023-05-08` - `2024-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
andbeyond.media Certainly Intermediate R1	`2023-12-30` - `2024-01-29`	a month	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
pvmax.net E1	`2023-12-24` - `2024-03-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2023-01-30` - `2024-02-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.likr.com.tw TWCA Secure SSL Certification Authority	`2023-05-07` - `2024-06-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.advividnetwork.com TWCA Secure SSL Certification Authority	`2023-05-08` - `2024-06-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.andbeyond.media Starfield Secure Certificate Authority - G2	`2023-02-14` - `2024-03-17`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.id5-sync.com R3	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-12-12` - `2024-02-20`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
gw.geoedge.be Amazon RSA 2048 M01	`2023-08-12` - `2024-09-09`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
ad.tagtoo.co GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
uec.tagtoo.co GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
kinesis.ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
ecs.tagtoo.co GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
firehose.ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2023-12-17` - `2024-12-15`	a year	crt.sh
*.tagtoo.co Go Daddy Secure Certificate Authority - G2	`2023-04-14` - `2024-05-15`	a year	crt.sh
*.tagtoo.com.tw Go Daddy Secure Certificate Authority - G2	`2023-04-14` - `2024-05-15`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2023-10-23` - `2024-10-22`	a year	crt.sh
*.a-mo.net R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-12-24` - `2024-03-23`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Frame ID: 89433FF378385677660C35AC83C67742
Requests: 205 HTTP requests in this frame

Frame: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
Frame ID: E89D8C0D4DA26642313303B485E5F199
Requests: 43 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: A82B4FF782508C27F761E109A7705622
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: D533050265D8BECDCCDAA02B2531368F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.upmedia.mg
Frame ID: C528C69697F851593168D1B03F2B62A1
Requests: 2 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Frame ID: 88C43AD32A0655B0FC1B866646B6FA49
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Frame ID: 6407AD010DE0B0E942C5102D89875922
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.advividnetwork.com/avivid_topics.html?web_id=upmedia&uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Frame ID: 8E66533C7663D6E70D729959D28EA27A
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Frame ID: 852E3F821740792234EE0632181F0DB1
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Frame ID: C86CB919C994E0FDF4F113813F620037
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.upmedia.mg
Frame ID: B942A12F2B60B07CF09C5C719888A059
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: D56637C572A1532FE6BFBEAD27D930B7
Requests: 1 HTTP requests in this frame

Frame: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1704428277666
Frame ID: D067742CB3F431CA41242A41A23654F8
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24b03f18900e44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ffaf41300ad88c8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
Frame ID: 16250189A1C198B0BA4320126732142C
Requests: 1 HTTP requests in this frame

Frame: https://62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 892536B5FB5271E66513247884214CC8
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWO0RZEzgorN1vGQZHbsFrsMQbme7gagpb79udZi6yW7aL_vpoynqiBZaK4FwJgcisINWoXPBiKVjUEahRsv-_Gq_H4VQxQlSi28c4QuGEoMx0gviuWVZKKv_da9sD2f3wm-7XEcIdcwcWOMFr2H-OlAw3cJWycVcMX3RUNDvpe_YyQUIfgGkyWhiSoaP2-w3Q-68LACtunyddLeAj2H2qfXmtZhmzR_-zCvpIEf3XK6W9uiK8S2IvKTewZjiGSjxAgPSSQs5I2U_OWXCr4YmNyMVssw1k3-sME6bp1Wc4gWgtawCnIn5eSCUMjCMXdEz8A8H4W6tUKJ3LJNjubI4i8yuHgMAtguk&sai=AMfl-YQAHZZj_3B81X639De2PsW-_sFxOcLHR3xcfJ5ne1F0UAKYZXdL3ut4JFeJjJFo52bAuH3a3-l9YItZURPjbmSktGHKCCY_Zq1QkiOYb_QzOb8-CQT5Y_q6nYjRmGg&sig=Cg0ArKJSzBUyJwETsFLZEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D8A448FBBC2BBAC5538273A4E99D5CC0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A6BB5BB5E67761A72CD793492BE4C9D1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0123E6335A30403AAE222592F49B1A8B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

合法交易所淪詐騙溫床　「ACE王牌」賣虛擬貨幣詐10億7人遭聲押 -- 上報 / 焦點

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

274
Requests

96 %
HTTPS

55 %
IPv6

53
Domains

83
Subdomains

74
IPs

8
Countries

12851 kB
Transfer

20861 kB
Size

40
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/UPMEDIA.MG/
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCcO7MzLG-NNa3ndE_zklLdg
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/upmedia.offical/
Title: instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/UpMedia_tw
Title: twitter

Search URL Search Domain Scan URL

URL: https://buy.yungching.com.tw/houseafford?utm_source=yc_bn&utm_medium=pc&utm_content=houseafford_2308&utm_campaign=ycbn_home

Search URL Search Domain Scan URL

URL: https://www.cic.police.ntpc.gov.tw/mp-28.html
Title: 新北市刑警大隊

Search URL Search Domain Scan URL

URL: https://www.fsc.gov.tw/ch/index.jsp
Title: 金管會

Search URL Search Domain Scan URL

URL: https://linktr.ee/upmedia_tw
Title: 社群連結

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB19%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=957854439826abbd7f188a4dd307deb6&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D190047%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB3%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=23f8f802e628d6eb7932a99534cd13ed&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D190902%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=behavior&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB3%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=93d51c3df8a896bb34a6dd37eeb8f3ed&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D189797%26Type%3D9&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=behavior&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB3%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=2ecce966d95d3cf67bbe82576bb98b32&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D190593%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB13%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=c19b76cee14194849bee2e546e01713d&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D191041%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=hot&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=3d711e822a2b85795286b429f5b06e49&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D191591%26Type%3D196&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=behavior&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB13%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=e13fe033297313be1e2d31efa3310833&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D190998%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=hot&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=8dc48184888bf592e838acf117513bdd&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D191597%26Type%3D196&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=hot&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB9-30%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=432f658aae80c0c5fa13ba384c98b7cc&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D191659%26Type%3D196&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB13%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=71557343375e2bca8d709a2b6bd9b2b4&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D189277%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB20%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=ad9c4b615762b8d77194541e3a9fe6c8&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D189954%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://pvmax.tenmax.io/kiangi/rc?originalWidgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&dsType=content&rid=39d3428eaf4a09ee6dd468855fe9ad3c&categories=%5B%22IAB3%22%5D&mobileTag=sandwich&desktopTag=grid-3&tid=f998639b6a7204446a08e462058f4ed2&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FSerialNo%3D190830%26Type%3D24&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3

Search URL Search Domain Scan URL

URL: https://www.facebook.com/UPMEDIA.MG/?fref=ts
Title: 上報

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/b6uXZLP64ZjSbetE6
Title: 地址：新北市新店區寶橋路188號8樓

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 119

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rid=esp&cc=1

Request Chain 134

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upmedia.mg&sn=ChromeSyncframe&so=0&topUrl=www.upmedia.mg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_c_b5XwyMkdlUzcvMzVMUGF0aytkUVZPSTRSd1V1Yk9KaHpIVjRvVERuVmJkSTNqVU1BRUlqM2xRdWt2cG92M3NqRCsxcjVFQ0hKSmJhdS9QM3ZRQmpSSVhaWkVBdGxUOW9ZS2JRUHVuRk5DN3p3czV5NkhPRjFnenV6MmlPMHV0cENFRytkUG5CRTJaOXAwUm1tcDZKNlZnMU5LclQxa1Q0elc4bXM1YndYRkxiNW1CSTVTMVlOdGhORU9PY3lHVHUrOTNQM3RkL0cweFlzOFB5ci9hdk5GUTNrVzdXYVcxSEZqREYwR2RFNWZBdWZoSldPczJMNmwxSmZCYjcvL2Fkd1Y0Ly9WOGZYcURqSk1MRS9LeTBJdmt2QT09fA&cppv=2

Request Chain 229

https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=612264231 HTTP 302
https://dmp.tenmax.io/cmp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1704428279&google_hm=WjdqUHdLdUJFZTZlYnBldjNuSVdZZz09&google_cm HTTP 302
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEIyixVlZalX8E0yoKyoaDik&google_cver=1&google_ula=514624859,0

Request Chain 247

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24b03f18900e44%26domain%3Dwww.upmedia.mg%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.upmedia.mg%252Ffaf41300ad88c8%26relation%3Dparent.parent&container_width=300&height=715&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FUPMEDIA.MG%2F%3Ffref%3Dts&locale=zh_TW&sdk=joey&show_facepile=true&small_header=false&tabs=timeline HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24b03f18900e44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ffaf41300ad88c8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline

274 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request news_info.php Show response
www.upmedia.mg/ 82 KB
32 KB 1351ms
633ms Document
text/html 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

c28040d4b11422384111482e6d22d82db5afa545b7b819bb16ce571e45ee8401

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:54 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-sucuri-cache: MISS
x-sucuri-id: 15003
x-xss-protection: 1; mode=block

GET
H2 200 style-new-v4.min.css
www.upmedia.mg/css/ 78 KB
20 KB 40ms
39ms Stylesheet
text/css 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/style-new-v4.min.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

9d14627315877e3e35018078dbe4c3974379bf4ee2b32e53259c5f9b025760d6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Sun, 12 Nov 2023 16:23:13 GMT
etag: "139fe-609f6f8521e40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style_202102_topad.css
www.upmedia.mg/css/ 857 B
785 B 78ms
78ms Stylesheet
text/css 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/style_202102_topad.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

ed5e0b23e098a4b9bee661a904db54dd8bcdbfce9438db83298465431b14a9ab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 417
x-xss-protection: 1; mode=block
last-modified: Thu, 25 Mar 2021 04:56:26 GMT
server: nginx
etag: "359-5be553cda7280-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fonts.css
www.upmedia.mg/css/ 217 KB
97 KB 79ms
78ms Stylesheet
text/css 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/fonts.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

ea9a7cc743f85d8125ace5b7f7dac003957cde3ee374e88d560acbab98317885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Thu, 16 Jan 2020 07:50:48 GMT
etag: "363b0-59c3d1550c410-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.css
www.upmedia.mg/css/ 1 KB
794 B 118ms
117ms Stylesheet
text/css 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/owl.carousel.min.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

5ba1cc8ace5bd2f8b0b185898e42649829fd86f1c1f270d3596f3d41ae4c34f5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 426
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jan 2020 07:18:09 GMT
server: nginx
etag: "49b-59c50be65ab20-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 271ms
184ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10858407252

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f38cb1fbc3c4590541b90ad9b2de8a16c2cd49f0910267c5e2c2477c4a024743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82797
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 prod-global-551817.js Show response
rtbcdn.andbeyond.media/ 290 KB
24 KB 780ms
680ms Script
text/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e938f3e7121f845d5f8a92b1e5d084829a3dcfc075e7d7484a9a6fd5936667e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: gjNhAQ11HMmB8C0wMmxG0BmngBw0F5rP
content-encoding: br
via: 1.1 varnish
date: Fri, 05 Jan 2024 04:17:55 GMT
x-amz-request-id: 6EB0Y14DP2QX7ZZZ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 24356
x-amz-id-2: ikKtkDItxW38PNAKZCBDePdC13BXu/hmnb+CI0RQH1K3awsk6hWwVbUzkQ0PN3wj+vZwEcVeOas=
x-served-by: cache-fra-etou8220101-FRA
last-modified: Sat, 25 Nov 2023 06:35:38 GMT
server: AmazonS3
x-timer: S1704428275.030382,VS0,VE642
etag: "9abf2d1c6e285b6a048013cec29ed092"
vary: Accept-Encoding
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 90 KB
29 KB 189ms
83ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4f2a0cf4380d7f723b76c7a3f215f34788035abd0f78e40fe9a594d7dc1e011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29394
x-xss-protection: 0
server: cafe
etag: 586 / 19727 / m202312070101 / config-hash: 147569701560198365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
51 KB 196ms
118ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80236651-1

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

64229b60017b665467fe4d72964be46b7e778496264ca812f06cd82e15d21dbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 print.css
www.upmedia.mg/css/ 615 B
732 B 40ms
39ms Stylesheet
text/css 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/css/print.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

fe20a993ae539a56ec5c5f6e9991a77eb9874de4aefb05e91addf16e10142a8b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 365
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Mar 2017 07:23:07 GMT
server: nginx
etag: "267-54b4ca1c20cc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 130 KB
50 KB 218ms
140ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WBZTZ3M

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

774915e94f884108351342686d8d979dd97fbf2f821185d4c522e80b008c09bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50596
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 132ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
date: Fri, 05 Jan 2024 04:17:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54345
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: PCRvEZjJQfXOf7xyT25JF0cqk+ch/vwblb+5Mbkb1v9pmo/xKL4e8Gc/C7TizDBPhbogL2BrgHszD0DzC37hPw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 03:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1778
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Jan 2024 05:48:17 GMT

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 128ms
40ms Script
application/javascript 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 02:10:18 GMT
content-encoding: gzip
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P5
age: 7678
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: gwxNeKv9HLtx-4_wFEljj385m2jUH2S4-p7BTeYTIkT8TBx7Avjk2A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 348 KB
95 KB 248ms
169ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9F4QDN&timestamp=1704428274920

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8ab188cfb207f0d2fd5895aea864b0edd0c3ab20196275fca5253046fab51af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97255
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
59 KB 132ms
53ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1704428274920

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3688320685f45f6cc8b3682a78245467fc437d62d51355b89e6f597e4ae0a23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60245
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 pvmax.js Show response
api.pvmax.net/v1.0/ 77 KB
24 KB 146ms
49ms Script
application/javascript 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pvmax.net/v1.0/pvmax.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d50750bfd26f65c0f76691d3deef3ab1acb2cc26bdc200504d3ac3e271cb6411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1678772262
age: 3042
cf-polished: origSize=79153
x-guploader-uploadid: ABPtcPoxVDX0lcmU9eB5_vm4iFlA1CXvyvg3O7AffBZSstRRenSOwqx5bn0spjrxl_GHYUF2r7cM9CCwFg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Tue, 14 Mar 2023 05:37:45 GMT
server: cloudflare
etag: W/"ce2f334ad4cd77b92144bb9df369a186"
vary: Accept-Encoding
x-goog-generation: 1678772265158236
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=JoDuaw==, md5=zi8zStTNd7khRLud82mhhg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 79153
cf-ray: 8408ea0ef8401c05-FRA
expires: Fri, 05 Jan 2024 03:35:11 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e1357c818d956fe67c5ef3b96f1f47f2d8e145c54412cc1deef78cc7142525a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 04:17:55 GMT
content-md5: 3fufdubgmdtKBLA7H/OnDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: X5jMq/7QEhJ9vlv1ntrNmDoJZ3jLt3+ATLrYEqfwrFHRLsJBsMNc1C2OkfOmGtlnkzajymHZq8So9TWIFDv1Ug==
x-fb-content-md5: 36686c269d4f586046c5b5b5665e2366
cross-origin-opener-policy: same-origin-allow-popups
etag: "4c4b7615e17b7e01585def45ca6a6d45"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 05 Jan 2024 04:18:27 GMT

GET
H2 200 mail.png
www.upmedia.mg/images/ 3 KB
3 KB 40ms
39ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/mail.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

7f523921b7e888f3e482e56d75c93f14b76dd9a20decf4b8f37d2a9542abb5cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3172
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
etag: "c36-550173454dd00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.modal.css
www.upmedia.mg/jquery-modal/ 4 KB
2 KB 40ms
39ms Stylesheet
text/css 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/jquery-modal/jquery.modal.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

70270e26cdc41ff47602e2bcdc1f24d740da3330e6466cd472c24b6821e93885

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1920
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Dec 2019 02:56:12 GMT
server: nginx
etag: "e05-598d7f48fd210-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20231208220402674463.jpg
www.upmedia.mg/upload/ad/ 71 KB
71 KB 47ms
39ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/ad/20231208220402674463.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

be90698b08cf8091fe3aca6886cf520014327ff4e1c69f2fed194b0c197cb874

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Fri, 08 Dec 2023 14:04:02 GMT
etag: "11d31-60c000e7ab500-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240105101305802329.jpg
www.upmedia.mg/upload/article/ 422 KB
423 KB 289ms
281ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20240105101305802329.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

09516b3d1aeadac79acfe777d0caac94dd2007ae3e4a04838b45f63186b9e3e6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: MISS
x-xss-protection: 1; mode=block
last-modified: Fri, 05 Jan 2024 02:13:05 GMT
server: nginx
etag: "698c3-60e29637df4d8-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240104181509696858.jpg
www.upmedia.mg/upload/article/ 463 KB
465 KB 529ms
521ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20240104181509696858.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

3043d22b2fa30770a01a86cbcbfc9b5f8fa6443f5a389566cf640c7d27b08e15

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Thu, 04 Jan 2024 10:15:09 GMT
etag: "73d48-60e1c01a629e0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240105114006504187.jpg
www.upmedia.mg/upload/article/ 337 KB
337 KB 526ms
519ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20240105114006504187.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

5775210722b04af6444db7329d52aa668f4470eb9e48af3d827efdd5c75fcc38

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Fri, 05 Jan 2024 03:40:06 GMT
etag: "543cf-60e2a9aabc6a0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: MISS
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20240102180138551279.png
www.upmedia.mg/upload/article/ 419 KB
415 KB 49ms
42ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20240102180138551279.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

15380afad9acb04107242637c714e0a35d176df892afb92ebe8ffbc49370452c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Tue, 02 Jan 2024 10:01:38 GMT
etag: "68d13-60df3959e4ed0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20231230175841141483.jpg
www.upmedia.mg/upload/article/ 292 KB
281 KB 83ms
76ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20231230175841141483.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

152e9c469c48f72f62d6fdc2655ae1a2836e2ca4585abf57dd43fec7d98eea6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Sat, 30 Dec 2023 09:58:41 GMT
etag: "48f0a-60db731852ea0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20231228145019789413.jpg
www.upmedia.mg/upload/article/ 456 KB
445 KB 83ms
76ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20231228145019789413.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

12848b451a2e726fc8821d1d3564f11023e451ed77c4ecb0ea29938a673b3704

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Thu, 28 Dec 2023 06:50:19 GMT
etag: "71e32-60d8c5439a370-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20231226164029066510.png
www.upmedia.mg/upload/article/ 475 KB
470 KB 83ms
76ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20231226164029066510.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

4d9d125c18a5f900841261eff7da0d2edc3b6563a0f6cf06692285ca3b5fe0eb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Tue, 26 Dec 2023 08:40:29 GMT
etag: "76ab7-60d65a27ccd90-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20231226145219880598.jpg
www.upmedia.mg/upload/article/ 442 KB
429 KB 83ms
77ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20231226145219880598.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

46185fbafe0ecfdb9d2fbaada40103c2a75c2248782174ada4f687f7decbaf9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Tue, 26 Dec 2023 06:52:20 GMT
etag: "6e6b4-60d641fb37810-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20220601125901562249.jpg
www.upmedia.mg/upload/article/ 438 KB
426 KB 84ms
77ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20220601125901562249.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

66b8f2fb39029419b8fbcaac2798310101f3f4db05c89cea4809c99504e58e6a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Wed, 01 Jun 2022 04:59:01 GMT
etag: "6d955-5e05bbf6b3810-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20231230204031428445.jpg
www.upmedia.mg/upload/article/ 314 KB
298 KB 84ms
77ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/upload/article/20231230204031428445.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

9cdb5ec10c06e04d59cb9ffc3ee1f189e93dcd9a1d131e707735bf36220cf58d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Sat, 30 Dec 2023 12:40:31 GMT
etag: "4e8c5-60db9744c6350-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
www.upmedia.mg/js/ 90 KB
40 KB 81ms
75ms Script
application/javascript 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/jquery.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Sat, 27 Jul 2019 10:35:52 GMT
etag: "169d5-58ea739165200-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 owl.carousel.min.js Show response
www.upmedia.mg/js/ 22 KB
8 KB 81ms
75ms Script
application/javascript 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/owl.carousel.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

970039be8affcc2a4784a06e910565bd7511b6743376371298fd01b91e417223

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 7980
x-xss-protection: 1; mode=block
last-modified: Fri, 17 Jan 2020 07:38:50 GMT
server: nginx
etag: "5984-59c510864fb68-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logonew.png
www.upmedia.mg/images/ 22 KB
8 KB 83ms
77ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/logonew.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

523a5fb369d89cf63830b479941136c43333a1b5de77501e936efe6a7b4761ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 8249
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Aug 2019 03:19:51 GMT
server: nginx
etag: "5698-59083edf623c0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.modal.js Show response
www.upmedia.mg/jquery-modal/ 8 KB
3 KB 81ms
75ms Script
application/javascript 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/jquery-modal/jquery.modal.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

5e7df6c60a179d2271ef21754dcd1616423c59bba9164972968ac72c17aed020

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 2739
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Dec 2019 02:36:26 GMT
server: nginx
etag: "1ef9-598d7ade03198-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 141ms
47ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3279811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJuVF9NF54UtTNewBVSIAItBMNUyKxqXuc6NANIqmccCDPUO7qCIIWtsBU%2FFFeHEvHILGhK6GN86%2FkpDRIffWaVnlZGLi%2BkSUgKDJP8aiRf%2BBEl%2B4chvIlMeXDK0nNdFYqDcEbYvZXPuxVd9Qy43czXT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8408ea0fc8f53659-FRA
expires: Wed, 25 Dec 2024 04:17:55 GMT

GET
H2 200 script.js Show response
www.upmedia.mg/js/ 3 KB
2 KB 80ms
76ms Script
application/javascript 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/script.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

dfd68e03d7b553507febb49143ed808b0cb300d962a6203781b4735a678dcef2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 1180
x-xss-protection: 1; mode=block
last-modified: Sat, 27 Jul 2019 13:50:56 GMT
server: nginx
etag: "c75-58ea9f2b33000-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 clipboard.min.js Show response
www.upmedia.mg/js/ 9 KB
4 KB 80ms
76ms Script
application/javascript 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/js/clipboard.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3626
x-xss-protection: 1; mode=block
last-modified: Fri, 22 Apr 2022 08:40:26 GMT
server: nginx
etag: "234a-5dd3a2d92f280-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 158ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67A7) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:55 GMT
Content-Encoding: gzip
Age: 72
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/67A7)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 75 KB
21 KB 149ms
49ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

892932278d65bb0621657e099c3528a7ddb08b1d32f12046016e6d0a79c27d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9634
x-jsd-version: 11.10.2
content-encoding: br
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21932-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"12b58-d2czgst/w0Rv1Z/9hGMmW9HFPvQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e6Ob9B2LFdogy0HOCxdgoevBCTVVeit%2BU1020gSQRye0bT22aCPPnSLjJ9s9Z%2FgTK8cPulyyYOUJH1AFEdfOM48UWRLuGPRy8gr49ORlEBiiEpJY9ALs5jlKlTd3ApLtMVjF2JCsrLizQ0gXCMk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8408ea0fdfb29bbf-FRA

GET
H2 200 social2.png
www.upmedia.mg/images/ 4 KB
4 KB 81ms
78ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/social2.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

3c0f5260093d770d9f37b112bc019f2f9e71984903ab4b11ba27890e9019e2b3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 4024
x-xss-protection: 1; mode=block
last-modified: Tue, 25 Sep 2018 03:13:31 GMT
server: nginx
etag: "f94-576a97d856cc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 search.png
www.upmedia.mg/images/ 3 KB
4 KB 81ms
78ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/search.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

192742672a5a9bb357b5b6d1d8a850e838634ac7ce9f5647472a74cc9ac0b759

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3231
x-xss-protection: 1; mode=block
last-modified: Mon, 22 May 2017 06:44:36 GMT
server: nginx
etag: "c73-550173454dd00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 52ms
51ms Image
text/plain 18.239.83.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=24610009&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1704428275067&ns_c=UTF-8&c7=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&c8=%E5%90%88%E6%B3%95%E4%BA%A4%E6%98%93%E6%89%80%E6%B7%AA%E8%A9%90%E9%A8%99%E6%BA%AB%E5%BA%8A%E3%80%80%E3%80%8CACE%E7%8E%8B%E7%89%8C%E3%80%8D%E8%B3%A3%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%E8%A9%9010%E5%84%847%E4%BA%BA%E9%81%AD%E8%81%B2%E6%8A%BC%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E7%84%A6%E9%BB%9E&c9=
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-98.ams58.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
via: 1.1 2f7ba54d76b215238a170acfd87327d6.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: AMS58-P5
x-amz-cf-id: l_d-qC90pYzOGxCR_YKbH1_7u1QvQlu8b2qZhSo8rnPlYb_59kGOgw==
x-cache: Miss from cloudfront

GET
H2 200 peek
pvmax.tenmax.io/kiangi/ 0
266 B 2452ms
317ms Image
application/json 35.186.245.165
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pvmax.tenmax.io/kiangi/peek?siteId=6e38eb73-9747-4973-a041-1e42effc8860&ref=https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749&canonical=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&ogurl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&loc=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&cacheBuster=1704428275074
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.245.165 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.245.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Jan 2024 04:17:57 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: application/json;charset=UTF-8

GET
H2 200 EEDdbjTdy7c Show response
www.youtube.com/embed/ Frame E89D 94 KB
41 KB 214ms
120ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f0f4648d859154eaa5756f3aa53477880e5b196a940eceeeb7c872bd90f859d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-SG_2z3aV_meW8i060vqCrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 04:17:55 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK upmedia_tw.js Show response
api.popin.cc/searchbox/ 148 KB
38 KB 1199ms
583ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/upmedia_tw.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 52f77053aeac5db39deac325f3814adf1e904aca0c6d9abe75f7ef3c55405929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:55 GMT
x-amz-version-id: FN9V02LSl3Jky_wV6faqVOjAQSGvWQ72
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 03 Jan 2024 03:49:55 GMT
Server: nginx
ETag: W/"25457d6c63c9f5ce4f82fa7c4d9b5dc5"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 05 Jan 2024 05:17:55 GMT

GET
H2 200 ic_um_like.png
www.upmedia.mg/images/ 222 B
561 B 82ms
82ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/ic_um_like.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

4c66cf58bddf9101dd5e3d83235728a64c8e7ef7032c4bcbbcc91b8aa7dcac18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 193
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Apr 2018 09:13:13 GMT
server: nginx
etag: "de-56abccc079c40-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon_big_color.png
www.upmedia.mg/images/ 6 KB
5 KB 83ms
82ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/icon_big_color.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

c3d257d95652655b6205c366c3a83df0edf40c6e82013adff9284354720cadfd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 5131
x-xss-protection: 1; mode=block
last-modified: Sun, 12 Jun 2022 03:21:12 GMT
server: nginx
etag: "169b-5e137a9d03a00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 132ms
40ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 16:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 475471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 16:13:24 GMT

GET
H2 200 uuid_iframe.php Show response
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame A82B 2 KB
1 KB 412ms
309ms Document
text/html 34.96.95.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.95.4 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 917
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 61ms
59ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10858407252&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1704428274920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a9bb72d57b0023edad692359d5eee11c4930b400fda64116c47ca609daad3ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82783
x-xss-protection: 0
last-modified: Fri, 05 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 131 KB
50 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-80236651-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1704428274920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ddedd642480ef6b72ffe45e23df552f60aefdcf4af281cdb864993cc88e2180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51263
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 269 KB
90 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DQPHBPSR3Q&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1704428274920

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aad250d7b68535456c576dadf8c1851d4ec5375908a4d13f7e97da2e4cc663ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H3 200 313650067413903 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 102ms
101ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/313650067413903?v=2.9.139&r=stable&domain=www.upmedia.mg

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54bd3e8c92eda6bcc148ef2f9e5c839f486cf4ce9f69bcedf115efd77046524d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 05 Jan 2024 04:17:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: ErfxMD8qXrYBq9gcezuPOPMvHTIn7KDWwp1Yg7RVyZZmB53APbzj0UNXFnVlYU2KpwZs0XOgv3qBZeVFuugIXA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:34:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24231
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 03 Jan 2025 21:34:04 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 303 KB
87 KB 83ms
41ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=badc2f4512f3bcd8194c65897111ba1c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6d73deec54e4aeacef135bdbb5d58b3e9303bcf034f7782764b7d1e70c2454ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 04:17:55 GMT
content-md5: YOMUcgoiQb/miI8EWvNmNA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88490
reporting-endpoints
x-fb-debug: 9GgBa+1utu+TSE722S7APBU2BCOIogxXM+RGF8xrOgV1FSyQmeB2cKU/hqfRuRQ8k6vuEYxD8fCdh1nG3sffNA==
x-fb-content-md5: f2b0e88d11a2838f9615918f20657c50
cross-origin-opener-policy: same-origin-allow-popups
etag: "15535c1d564d245b4ab7663d95ea5b69"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 03 Jan 2025 23:57:46 GMT

GET
H2 200 footer_social.jpg
www.upmedia.mg/images/ 35 KB
28 KB 41ms
39ms Image
image/jpeg 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/footer_social.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

6992d83fcac1c28fa9b9c3ec90974607559550e5f92eb6074452936f0e2686d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
last-modified: Mon, 22 May 2017 06:44:36 GMT
etag: "8b2a-550173454dd00-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
x-sucuri-cache: HIT
cache-control: max-age=315360000
x-sucuri-id: 15003
x-xss-protection: 1; mode=block
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gotop.png
www.upmedia.mg/images/ 3 KB
3 KB 42ms
40ms Image
image/png 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.upmedia.mg/images/gotop.png

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/style-new-v4.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

71c96af12567c3c09cbe6d4b1172b5e11ffe3c2d7a7a37aeb70ef790a66dd6db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/css/style-new-v4.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:54 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
x-sucuri-cache: HIT
content-length: 3140
x-xss-protection: 1; mode=block
last-modified: Sun, 28 Jul 2019 04:37:38 GMT
server: nginx
etag: "c15-58eb655c94880-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15003
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 33 KB
34 KB 126ms
39ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.119.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5b585fa33bbf00e29420d3306dd6aa96e58a91060b9854980f9e057dbae16a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:27:47 GMT
x-content-type-options: nosniff
age: 258608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34128
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 04:27:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
207 B 55ms
54ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1492994485&t=pageview&_s=1&dl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&ul=en-us&de=UTF-8&dt=%E5%90%88%E6%B3%95%E4%BA%A4%E6%98%93%E6%89%80%E6%B7%AA%E8%A9%90%E9%A8%99%E6%BA%AB%E5%BA%8A%E3%80%80%E3%80%8CACE%E7%8E%8B%E7%89%8C%E3%80%8D%E8%B3%A3%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%E8%A9%9010%E5%84%847%E4%BA%BA%E9%81%AD%E8%81%B2%E6%8A%BC%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E7%84%A6%E9%BB%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABEAAAACAAI~&jid=369486262&gjid=1616827485&cid=317687571.1704428275&tid=UA-80236651-1&_gid=284950230.1704428275&_r=1&gtm=457e4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1939758786

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-80236651-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 05 Jan 2024 03:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1778
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 05 Jan 2024 05:48:17 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 90 KB
29 KB 116ms
116ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBZTZ3M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e07437fb45e9859c791fb44505108c8d4556937ae5e02ea668df99174cb6869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29398
x-xss-protection: 0
server: cafe
etag: 893 / 19727 / m202312070101 / config-hash: 147569701560198365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
1 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-puc1cbAEx2O4RmVCl100MA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 48ms
47ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4676570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sIKT9fDmcWXS%2BJwS24fZZ%2BUrJV9%2BMTHCNlY1zU5kIbY1AGyXoFuP%2FUxHgofCG0SyNZP2fp6zZu5%2Bo%2BX4zjOHSgGMNGMJOnGAUUeUelyD6C7FUY%2F1OXnk6NRF9EaeugROdSmgMwcp9dWkBRWJxDZVOAfI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8408ea112c2b3659-FRA
expires: Wed, 25 Dec 2024 04:17:55 GMT

GET
H2 200 avivid_pseudo_native_subscribe.css
avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/ 444 B
557 B 163ms
49ms Stylesheet
text/css 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/avivid_pseudo_native_subscribe.css
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2017 02:54:19 GMT
server: cloudflare
age: 6199
etag: W/"1e0019-1bc-55d0b38977fa5"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 8408ea11eac465d7-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 uuid_iframe.php Show response
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame D533 2 KB
971 B 309ms
309ms Document
text/html 34.96.95.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.95.4 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 917
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:55 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 ios_water_webpush_v21.js Show response
avivid.likr.tw/api/ 244 KB
57 KB 160ms
54ms Script
text/javascript 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/api/ios_water_webpush_v21.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757857ebe0cb650050be4c105dbe0a767079ebaaa088a867fbf3ed140c86653c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 08:02:38 GMT
server: cloudflare
age: 432
etag: W/"a43986-3d01a-60c73b509ba2f"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8408ea11eac665d7-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 www-player.css
www.youtube.com/s/player/da154528/ Frame E89D 358 KB
47 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 02:09:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47436
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 02:09:35 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/da154528/www-embed-player.vflset/ Frame E89D 322 KB
97 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:57:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 03:57:22 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame E89D 2 MB
768 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 08:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786305
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:24:57 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10858407252/ 3 KB
2 KB 147ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10858407252/?random=1704428275397&cv=11&fst=1704428275397&bg=ffffff&guid=ON&async=1&gtm=45be4130v9105098311&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&hn=www.googleadservices.com&frm=0&tiba=%E5%90%88%E6%B3%95%E4%BA%A4%E6%98%93%E6%89%80%E6%B7%AA%E8%A9%90%E9%A8%99%E6%BA%AB%E5%BA%8A%E3%80%80%E3%80%8CACE%E7%8E%8B%E7%89%8C%E3%80%8D%E8%B3%A3%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%E8%A9%9010%E5%84%847%E4%BA%BA%E9%81%AD%E8%81%B2%E6%8A%BC%20--%20&auid=522058696.1704428275&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10858407252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e25253ee10b0bbfaaf8af60858e4189cc56f88c62a961b539f853402099f098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1427
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 138ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DQPHBPSR3Q&gtm=45je4130v871127687&_p=1704428274919&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=317687571.1704428275&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704428275&sct=1&seg=0&dl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&dt=%E5%90%88%E6%B3%95%E4%BA%A4%E6%98%93%E6%89%80%E6%B7%AA%E8%A9%90%E9%A8%99%E6%BA%AB%E5%BA%8A%E3%80%80%E3%80%8CACE%E7%8E%8B%E7%89%8C%E3%80%8D%E8%B3%A3%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%E8%A9%9010%E5%84%847%E4%BA%BA%E9%81%AD%E8%81%B2%E6%8A%BC%20--%20%E4%B8%8A%E5%A0%B1%20%2F%20%E7%84%A6%E9%BB%9E&en=page_view&_fv=1&_ss=1&_ee=1&ep.content_group=top&tfd=2031
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQPHBPSR3Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 151ms
49ms Ping
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DQPHBPSR3Q&cid=317687571.1704428275&gtm=45je4130v871127687&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DQPHBPSR3Q&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 139ms
50ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DQPHBPSR3Q&cid=317687571.1704428275&gtm=45je4130v871127687&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=506607131

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recmd Show response
pvmax.tenmax.io/kiangi/ 29 KB
8 KB 2148ms
360ms Script
application/javascript 35.186.245.165
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pvmax.tenmax.io/kiangi/recmd?widgetId=8eb438d4-b9e7-4757-87ec-d3d7912acd82&ref=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&canonical=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&ogurl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&loc=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&pvsid=668fe020-ab81-11ee-baa8-ad0f922c74e3&cacheBuster=1704428275490&callback=jsonp_callback_1704428275072
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.245.165 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.245.186.35.bc.googleusercontent.com
Software: /
Resource Hash: d31ea67fc058798ed7aabcb9a1de49a790038940042873121617f643c4a948c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:57 GMT
content-encoding: gzip
via: 1.1 google
pvmax_time: 1704428277
pvmax_categories: ["IAB19"]
pvmax_impid: [{"rid":"23f8f802e628d6eb7932a99534cd13ed","dsType":"content","pinnedPosition":null},{"rid":"957854439826abbd7f188a4dd307deb6","dsType":"content","pinnedPosition":null},{"rid":"f998639b6a7204446a08e462058f4ed2","dsType":"content","pinnedPosition":null},{"rid":"71557343375e2bca8d709a2b6bd9b2b4","dsType":"content","pinnedPosition":null},{"rid":"ad9c4b615762b8d77194541e3a9fe6c8","dsType":"content","pinnedPosition":null},{"rid":"c19b76cee14194849bee2e546e01713d","dsType":"content","pinnedPosition":null},{"rid":"2ecce966d95d3cf67bbe82576bb98b32","dsType":"behavior","pinnedPosition":null},{"rid":"e13fe033297313be1e2d31efa3310833","dsType":"behavior","pinnedPosition":null},{"rid":"93d51c3df8a896bb34a6dd37eeb8f3ed","dsType":"behavior","pinnedPosition":null},{"rid":"8dc48184888bf592e838acf117513bdd","dsType":"hot","pinnedPosition":null},{"rid":"3d711e822a2b85795286b429f5b06e49","dsType":"hot","pinnedPosition":null},{"rid":"432f658aae80c0c5fa13ba384c98b7cc","dsType":"hot","pinnedPosition":null}]
pvmax_ref: https://www.upmedia.mg/news_info.php?SerialNo=191749&Type=24
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pvmax_widgetid: 8eb438d4-b9e7-4757-87ec-d3d7912acd82
pvmax_rid: 39d3428eaf4a09ee6dd468855fe9ad3c
pvmax_desktoptag: grid-3
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
pvmax_impcount: 12
pvmax_siteid: 6e38eb73-9747-4973-a041-1e42effc8860
pvmax_mobiletag: sandwich
pvmax_sessionid: 668fe020-ab81-11ee-baa8-ad0f922c74e3
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
pvmax_region: tw
pvmax_tplid: 317

POST
H2 200 bottom_ad.php Show response
www.upmedia.mg/ 382 B
502 B 593ms
592ms XHR
text/html 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/bottom_ad.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

c0c71676fd900840c2698979462826c6b244e220f06bd8a1622cd1d23986ce3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-sucuri-id: 15003
content-length: 142
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 right_ad.php Show response
www.upmedia.mg/ 139 B
360 B 553ms
552ms XHR
text/html 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/right_ad.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

024072911215ced86db1ae2792e038499e2f1c28913a514731eaa9611c973046

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-sucuri-id: 15003
content-length: 126
x-xss-protection: 1; mode=block

POST
H2 200 right_ad_4.php Show response
www.upmedia.mg/ 14 B
267 B 536ms
535ms XHR
text/html 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/right_ad_4.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

4ef78091d8ec82bc91f8d492162c93bf5e4f10918aec5a02f91d6bb510e0c875

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-sucuri-id: 15003
content-length: 34
x-xss-protection: 1; mode=block

POST
H2 200 JQ.Articlecnt.php Show response
www.upmedia.mg/jquery/ 0
206 B 551ms
551ms XHR
text/html 192.124.249.153
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.upmedia.mg/jquery/JQ.Articlecnt.php

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.153 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10153.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
x-sucuri-id: 15003
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame C528 319 KB
104 KB 40ms
40ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.upmedia.mg
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2112965
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 05 Jan 2024 04:17:55 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
349 B 121ms
48ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-80236651-1&cid=317687571.1704428275&jid=369486262&gjid=1616827485&_gid=284950230.1704428275&_u=aEBAAUAAEAAAACAAI~&z=1615755563

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E89D 15 KB
15 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 341165
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 05:31:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E89D 15 KB
15 KB 47ms
46ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 241721
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:09:14 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 128ms
40ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=313650067413903&ev=PageView&dl=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rl=&if=false&ts=1704428275553&sw=1600&sh=1200&v=2.9.139&r=stable&ec=0&o=4126&fbp=fb.1.1704428275551.1490815832&ler=empty&it=1704428275175&coo=false&rqm=GET

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 05 Jan 2024 04:17:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 181ms
88ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 21 Dec 2023 07:50:16 GMT
server: nginx
etag: W/"6583ee38-a9b8"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 06 Jan 2024 04:17:55 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 138ms
43ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 05:37:13 GMT
content-encoding: gzip
via: 1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 81643
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: RVjF29g2oxijsugFlPLW7Bg_X_q46tYsIAZXWUvL7nX2CLLmiByB8Q==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 153ms
40ms Script
text/javascript 2600:9000:2250:d400:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:d400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 05 Jan 2024 03:20:47 GMT
Via: 1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 3429
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: tMkef67xBWXiqtfKffh8wSWIqhf3C3aQ57e7OICF4S6_UUeskPyX7w==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 134ms
39ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 18:27:07 GMT
content-encoding: gzip
age: 2541048
x-guploader-uploadid: ABPtcPrGkX9WdEfraM_2GOgvO4XFku4h6LV8hSZGRCBWDldVHkLv6s4LjI-J4Ekw5y2K4Y2B5aE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 18:27:07 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 152 KB
34 KB 149ms
49ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 07 Dec 2023 12:57:20 GMT
server: cloudflare
x-amz-request-id: A1NQNZWYYD8RDPVZ
age: 2055
etag: W/"5fcefeebf5ddc7b2ddf2435967e63de9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 8408ea13ce8f30db-FRA
x-amz-id-2: uPJIzcgfcqFH+YgEf4wMWt8G4wxOM1qewTig3jxzXzhPxlApJLSAQY3FLpXys8LRgrAOVdUehKfW9g51wad6xg==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
782 B 48ms
47ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3261
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230132-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NRiZ7mPumLuBnsqrpuM0Ng%2BuWONcIlJkgdtl%2Bl%2FOVPwsYkPsVFiKxNy%2BUhY4zQl9B0o9hb6CcHwelzCRDsvxfKeU9pfwILvb2%2BrXwy2bQ5ydCU6e5I38xP3iV6lUdqzWIRhwfuKBidn56PVNo4I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8408ea1299149bbf-FRA

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/da154528/www-widgetapi.vflset/ 216 KB
67 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 04 Jan 2025 04:17:55 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C528 935 B
685 B 229ms
142ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=20206c2a2676aa190bc94efb10efd8293b2ff277

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.upmedia.mg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

5481765f622b39403585a7949bf7c5fd1809b0545e9cbc548d51960826170d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 05 Jan 2024 04:17:55 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 67e3a04d82bc9006
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: f15b375fb115f28049142f45842bfa460a4f282605fbffd5a6afd0fc5925ad13
content-length: 363

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 143ms
55ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-80236651-1&cid=317687571.1704428275&jid=369486262&_u=aEBAAUAAEAAAACAAI~&z=1828329177

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 53ms
52ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-80236651-1&cid=317687571.1704428275&jid=369486262&_u=aEBAAUAAEAAAACAAI~&z=1828329177

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10858407252/ 42 B
154 B 115ms
76ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10858407252/?random=1704428275397&cv=11&fst=1704427200000&bg=ffffff&guid=ON&async=1&gtm=45be4130v9105098311&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&frm=0&tiba=%E5%90%88%E6%B3%95%E4%BA%A4%E6%98%93%E6%89%80%E6%B7%AA%E8%A9%90%E9%A8%99%E6%BA%AB%E5%BA%8A%E3%80%80%E3%80%8CACE%E7%8E%8B%E7%89%8C%E3%80%8D%E8%B3%A3%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%E8%A9%9010%E5%84%847%E4%BA%BA%E9%81%AD%E8%81%B2%E6%8A%BC%20--%20&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ffUveCMoDhrAuxAs6vN5QbH-DJAQJA&random=353760970&rmt_tld=0&ipr=y

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10858407252/ 42 B
154 B 49ms
49ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10858407252/?random=1704428275397&cv=11&fst=1704427200000&bg=ffffff&guid=ON&async=1&gtm=45be4130v9105098311&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&frm=0&tiba=%E5%90%88%E6%B3%95%E4%BA%A4%E6%98%93%E6%89%80%E6%B7%AA%E8%A9%90%E9%A8%99%E6%BA%AB%E5%BA%8A%E3%80%80%E3%80%8CACE%E7%8E%8B%E7%89%8C%E3%80%8D%E8%B3%A3%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%E8%A9%9010%E5%84%847%E4%BA%BA%E9%81%AD%E8%81%B2%E6%8A%BC%20--%20&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ffUveCMoDhrAuxAs6vN5QbH-DJAQJA&random=353760970&rmt_tld=1&ipr=y

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame 88C4 3 KB
1 KB 1024ms
927ms Document
text/html 2606:4700:10::6816:3af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8408ea13fe1e30e8-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:56 GMT
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame 6407 3 KB
2 KB 1005ms
910ms Document
text/html 2606:4700:10::6816:3af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8408ea13fe1d30e8-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:56 GMT
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 20180920000003.json Show response
avivid.likr.tw/settings_file_json/ 5 KB
2 KB 970ms
889ms XHR
application/json 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/settings_file_json/20180920000003.json
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6f8add01e7b10ae197bfc322df9ca12adf6d880dfc585f96c79d7aaf1f0ded

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 05 Jan 2024 04:10:03 GMT
server: cloudflare
etag: W/"1c4b72-15eb-60e2b05c6a80c"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 8408ea13dee85d61-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 upmedia.json Show response
avivid.likr.tw/ios_onpage_switch_file/ 2 KB
571 B 1005ms
924ms XHR
application/json 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/ios_onpage_switch_file/upmedia.json
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad1436883ae57b803de89c2faba1f01ad21b733fb80609c52b8d3f63e673877

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 05 Jan 2024 04:00:01 GMT
server: cloudflare
etag: W/"367c8-716-60e2ae1e2e382"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8408ea13deeb5d61-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 20180920000003.json Show response
avivid.likr.tw/settings_file_json/ 5 KB
2 KB 1003ms
923ms XHR
application/json 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/settings_file_json/20180920000003.json
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6f8add01e7b10ae197bfc322df9ca12adf6d880dfc585f96c79d7aaf1f0ded

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 05 Jan 2024 04:10:03 GMT
server: cloudflare
etag: W/"1c4b72-15eb-60e2b05c6a80c"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 8408ea13deec5d61-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E89D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

47ms
47ms

XHR
application/json

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ea310526754f1c40cbd0e5e02daa576916738ad23ddfc30b77bdc6f4961cade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E89D 29 B
495 B 147ms
39ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:06:11 GMT
x-content-type-options: nosniff
age: 704
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 05 Jan 2024 04:21:11 GMT

GET
H2 200 avivid_topics.html Show response
auto-load-balancer.advividnetwork.com/ Frame 8E66 62 KB
12 KB 421ms
329ms Document
text/html 2606:4700:10::6816:3bf9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.advividnetwork.com/avivid_topics.html?web_id=upmedia&uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3bf9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c3f22be5182e9b846e11ba021d213598d2dd8371002c0e725df2caa30d0afc

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8408ea1408749a0f-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 05 Jan 2024 04:17:56 GMT
last-modified: Tue, 05 Dec 2023 04:37:21 GMT
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 142ms
47ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 05 Jan 2024 04:17:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E89D 86 KB
40 KB 54ms
53ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7fe1f0de8262a510e0db041c52569fe71dd3e24d25ec105d8a7aa5eca8084c5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40677
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame E89D 98 KB
34 KB 111ms
111ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

7b7afaefa86a84a0ac9e2fd396fd5dbdf082b39148235e03093ab6b1eb82535e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231217.00.00
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34447
x-xss-protection: 0
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2 200 Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js Show response
www.google.com/js/th/ Frame E89D 51 KB
20 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 00:32:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13533
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 00:32:22 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame E89D 52 KB
16 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:41:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23771
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16336
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 03 Jan 2025 21:41:44 GMT

GET
DATA 200
OK truncated
/ Frame E89D 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Usb3bV7SALfo05hyoPqTkK5il5aHuK1awUuuyGo3DTRw0BAGWkSC8Pry8CDHMEXW4ZZRrNk8kQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E89D 5 KB
5 KB 132ms
39ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Usb3bV7SALfo05hyoPqTkK5il5aHuK1awUuuyGo3DTRw0BAGWkSC8Pry8CDHMEXW4ZZRrNk8kQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3d0acbdbf663bf200a883d25af7a2b20e9688bc4293080cd0e655959ef5a69c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 02:50:22 GMT
x-content-type-options: nosniff
age: 5253
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4799
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Jan 2024 02:50:22 GMT

GET
DATA 200
OK truncated
/ Frame E89D 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f134627eb3f3bfc8c2cfa31b31d159f4a34d983f1c10fdf44137029bd79063f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame 852E 3 KB
1 KB 918ms
917ms Document
text/html 2606:4700:10::6816:3af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8408ea141e2930e8-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:56 GMT
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame C86C 3 KB
1 KB 909ms
908ms Document
text/html 2606:4700:10::6816:3af9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=c8ac6a0e-33ec-48bc-8380-951dc1770eff
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3af9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8408ea142e2a30e8-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 05 Jan 2024 04:17:56 GMT
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 check Show response
rtbdemand.apiip.net/api/ 169 B
396 B 296ms
191ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: abef6ffc61220379d3cd85339d0d566adcab9ac75f04afcd6952e03bcdca4de7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"a9-AUKZVF2yl0ALhsOZGG4xkHipsJI"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 8408ea14fda10a4d-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 prebid-regular.js Show response
rtbpass-us.andbeyond.media/ 610 KB
189 KB 178ms
38ms Script
text/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 030680d4f2f00af04f0833dfb31ddf08490896150ddd89c1bc547e10a21ad4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: br
via: 1.1 varnish
x-amz-request-id: 9NZBZF49NRDZ5F0Q
age: 85
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 193081
x-amz-id-2: 554JRh6WLOAEfi9nVInMIsfui60rNKFti8Qn78Rc5LB/yC7R9Yc4R2l9Qa9x/yKvoqqeWfflv2aEgBLKmkDzyA==
x-served-by: cache-fra-etou8220101-FRA
last-modified: Tue, 14 Nov 2023 03:54:27 GMT
server: AmazonS3
x-timer: S1704428276.029081,VS0,VE0
etag: "8a38c6b4939f2b15897e5a491ddac313"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 137ms
40ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:23:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3259
etag: W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified: Tue, 22 Nov 2022 17:41:01 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3703

GET
H/1.1 200
OK impstats.php Show response
prebid.andbeyond.media/ 69 B
293 B 829ms
217ms XHR
text/html 18.143.114.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.andbeyond.media/impstats.php?aff=551817&type=pv
Requested by: Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-551817.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.143.114.132 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-143-114-132.ap-southeast-1.compute.amazonaws.com
Software: Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 1c61c13437107fbd44d1d635de495343f36ea1f0e2535f4fc1b3e55ee0a20b7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 05 Jan 2024 04:17:56 GMT
Server: Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection: keep-alive
Content-Length: 69
Content-Type: text/html; charset=UTF-8

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E89D 28 B
54 B 56ms
52ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704428275882
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275686&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 05 Jan 2024 04:17:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 05 Jan 2024 04:17:55 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rid=esp&cc=1

85 B
194 B

151ms
150ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rid=esp&cc=1
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: b039de0e80f7c53bd86f110d909eabc03adcfbc8621e81b3d3bda6d726f60a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-NlvF5FBwkyD1ztzKusw9ztxq03U"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upmedia.mg
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 05 Jan 2024 04:17:56 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.upmedia.mg
location: /esp?url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B942 14 KB
6 KB 138ms
45ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.upmedia.mg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 04:17:55 GMT
server: Kestrel
server-processing-duration-in-ticks: 338102
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 130ms
40ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.upmedia.mg
date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 178ms
56ms XHR
application/json 54.246.43.192
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.246.43.192 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-43-192.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2d66b8ffeba26235dc47c0232095430c72810d91567b6d24795470305a73af41

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:56 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache
x-server: 10.45.3.79
access-control-allow-credentials: true
content-length: 60
expires: 0

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame E89D 0
19 B 48ms
47ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=397&cpn=1ZXV1NBrIDBDrqO3&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C4014%2C5499%2C4683%2C1360%2C945%2C7649%2C2008%2C4552%2C6946%2C3033%2C5178%2C1497%2C4474&cl=591746904&seq=1&docid=EEDdbjTdy7c&ei=84KXZZbVMYSni9oP65268AU&event=streamingstats&plid=AAYOKyHtNu0gNuUf&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FEEDdbjTdy7c%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26playlist%3DEEDdbjTdy7c&qclc=ChAxWlhWMU5CcklEQkRycU8zEAE&embargoed=0&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20231217.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.143:B,0.143:B&cat=streaming&cmt=0.009:0.000,0.143:0.000&vfs=0.143:397:397::r&view=0.143:978:550&bwe=0.143:130000&bat=0.143:1:1&vis=0.143:0&bh=0.143:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275686&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 171 KB
172 KB 241ms
91ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=video%2Fmp4&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=21108191&dur=987.899&lmt=1704420081741368&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgax9cAkf3P3PSPf04AcWNmZFAz96gvhKHDJ2ofP4San8CIBKZFw05M0XMP811w6gjxB6zEoq75FXJ79go5f81nVCQ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=0-175345&rn=1&rbuf=0&pot=IjiGtoa14yEERcXR8vXehcDs1PHi7N6F5YLT5ezM7tKwxcTcz_3F0czz1OTP88PRx9HU56OFwpO18g==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

40b884c867463baa440972d7416aec427050d565f53beb176ae78fccae9a428f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:56 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Fri, 05 Jan 2024 02:01:21 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 05 Jan 2024 04:17:56 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 66 KB
67 KB 209ms
61ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=14209842&dur=987.941&lmt=1704416062663306&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgHQHIyWuF8EB_dQ9umraEGdiWlp9R14z5bmjXWSzn2CcCIQCdF9MEOs9Xd2PrWZbNVa98u88lm-H4I9FdTcN_zG9k1A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=0-67474&rn=2&rbuf=0&pot=IjgLXAtfbsuJr0g7fx9Tb00GWRtvBlNvaGheD2EmYzg9L0k2QhdIO0EZWQ5CGU47SjtZDS5vT3k4GA==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ee7b59f5d8015e38d01dbf32da2b32c233e65553d5dffe350ef369d7d5b4b58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:56 GMT
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified: Fri, 05 Jan 2024 00:54:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/vnd.yt-ump
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21299
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Expires: Fri, 05 Jan 2024 04:17:56 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame E89D 116 KB
33 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 08:24:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330789
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33735
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:24:46 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame E89D 71 KB
24 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b09646c9055c9e2fa4cd89bc4c6f8a1e9758fcb3533195f7bd3d1128ab29c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 08:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24462
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:33:18 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame E89D 33 KB
8 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

649d4783db788733ac163b19b4fae88a8b4de7f0eab3a170929ca0053e070c8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 08:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 330277
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8358
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:33:18 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/ Frame E89D 69 KB
19 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2128aee4d84b2513a2041de5de6c02a512197a8015d97d745b72a7d37a69df0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 08:40:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18992
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 31 Dec 2024 08:40:59 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame E89D 36 KB
7 KB 267ms
266ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ed6f64d6c235e39942d7851ce64f1d68ab5cc00c60a933cb0e640eef0eb3e6c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20231217.00.00
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7014
x-xss-protection: 0
expires: Fri, 05 Jan 2024 04:17:56 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame E89D 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?W_c1EQ
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 47ms
47ms Preflight
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 05 Jan 2024 04:17:56 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame E89D 90 B
134 B 51ms
50ms XHR
application/json+protobuf 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4ea9713bd2194cea344cfd4e0ccbfdd7b7de07b0740be240079dafd065ae5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame B942
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=upmedia.mg&sn=ChromeSyncframe&so=0&topUrl=www.upmedia.mg&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_c_b5XwyMkdlUzcvMzVMUGF0aytkUVZPSTRSd1V1Yk9KaHpIVjRvVERuVmJkSTNqVU1BRUlqM2xRdWt2cG92M3NqRCsxcjVFQ0hKSmJhdS9QM3ZRQmpSSVhaWkVBdGxUOW9ZS2JRUHVuRk5DN3p3czV5NkhPRjFnenV6Mm...

425 B
655 B

50ms
49ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_c_b5XwyMkdlUzcvMzVMUGF0aytkUVZPSTRSd1V1Yk9KaHpIVjRvVERuVmJkSTNqVU1BRUlqM2xRdWt2cG92M3NqRCsxcjVFQ0hKSmJhdS9QM3ZRQmpSSVhaWkVBdGxUOW9ZS2JRUHVuRk5DN3p3czV5NkhPRjFnenV6MmlPMHV0cENFRytkUG5CRTJaOXAwUm1tcDZKNlZnMU5LclQxa1Q0elc4bXM1YndYRkxiNW1CSTVTMVlOdGhORU9PY3lHVHUrOTNQM3RkL0cweFlzOFB5ci9hdk5GUTNrVzdXYVcxSEZqREYwR2RFNWZBdWZoSldPczJMNmwxSmZCYjcvL2Fkd1Y0Ly9WOGZYcURqSk1MRS9LeTBJdmt2QT09fA&cppv=2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0fabf6e82315f347ff8c9b6a921ab72f63746815650fd4aabf41d4475583b796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4318304
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=_c_b5XwyMkdlUzcvMzVMUGF0aytkUVZPSTRSd1V1Yk9KaHpIVjRvVERuVmJkSTNqVU1BRUlqM2xRdWt2cG92M3NqRCsxcjVFQ0hKSmJhdS9QM3ZRQmpSSVhaWkVBdGxUOW9ZS2JRUHVuRk5DN3p3czV5NkhPRjFnenV6MmlPMHV0cENFRytkUG5CRTJaOXAwUm1tcDZKNlZnMU5LclQxa1Q0elc4bXM1YndYRkxiNW1CSTVTMVlOdGhORU9PY3lHVHUrOTNQM3RkL0cweFlzOFB5ci9hdk5GUTNrVzdXYVcxSEZqREYwR2RFNWZBdWZoSldPczJMNmwxSmZCYjcvL2Fkd1Y0Ly9WOGZYcURqSk1MRS9LeTBJdmt2QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 320278
content-length: 0
expires: 0

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/VdELdtTPccg/ Frame E89D 95 KB
96 KB 144ms
49ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/VdELdtTPccg/maxresdefault.jpg

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577e87e8acd73bd1456dfe92268e606758fe7618dba72a1f9e13c7fec9714da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97411
x-xss-protection: 0
server: sffe
etag: "1698389158"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Jan 2024 06:17:56 GMT

GET
H2 200 maxresdefault.webp
i.ytimg.com/vi_webp/6B7LknSUjtg/ Frame E89D 90 KB
90 KB 251ms
157ms Image
image/webp 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/6B7LknSUjtg/maxresdefault.webp

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e46ac8065faa6aea677aba42f7827c8c4baecdbb629d72e66bf4d095bfac71be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92090
x-xss-protection: 0
server: sffe
etag: "1704185804"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Jan 2024 04:22:56 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/b6qOvESe_0MpH4W0VnvoLQ/ Frame E89D 40 KB
40 KB 228ms
137ms Image
image/jpeg 2a00:1450:4001:829::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/b6qOvESe_0MpH4W0VnvoLQ/featured_channel.jpg?v=64b8a3cb

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d4b750495ed2679e51faa2c60a97f9e6d901e9726d879ef405406be283b3d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41000
x-xss-protection: 0
server: sffe
etag: "1689822155"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 05 Jan 2024 06:17:56 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame E89D 4 KB
2 KB 137ms
49ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 04:17:56 GMT

GET
H2 200 wrapper.html Show response
wrappers.geoedge.be/ 3 KB
4 KB 159ms
39ms XHR
text/html 2600:9000:236e:de00:2:d490:4d80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wrappers.geoedge.be/wrapper.html
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:236e:de00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-amz-version-id: SIv.6LiuODikErkt8hGkZr.zJWI3NFp8
date: Fri, 05 Jan 2024 02:32:40 GMT
via: 1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
age: 6317
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3527
last-modified: Tue, 19 Dec 2023 13:15:23 GMT
server: AmazonS3
etag: "6a6d57dbabaa297544a761a67d32156f"
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: PC4innc9VwarhTbrMt5n2q7cIRliKwHHh3aowoqULNsz2yYCRYSQrg==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame E89D 50 KB
15 KB 45ms
40ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 12:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Fri, 05 Jan 2024 12:40:19 GMT

GET
H2 200 Usb3bV7SALfo05hyoPqTkK5il5aHuK1awUuuyGo3DTRw0BAGWkSC8Pry8CDHMEXW4ZZRrNk8kQ=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame E89D 7 KB
7 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/Usb3bV7SALfo05hyoPqTkK5il5aHuK1awUuuyGo3DTRw0BAGWkSC8Pry8CDHMEXW4ZZRrNk8kQ=s88-c-k-c0x00ffffff-no-rj

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a38fe68e33aa576f6ad9c2998a77fab4db8979be1d186e3ad919a647a7bfba84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 02:50:24 GMT
x-content-type-options: nosniff
age: 5252
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7108
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 06 Jan 2024 02:50:24 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 76 KB
76 KB 73ms
72ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.113.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70ba07fd6d1fc71cc98aae93fa37effb594720b42297251546fa2e99c6be1b1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:15:24 GMT
x-content-type-options: nosniff
age: 25352
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77692
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 21:15:24 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 62 KB
62 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.118.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c10d2ca03db89e32aea5a917dd71ae0b1e5acfddccf80494a33df642e954d458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:41:55 GMT
x-content-type-options: nosniff
age: 250561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63496
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 06:41:55 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 34 KB
34 KB 57ms
57ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.119.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6785473e049e821b09e334869ce33fab0034b510485238f097fcdbe66acef187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:53:22 GMT
x-content-type-options: nosniff
age: 206674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34776
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 18:53:22 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 61 KB
61 KB 86ms
86ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.118.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ed332112466dd48d0ce36435c780728b5a2663ec3a27203b410b9c1b4e820a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 02:59:25 GMT
x-content-type-options: nosniff
age: 263911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62148
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 02:59:25 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 66 KB
66 KB 111ms
110ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.117.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6c2b7bab05f229d52688154dfee125ec9dbb30500c940e028eea8796d4d0124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:25:40 GMT
x-content-type-options: nosniff
age: 244336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67360
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:25:40 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 71 KB
71 KB 100ms
100ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.116.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f0ab9cd528d7c7472d26a2f9f73cbe20cea0a5a9b8ad30b38a3bc878ea43e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:52:35 GMT
x-content-type-options: nosniff
age: 95121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72632
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 01:52:35 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 67 KB
68 KB 113ms
111ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.117.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3e0fc205ad46e9fa2364a2b71a69279d819abe128a489987e3aeb458612e441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:04:11 GMT
x-content-type-options: nosniff
age: 238425
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69092
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 10:04:11 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 123ms
118ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.116.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b653f2d721b7be044661fd5a3bd2e3bbe9b82498dba0ad46ecadc25c31601e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:27:34 GMT
x-content-type-options: nosniff
age: 273022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75384
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:27:34 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 118ms
114ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.114.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f092d56d7cf0d6afcd9e76c8538638f13ca61e1a96508f279abceded94d84246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 20:17:25 GMT
x-content-type-options: nosniff
age: 288031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75716
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 20:17:25 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 77 KB
78 KB 130ms
125ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.112.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93afb81d346b0114e1ea6edf6e4c9789481cea971f9b3a06cf7b7eb488ba05e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 13:48:40 GMT
x-content-type-options: nosniff
age: 484156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79352
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 13:48:40 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.105.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 67 KB
67 KB 140ms
136ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.105.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bde421c6142e2559961f9a6816ccea09fcd22a25f69b4dff63b7edef5c1a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:23:03 GMT
x-content-type-options: nosniff
age: 201293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68816
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 20:23:03 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 73 KB
73 KB 148ms
144ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.106.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f974a68c6aef2854af3b8d1597560f6f62f772a1c7a77379bc4f31a12f67f7c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:04:12 GMT
x-content-type-options: nosniff
age: 238424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75192
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 10:04:12 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 156ms
152ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.115.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abfca4e99921285b4c8f134ad1796acc42945a3c71fa1adc8467c0aed83dfe46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:57:34 GMT
x-content-type-options: nosniff
age: 282022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76908
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 21:57:34 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.109.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 151ms
147ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.109.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6b32f5820acbfadd372e59d7a06cd93b7d2f080aa6008d1430fe51bb6203d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:18:15 GMT
x-content-type-options: nosniff
age: 21581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77144
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 22:18:15 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 159ms
155ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.107.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46b398a342a9e3ecad72ae77c744cf397f67614ca4a6f5339fea677c3243df02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:25:48 GMT
x-content-type-options: nosniff
age: 244328
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75712
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 08:25:48 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 73 KB
73 KB 169ms
165ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.115.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20d1b3e68226539ee1befa4e362c8be95c062686cc9556d422135c9df7cabcb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 12:42:15 GMT
x-content-type-options: nosniff
age: 315341
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75140
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 12:42:15 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 72 KB
72 KB 166ms
162ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.114.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6c2ee6907e4997f221a2a46bf8faee0eacec736d54a6973a311876db5f3aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:27:34 GMT
x-content-type-options: nosniff
age: 273022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73916
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:27:34 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 184ms
180ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.113.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39785e11f5691152f2df6618fd7ec32f634ae712fd72cbdd9e5e5e951b45c5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 19:04:06 GMT
x-content-type-options: nosniff
age: 33230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76348
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 19:04:06 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 75 KB
75 KB 162ms
158ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.112.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f391358d52bc90c43a751754cd67a3ef99319b67a9bc4153c248df8830f5e466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:04:12 GMT
x-content-type-options: nosniff
age: 238424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76732
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 10:04:12 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.109.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 74 KB
74 KB 176ms
173ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.109.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a59fc0dd7badbd25ef4d8d9d8ddc9c91e456c9cd5863ff30fdade102b62f869

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:57:34 GMT
x-content-type-options: nosniff
age: 282022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75404
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 21:57:34 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.108.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 70 KB
70 KB 194ms
191ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.108.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aefc8e50742cf3f1a28c9eef6522e3d3b1e573af55a387b23015ed965df8d948

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:10:38 GMT
x-content-type-options: nosniff
age: 292038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71220
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 19:10:38 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 72 KB
72 KB 198ms
194ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.106.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4002c8bd93674c5c6880070a5b8a6f6a2bcc21b2101ccee15ebb972b572ea6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:04:12 GMT
x-content-type-options: nosniff
age: 238424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73276
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 10:04:12 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.103.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 68 KB
68 KB 192ms
189ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.103.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ea2cef2fd04e1bbc69ebc2dd378d00da564ae8517a7c14869cc7abd534c5714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 16:52:25 GMT
x-content-type-options: nosniff
age: 300331
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70004
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 16:52:25 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 65 KB
65 KB 202ms
199ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.105.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a1be9981c0d8e130ef5bc7fecac75fb26a7428b9e91a8faedda343db76f2a6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 14:56:15 GMT
x-content-type-options: nosniff
age: 307301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66364
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 14:56:15 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 73 KB
73 KB 198ms
195ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.111.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab40bc14232d4b94dc250241de7f3df1e175cd9fbf76d43b75f08fbe158bf83c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:52:36 GMT
x-content-type-options: nosniff
age: 95120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74980
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 01:52:36 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 76 KB
76 KB 188ms
185ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.110.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbb5a700094409ba321ed63b2d293f1acb6934c15c4999fe206ba553a1ceda12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 21:57:34 GMT
x-content-type-options: nosniff
age: 282022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78280
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 21:57:34 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 65 KB
65 KB 202ms
200ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.104.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9628a65b1c9f6d580d18b1025e5224cfe10f21c66b73ca8763ba674ab7be814c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 29 Dec 2023 17:06:19 GMT
x-content-type-options: nosniff
age: 558697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66240
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Dec 2024 17:06:19 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.101.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 60 KB
60 KB 184ms
183ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.101.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83f7ae3b6cc221f09245207c1a643d267580bf13331fd9f8173539ece95522e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:48:09 GMT
x-content-type-options: nosniff
age: 239387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61128
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:48:09 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.39.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 49 KB
49 KB 199ms
198ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.39.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f555d131bc70a518438551247e8b9d491059789c996083667f53df05e9cda326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 22:54:45 GMT
x-content-type-options: nosniff
age: 19391
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49808
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 22:54:45 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 72 KB
72 KB 201ms
198ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.107.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a7a8707a6917c666777176ba2c4a9ca6d88ff10e9cf6ddf4932ff05261f067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 23:19:46 GMT
x-content-type-options: nosniff
age: 17890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73448
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 23:19:46 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.103.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 69 KB
69 KB 216ms
213ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.103.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cf1e2a096c2058882d4893855db6c15bb630e077e92e0ee4604b4f0396094ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:27:34 GMT
x-content-type-options: nosniff
age: 273022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70820
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:27:34 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.108.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 71 KB
71 KB 204ms
202ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.108.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311cf3a7782168ebcc0f85de83dc1474072fba0e835e3a5a565c5061c4d7a4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 01:36:58 GMT
x-content-type-options: nosniff
age: 96058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73168
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 01:36:58 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 79 KB
79 KB 203ms
201ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.110.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b02fa45218625795d89950fd645838c8c4d7f6cb7f893fef9a8e191bfb204af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 23:16:29 GMT
x-content-type-options: nosniff
age: 450087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81028
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 23:16:29 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 66 KB
66 KB 212ms
210ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.104.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc0d73c41dbec615509751bcd61f60533890e105f419fc50e1143f9395ae5227

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 01:50:02 GMT
x-content-type-options: nosniff
age: 527274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67988
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 01:50:02 GMT

GET
H3 200 XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.101.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 62 KB
62 KB 205ms
204ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLY9IZb5bJNDGYxLBibeHZ0BvssrbXwuVcgUbQ3zF6M3eg1qzxeg6QwzxcSPzLZfXbm0Gs_7uos.101.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2d0b710f1e5f0cc19f2100ea4b4b6ae5cb52c0821007ee28a7f2e36f83384a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:41:55 GMT
x-content-type-options: nosniff
age: 250561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63024
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 06:41:55 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.89.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 10 KB
10 KB 209ms
209ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.89.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e641c19e2deab3ff8d58f8c7830b38c22278aef37fdf0cd44006789be1818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 01 Jan 2024 19:10:38 GMT
x-content-type-options: nosniff
age: 292038
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10700
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Dec 2024 19:10:38 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.63.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 30 KB
30 KB 209ms
208ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.63.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148f0ae9490b5b176040529a78498de9b0576f5b0c30cef4f7ebb43f9696f8cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 10:33:19 GMT
x-content-type-options: nosniff
age: 495877
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30432
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 10:33:19 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.61.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 47 KB
47 KB 213ms
213ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.61.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7687e7b72fe197fc52758c909a411e9bf2be520837cc554c096031969c276e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:49:17 GMT
x-content-type-options: nosniff
age: 253719
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48544
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:20:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 05:49:17 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.74.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 50 KB
50 KB 214ms
214ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.74.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

062c5ab335ffe26393b26c630521fdeac75d202bdf32a168b93535755e0b1a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 09:28:49 GMT
x-content-type-options: nosniff
age: 240547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51620
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:19:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 09:28:49 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.57.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 47 KB
47 KB 213ms
213ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.57.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c5eea1f77978efdb0084dfb91c4ace1bc8fc67a5ffaafb99a77fadca7d84ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 00:43:07 GMT
x-content-type-options: nosniff
age: 272089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47788
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:20:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jan 2025 00:43:07 GMT

GET
H3 200 XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.36.woff2
fonts.gstatic.com/s/notoseriftc/v6/ 42 KB
42 KB 214ms
214ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoseriftc/v6/XLYgIZb5bJNDGYxLBibeHZ0BhnJsUnN3PrBufRbmGqUtcg4pzRPk5AEpzv6YzI9aTbOhf6M.36.woff2

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/css/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c287fda21fe692127e9bcbf16dd92dd62edcbe10a0e2b52957a258ddabcc37d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Origin: https://www.upmedia.mg
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:43:23 GMT
x-content-type-options: nosniff
age: 2073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42792
x-xss-protection: 0
last-modified: Tue, 16 Jul 2019 03:24:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jan 2025 03:43:23 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 143 KB
143 KB 81ms
39ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=video%2Fmp4&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=21108191&dur=987.899&lmt=1704420081741368&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgax9cAkf3P3PSPf04AcWNmZFAz96gvhKHDJ2ofP4San8CIBKZFw05M0XMP811w6gjxB6zEoq75FXJ79go5f81nVCQ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=175346-321952&rn=3&rbuf=2018&pot=MnRYfRyeXdvTfFhFnMx1fria0iprlQhB0b2_I0IDsoYpC3TY47228pfZiqJaC9L5w3rYPqsW3hMvziOIFQbtB_FIZoQ4O3j83rDXuL3qiu7IwmETKkSajQDerua8DwqhggPiTo_5dHwU8O5LCEf6PoWrTNCAhg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eaee8078dd8f6dcfc4770c584d7a42b3c26ae506377e3294c5a69b8f059431b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 04:17:56 GMT
date: Fri, 05 Jan 2024 04:17:56 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 05 Jan 2024 02:01:21 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H3 204 playback Show response
www.youtube.com/api/stats/ Frame E89D 0
17 B 47ms
47ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=1ZXV1NBrIDBDrqO3&ver=2&cmt=0.032&fmt=397&fs=0&rt=0.553&euri=https%3A%2F%2Fwww.upmedia.mg%2F&lact=582&cl=591746904&mos=1&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20231217.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=de_DE&cr=DE&len=988&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C4014%2C5499%2C4683%2C1360%2C945%2C7649%2C2008%2C4552%2C6946%2C3033%2C5178%2C1497%2C4474&rtn=6&afmt=251&size=978%3A550&inview=0&muted=1&docid=EEDdbjTdy7c&ei=84KXZZbVMYSni9oP65268AU&plid=AAYOKyHtNu0gNuUf&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FEEDdbjTdy7c%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26playlist%3DEEDdbjTdy7c&list=TLGGvzERbbpB5uUwNTAxMjAyNA&of=o7q1gBZhegHlYrntZqhXmA&vm=CAEQARgEOjJBSHFpSlRLSGVaYlhDMThzSzRBUFdFSEdHQ2VHSzRJUG9xVW16Ni1IRkRVd1NBTXI2d2JsQVBta0tESlJDbHF5Z2N5cXctRGV3Q2VHVWdoanRSNXF4TGVYOWxEYmhWZWhycThmek9fYnR0OGlpbGtMRHBPQy1sejhnSkhVT29uWGdMdm4xc0dHTEZVcy1nWlRlVk5adGFJakJkQzVDMTFOaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275686&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking Show response
www.youtube.com/ Frame E89D 0
19 B 48ms
47ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=EEDdbjTdy7c&cpn=1ZXV1NBrIDBDrqO3&ei=84KXZZbVMYSni9oP65268AU&ptk=youtube_single&oid=sWcGrAOJD9qBQgdE76oqyQ&ptchn=b6qOvESe_0MpH4W0VnvoLQ&pltype=content

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275686&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame D566 199 B
298 B 141ms
48ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 151
content-type: text/html
date: Fri, 05 Jan 2024 04:17:56 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H3 200 videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 246 KB
246 KB 48ms
48ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=video%2Fmp4&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=21108191&dur=987.899&lmt=1704420081741368&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgax9cAkf3P3PSPf04AcWNmZFAz96gvhKHDJ2ofP4San8CIBKZFw05M0XMP811w6gjxB6zEoq75FXJ79go5f81nVCQ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=321953-573504&rn=4&rbuf=3696&pot=MnRYfRyeXdvTfFhFnMx1fria0iprlQhB0b2_I0IDsoYpC3TY47228pfZiqJaC9L5w3rYPqsW3hMvziOIFQbtB_FIZoQ4O3j83rDXuL3qiu7IwmETKkSajQDerua8DwqhggPiTo_5dHwU8O5LCEf6PoWrTNCAhg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

fe74ac0a00e0ef9c39223ed68f3552f6eec39c824f793f047f53fccc67d983ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 04:17:56 GMT
date: Fri, 05 Jan 2024 04:17:56 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 05 Jan 2024 02:01:21 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

POST
H3 200 videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 66 KB
66 KB 40ms
40ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=14209842&dur=987.941&lmt=1704416062663306&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgHQHIyWuF8EB_dQ9umraEGdiWlp9R14z5bmjXWSzn2CcCIQCdF9MEOs9Xd2PrWZbNVa98u88lm-H4I9FdTcN_zG9k1A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=67475-135024&rn=5&rbuf=4142&pot=MnRYfRyeXdvTfFhFnMx1fria0iprlQhB0b2_I0IDsoYpC3TY47228pfZiqJaC9L5w3rYPqsW3hMvziOIFQbtB_FIZoQ4O3j83rDXuL3qiu7IwmETKkSajQDerua8DwqhggPiTo_5dHwU8O5LCEf6PoWrTNCAhg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b439d6ac9434fb1ad4c00994dbc583f9a7f3e3ff214f072a69fa26722e0a9c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 00:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 05 Jan 2024 04:17:56 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 535 KB
535 KB 40ms
40ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313%2C394%2C395%2C396%2C397%2C398%2C399%2C400%2C401&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=video%2Fmp4&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=21108191&dur=987.899&lmt=1704420081741368&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5537434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRAIgax9cAkf3P3PSPf04AcWNmZFAz96gvhKHDJ2ofP4San8CIBKZFw05M0XMP811w6gjxB6zEoq75FXJ79go5f81nVCQ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=573505-1120788&rn=6&rbuf=6723&pot=MnRYfRyeXdvTfFhFnMx1fria0iprlQhB0b2_I0IDsoYpC3TY47228pfZiqJaC9L5w3rYPqsW3hMvziOIFQbtB_FIZoQ4O3j83rDXuL3qiu7IwmETKkSajQDerua8DwqhggPiTo_5dHwU8O5LCEf6PoWrTNCAhg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7b57890f365b051a5555063af9a79e58f8a3f428a1c844ac4ee9fa74c7412320

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Fri, 05 Jan 2024 04:17:56 GMT
date: Fri, 05 Jan 2024 04:17:56 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
last-modified: Fri, 05 Jan 2024 02:01:21 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
client-protocol: quic

GET
H2 200 killswitch_config.js Show response
avividone.likr.tw/killswitch/ 391 B
330 B 58ms
48ms Script
application/javascript 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avividone.likr.tw/killswitch/killswitch_config.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0dac38b5e95e80193665025abe33d3d8d3982624384d9744f154169d9906c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 Feb 2023 03:06:50 GMT
server: cloudflare
age: 36
etag: "187-5f4278e345738-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 8408ea19ff4a65d7-FRA
content-length: 177

GET
H2 200 aws-sdk-AviviD-min-1.000.3.js Show response
avivid.likr.tw/sample/ 274 KB
78 KB 50ms
49ms Script
text/javascript 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 08 Oct 2020 10:46:57 GMT
server: cloudflare
age: 5366
etag: W/"1328d7-44813-5b1268d1b71da"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 8408ea19ff4765d7-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H3 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.6.8/ 21 KB
21 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.8/firebase-app.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 20:34:25 GMT
x-content-type-options: nosniff
age: 373411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21934
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:11:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 30 Dec 2024 20:34:25 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 294ms
294ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/upmedia_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:56 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.26
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Fri, 05 Jan 2024 05:17:56 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 116 KB
46 KB 1247ms
649ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&&device=pc&media=www.upmedia.mg&extra=windows&agency=nissin_tw&topn=50&ad=20&r_category=all&country=tw&redirect=true&uid=c3d0b51b5070f687fe01704424676834&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9uZXdzX2luZm8ucGhwIiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNSU5MCU4OCVFNiVCMyU5NSVFNCVCQSVBNCVFNiU5OCU5MyVFNiU4OSU4MCVFNiVCNyVBQSVFOCVBOSU5MCVFOSVBOCU5OSVFNiVCQSVBQiVFNSVCQSU4QSVFMyU4MCU4MCVFMyU4MCU4Q0FDRSVFNyU4RSU4QiVFNyU4OSU4QyVFMyU4MCU4RCVFOCVCMyVBMyVFOCU5OSU5QiVFNiU5MyVBQyVFOCVCMiVBOCVFNSVCOSVBMyVFOCVBOSU5MDEwJUU1JTg0JTg0NyVFNCVCQSVCQSVFOSU4MSVBRCVFOCU4MSVCMiVFNiU4QSVCQyUyMC0tJTIwJUU0JUI4JThBJUU1JUEwJUIxJTIwJTJGJTIwJUU3JTg0JUE2JUU5JUJCJTlFIiwidXNlcl90ZF91cmwiOiJodHRwczovL3d3dy51cG1lZGlhLm1nL25ld3NfaW5mby5waHA/VHlwZT0yNCZTZXJpYWxObz0xOTE3NDkiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiV2luMzIiLCJ1c2VyX3RkX2hvc3QiOiJ3d3cudXBtZWRpYS5tZyIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE3MDQ0MjgyNzY4MzUsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&callback=_p6_9b045032d892
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/upmedia_tw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 2a1070407509af8b7043eb73fa5861267deae8166558b5531b9f3beae17ce485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:57 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H2 200 track.js Show response
ad.tagtoo.co/media/ad/ 6 KB
2 KB 141ms
39ms Script
text/javascript 34.111.12.34
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tagtoo.co/media/ad/track.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/upmedia_tw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 34.12.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 59044ab3eeb1b76edcafa83ed2acadca0c766ad84d39297409b64f1363c40541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:20:27 GMT
content-encoding: gzip
via: 1.1 google
age: 3449
x-guploader-uploadid: ABPtcPogQisrWxmmlDxCooOxW0zzoX2Lc2YhTaP6wkQxvt_38pw-WCj4c4hO4robwQ5NBms3KD0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1815
last-modified: Tue, 02 Jan 2024 10:11:50 GMT
server: UploadServer
etag: "acc7ab30699d07099b5bf199f82ee85a"
vary: Accept-Encoding
x-goog-generation: 1704190310688190
x-goog-hash: crc32c=8B6BRg==, md5=rMerMGmdBwmbW/GZ+C7oWg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 1815
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 05 Jan 2024 04:20:27 GMT

GET
H2 200 tuec.js Show response
uec.tagtoo.co/ 10 KB
4 KB 141ms
40ms Script
application/javascript 34.107.150.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://uec.tagtoo.co/tuec.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/upmedia_tw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.150.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 03:29:13 GMT
content-encoding: gzip
age: 2923
x-guploader-uploadid: ABPtcPppsf2H9F6MKBd9J87R-AGf3shbJz7ZCbURoTRlw8OW7QksUsUXMzYXMecboLeVRYnGOcDHIrpQww
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3770
last-modified: Tue, 12 Dec 2023 09:08:46 GMT
server: UploadServer
etag: "2fa133db50cd81d87b8ffb8729a6ab35"
vary: Accept-Encoding
x-goog-generation: 1702372126688115
x-goog-hash: crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 3770
accept-ranges: bytes

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 156 KB
43 KB 611ms
610ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/upmedia_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:57 GMT
x-amz-version-id: Ob3Rg3l4X4hYCDKCZi4TBB1j2gDUvWNq
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 14 Dec 2023 10:19:50 GMT
Server: nginx
ETag: W/"7f4851f932ed60220942b1f8c3704083"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Fri, 05 Jan 2024 05:17:57 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 855ms
282ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMjkgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3LnVwbWVkaWEubWciLCJ1cmwiOiJodHRwczovL3d3dy51cG1lZGlhLm1nL25ld3NfaW5mby5waHA/VHlwZT0yNCZTZXJpYWxObz0xOTE3NDkiLCJsb2MiOiJodHRwczovL3d3dy51cG1lZGlhLm1nL25ld3NfaW5mby5waHA/VHlwZT0yNCZTZXJpYWxObz0xOTE3NDkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTI5IFNhZmFyaS81MzcuMzYiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkifQ==&t=1704428276838
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:57 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 855ms
283ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy51cG1lZGlhLm1nIiwidXJsIjoiaHR0cHM6Ly93d3cudXBtZWRpYS5tZy9uZXdzX2luZm8ucGhwP1R5cGU9MjQmU2VyaWFsTm89MTkxNzQ5IiwidWlkIjoiYzNkMGI1MWI1MDcwZjY4N2ZlMDE3MDQ0MjQ2NzY4MzQiLCJ0ZF90aXRsZSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTI5IFNhZmFyaS81MzcuMzYifQ==&t=1704428276841
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:57 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

OPTIONS
H/1.1 200
OK /
kinesis.ap-southeast-1.amazonaws.com/ Frame 0
0 588ms
192ms Preflight 13.251.113.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.ap-southeast-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.113.110 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-113-110.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.upmedia.mg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 05 Jan 2024 04:17:57 GMT
x-amzn-RequestId: ed197b52-4af8-1564-b308-fe67b7d2f485

POST
H/1.1 200
OK / Show response
kinesis.ap-southeast-1.amazonaws.com/ 110 B
546 B 200ms
200ms Fetch
application/x-amz-json-1.1 13.251.113.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.ap-southeast-1.amazonaws.com/
Requested by: Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.113.110 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-113-110.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: ad268267fe98485289ee2b7e1a03f94992bbb01eba71d29e06c33a4fed34993d

Request headers

accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=AKIATBR2IINU2ISIXU72/20240105/ap-southeast-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=4ee3729bb257feba365e7faaf1652e75cae7e5ed85039abf89e67ac61bf0c488
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-content-sha256: 7480d9fddf2289fe4a16c7567374ab574933984251402d3574781da5da9d8502
Referer: https://www.upmedia.mg/
x-amz-target: Kinesis_20131202.PutRecord
x-amz-date: 20240105T041756Z
x-amz-user-agent: aws-sdk-js/2.769.0 callback

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Date: Fri, 05 Jan 2024 04:17:57 GMT
x-amzn-RequestId: dc92c8df-4dea-13e1-8283-4deab0c0f200
Content-Length: 110
x-amz-id-2: 3rpafOQwKnp+o5CnpcLHz3LazgxRVOgCH7N+ZkTBVM/B0xcHfa7iVbXlc8w10xO7EZWt47RHBpgaAk3XpyAzTHpRHscoa3gw
Content-Type: application/x-amz-json-1.1

GET
H2 200 firebase-messaging.js Show response
avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/ 40 KB
11 KB 53ms
53ms Script
text/javascript 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/firebase-messaging.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa81ca3af4294db272d0322126acff07bf55a1fb9a88daa037e50938309993a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:56 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 27 Mar 2023 06:33:15 GMT
server: cloudflare
age: 4084
etag: W/"3e0f30-9fb9-5f7dbeaf431aa"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 8408ea1aafe265d7-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

POST
H3 200 videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 131 KB
131 KB 40ms
40ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=14209842&dur=987.941&lmt=1704416062663306&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgHQHIyWuF8EB_dQ9umraEGdiWlp9R14z5bmjXWSzn2CcCIQCdF9MEOs9Xd2PrWZbNVa98u88lm-H4I9FdTcN_zG9k1A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=135025-269105&rn=7&rbuf=8221&pot=MnRYfRyeXdvTfFhFnMx1fria0iprlQhB0b2_I0IDsoYpC3TY47228pfZiqJaC9L5w3rYPqsW3hMvziOIFQbtB_FIZoQ4O3j83rDXuL3qiu7IwmETKkSajQDerua8DwqhggPiTo_5dHwU8O5LCEf6PoWrTNCAhg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b375d6572fc9a3912b12547f609d3769cc37f317a14e5a5dcc9fe15b6faabf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 04:17:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 00:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 05 Jan 2024 04:17:56 GMT

GET
H2 200 3134.js Show response
ecs.tagtoo.co/js/ 64 KB
20 KB 140ms
40ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/3134.js
Requested by: Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:07:48 GMT
content-encoding: gzip
age: 609
x-guploader-uploadid: ABPtcPqtCZnaI_aPNifKMG0BdFcF6WagCcu2o3UXw7hW7UOTsIc46P5WhMsBbucQadlzOjPaejU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20110
last-modified: Wed, 06 Dec 2023 04:54:12 GMT
server: UploadServer
etag: "c850b80896c41c8272295a934e2f4145"
vary: Accept-Encoding
x-goog-generation: 1701838452348554
x-goog-hash: crc32c=Lcx2rw==, md5=yFC4CJbEHIJyKVqTTi9BRQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public, max-age=5400
x-goog-stored-content-length: 20110
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 05 Jan 2024 05:37:48 GMT

GET
H2 200 unitrack.js Show response
ecs.tagtoo.co/js/ 26 KB
9 KB 41ms
40ms Script
application/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/unitrack.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/3134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:05:24 GMT
content-encoding: gzip
age: 753
x-guploader-uploadid: ABPtcPo2xQNV_7uRMwm9eeqlej5DvpcHCPmEyOr6aWYWcNoSt8iH0NuaCvDUjkwFVblNY8tmzBPhXkHumw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8725
last-modified: Wed, 17 May 2023 07:38:52 GMT
server: UploadServer
etag: "ccd513edbe3eb66c17d73c94d6462526"
vary: Accept-Encoding
x-goog-generation: 1684309132134575
x-goog-hash: crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public,max-age=5400
x-goog-stored-content-length: 8725
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Fri, 05 Jan 2024 05:35:24 GMT

POST
H/1.1 200
OK / Show response
firehose.ap-southeast-1.amazonaws.com/ 257 B
707 B 200ms
200ms Fetch
application/x-amz-json-1.1 13.251.113.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.ap-southeast-1.amazonaws.com/
Requested by: Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.251.113.78 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-113-78.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3f202bb574cc59398eeb3d0670f31b283c0721fc2ffc9222ef80f995ef060355

Request headers

accept-language: de-DE,de;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=AKIATBR2IINUW3Y6AWEJ/20240105/ap-southeast-1/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=3b2af72e56ec34adf49d8086036f047debc046ce6a9776f856ba06d7de2db546
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
content-type: application/x-amz-json-1.1
x-amz-content-sha256: c18c42f74d3d4218a72aa8cc3fd7edbf88759068fbc477559172fb7161ff5efb
Referer: https://www.upmedia.mg/
x-amz-target: Firehose_20150804.PutRecord
x-amz-date: 20240105T041757Z
x-amz-user-agent: aws-sdk-js/2.769.0 callback

Response headers

Date: Fri, 05 Jan 2024 04:17:57 GMT
Content-Encoding: gzip
x-amzn-RequestId: efb3d612-18bf-869c-b1a2-5324c3cff83d
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 247
x-amz-id-2: Py6ztaBvYq+qMxcp4MFMN61ablk20zjhR4R0jnZWV1wLFdXO6DcXlaKjkGZ1N/oPLIKDHN5p6viB+oymrZg6sZ6OU8KNpq/7

OPTIONS
H/1.1 200
OK /
firehose.ap-southeast-1.amazonaws.com/ Frame 0
0 789ms
194ms Preflight 13.251.113.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.ap-southeast-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.251.113.78 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-113-78.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.upmedia.mg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Fri, 05 Jan 2024 04:17:57 GMT
x-amzn-RequestId: faf30f3e-d3cd-4e96-a4e2-8a0b08bd3037

GET
H2 200 subselfsw_core.js Show response
avivid.likr.tw/api/ 28 KB
5 KB 934ms
934ms Script
text/javascript 2606:4700:10::6816:2b5e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/api/subselfsw_core.js
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2b5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ac5c2f517ef1b1e2017a576aaa262db69ed65742b82558bee534d262baadce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:58 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Tue, 25 Apr 2023 10:23:52 GMT
server: cloudflare
etag: W/"6ec287-6ef9-5fa268516686e"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600
access-control-allow-credentials: true
cf-ray: 8408ea1db96865d7-FRA
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ 138 KB
41 KB 152ms
50ms Script
application/javascript 2606:4700:10::6816:9ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:9ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7f50eb2324c4a2d803c4829349512fa441c40c3f0e670efcb22f8167dfa3e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:57 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: XMEMEKbC+3yLxr6LryU6QQ==
age: 5727
x-ms-lease-status: unlocked
last-modified: Tue, 28 Nov 2023 12:35:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 49c1235a-701e-006a-0616-26be5c000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 8408ea202c093657-FRA

GET
H2 200 popup-en.html Show response
api.pvmax.net/popup/ Frame D067 3 KB
1 KB 1628ms
1628ms Document
text/html 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1704428277666
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/v1.0/pvmax.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e65c6da6715082eaea3efab11a559f93924be383cb0b8a9450e2ad6380a49f2

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 8408ea1f88a01c05-FRA
content-encoding: gzip
content-type: text/html
date: Fri, 05 Jan 2024 04:17:59 GMT
expires: Fri, 05 Jan 2024 05:17:59 GMT
last-modified: Tue, 14 Mar 2023 05:37:45 GMT
server: cloudflare
x-goog-generation: 1678772265134596
x-goog-hash: crc32c=9AQfrg== md5=ltZTlMGHacP9YQnbh1tixg==
x-goog-meta-goog-reserved-file-mtime: 1678772108
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2652
x-guploader-uploadid: ABPtcPrKMPnX45brwLo7K0cuk4s1MZ1iYyZR0pDpJT58HVonMOTUwN1fm-rzMNcWo8eXEi-FFIo

GET
H2 200 logo-mini.png
api.pvmax.net/logo/ 483 B
806 B 47ms
46ms Image
image/png 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.pvmax.net/logo/logo-mini.png
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 519eb98dcb4e16d19e91185a49cffd292b3cb5506cdbff0448583ba639b836a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:57 GMT
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1651823315
age: 1055
x-guploader-uploadid: ABPtcPo9WVzhMMCo_mw2SGX0juaoaq9Ln4gYh_Pv7xdF0eCNZcouaA-ovHVZIYHHDuzV1E-4IgtLupuuXA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 483
last-modified: Fri, 06 May 2022 09:17:05 GMT
server: cloudflare
etag: "aa295a2ab3fb2de7725df4c6f7553147"
vary: Accept-Encoding
x-goog-generation: 1651828625254382
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=FHDE/Q==, md5=qilaKrP7LedyXfTG91UxRw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 483
accept-ranges: bytes
cf-ray: 8408ea1f88a11c05-FRA
expires: Fri, 05 Jan 2024 04:43:21 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/0d8eaddd39e07c11222357a643aaa48a/ 74 KB
74 KB 822ms
810ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/0d8eaddd39e07c11222357a643aaa48a/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95adf40da050083c87881931df97f86fd7a08f451421b30195be72aa3147ee4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: MISS
content-md5: H95e93Lj7o3HnfYOasdP7g==
content-length: 75795
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Sun, 17 Dec 2023 10:12:35 GMT
server: cloudflare
etag: "0x8DBFEE8B1007B5E"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: fe62ffbf-401e-0047-768e-3f8ca0000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea1fa8ae1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/9ba8249bc7d3255a61d1ae8c1d3060e2/ 28 KB
28 KB 633ms
621ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/9ba8249bc7d3255a61d1ae8c1d3060e2/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23fe0600be2a9516c3806e1f896b0ce90b9e166ce18013982a3f516acc30f9f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: MISS
content-md5: +zfJ6NnfjEfXFD0NF1VbMw==
content-length: 28703
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Wed, 27 Dec 2023 03:22:32 GMT
server: cloudflare
etag: "0x8DC068B107432A3"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: b724e34d-e01e-0013-688e-3fc3f7000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea1fa8ab1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/bd0a5e2f2ad18fda5a256b0b4c0903e7/ 49 KB
49 KB 820ms
808ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/bd0a5e2f2ad18fda5a256b0b4c0903e7/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9981148617bf2e7847ba4faa3dde61a3050648789368ad6521135ad924cd6d7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: MISS
content-md5: OWtNarwJT1O4Yq1QLWNd/A==
content-length: 50310
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 14 Dec 2023 04:22:41 GMT
server: cloudflare
etag: "0x8DBFC5C50425310"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 5853bafa-a01e-002d-3d8e-3f5488000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea1fa8ac1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/5ec50e50b16f3a9700ae5d569ffdb660/ 25 KB
25 KB 641ms
630ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/5ec50e50b16f3a9700ae5d569ffdb660/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f89a0b8fbca92b5c3dc319064475de033458c7cd4fcdbbd8bac30da5547b0e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: MISS
content-md5: 0MY3u75l618gMmikG0OWLQ==
content-length: 25783
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 22 Dec 2023 13:12:32 GMT
server: cloudflare
etag: "0x8DC02EFA827D697"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 716bb819-701e-005c-2c8e-3fb2a3000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea1fa8ad1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/9687c3232dba7cff28e7e2aff9d4b646/ 62 KB
63 KB 808ms
808ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/9687c3232dba7cff28e7e2aff9d4b646/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5be37649b85163a595d3ea57f9cde11e5c7d39edd440caf5f2891b786ccae67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: MISS
content-md5: FIk61H62uv0BRrPcgT+bPg==
content-length: 63875
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 28 Dec 2023 07:42:48 GMT
server: cloudflare
etag: "0x8DC077896A3450E"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 828eaeca-c01e-0066-3f8e-3fa8db000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea1fc8be1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/d85a251d530b5541edc556f8563dd22e/ 60 KB
60 KB 49ms
49ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/d85a251d530b5541edc556f8563dd22e/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d78f0575e240b8dcbbe845ae8782efb32bb08c83c80537fa609cd22a33718820

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:57 GMT
cf-cache-status: HIT
content-md5: ypbzubuRjWRQxv9OvuAmFQ==
age: 5177
content-length: 61231
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 04 Jan 2024 03:42:31 GMT
server: cloudflare
etag: "0x8DC0CD72E737074"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: ba4f65c7-d01e-0037-805b-3f3557000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea1fc8bf1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/9e3f216e91095ac78538b654542f7e9e/ 55 KB
56 KB 815ms
814ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/9e3f216e91095ac78538b654542f7e9e/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6a4f3df1aaa87e1648e5cfd111f8664537e9407f0ac9fa7fb9c96d663a9d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: MISS
content-md5: KrfimKSGq2nfpgTcirnEYg==
content-length: 56760
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 28 Dec 2023 01:42:31 GMT
server: cloudflare
etag: "0x8DC0746422370F8"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 88d81631-101e-0007-568e-3f8b98000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea2018e91c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/64b0132d78951e833be7c4432d0d660e/ 39 KB
39 KB 434ms
434ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/64b0132d78951e833be7c4432d0d660e/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bd28d8afda934a53f2efa9de21782c62bdd6e942bab96c9e68ca56dd8b66ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: REVALIDATED
content-md5: pbuQN4XeqXMwZ3ZTWnusAw==
content-length: 39442
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Wed, 03 Jan 2024 09:52:35 GMT
server: cloudflare
etag: "0x8DC0C41B696DCE7"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 58f40c3d-601e-0022-10c9-3e22e4000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea238a671c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/5bd028e6dcccf2739ce5357a6f415edc/ 35 KB
35 KB 430ms
430ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/5bd028e6dcccf2739ce5357a6f415edc/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5bb6b710f8b7a370fa88c92946a84991d8848d36d7f366fa6e27630a3244d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:58 GMT
cf-cache-status: REVALIDATED
content-md5: 6MTxtCgg5PZVDSZeVqgQzQ==
content-length: 35724
x-ms-lease-state: available
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Thu, 04 Jan 2024 07:42:36 GMT
server: cloudflare
etag: "0x8DC0CF8B85CACE2"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 3c4b3570-901e-0019-0d75-3f6740000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea239a6b1c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/49109bc248d4c47f2c7b246c6e2b5333/ 57 KB
58 KB 806ms
806ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/49109bc248d4c47f2c7b246c6e2b5333/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae67be935c6a44177dde5962fe863296f72daf2514bfa3179d53781591b283ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:59 GMT
cf-cache-status: MISS
content-md5: HUnaOfFPBiFiofbJsZTTeA==
content-length: 58834
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Thu, 07 Dec 2023 08:52:31 GMT
server: cloudflare
etag: "0x8DBF701D9244265"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 8b48d1d6-301e-0010-208e-3f2293000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea24bad41c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/cd2b6c6777bee6cb745653d2366f0821/ 49 KB
49 KB 798ms
797ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/cd2b6c6777bee6cb745653d2366f0821/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d03e6cfc885351b8f70e0c404d7ff62be7270d52941dfc09be3f588374322e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:59 GMT
cf-cache-status: MISS
content-md5: fDTjRVZ0drPB8pIkd7zVPQ==
content-length: 49903
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Fri, 15 Dec 2023 11:32:40 GMT
server: cloudflare
etag: "0x8DBFD618BC7C830"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: c48b076f-c01e-002b-788e-3f6737000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea24bad51c05-FRA

GET
H2 200 480x252.jpg
cdn.pvmax.net/cache/1f10770a380ff084bc1c0d270c0ad84f/ 65 KB
65 KB 807ms
806ms Image
image/jpeg 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pvmax.net/cache/1f10770a380ff084bc1c0d270c0ad84f/480x252.jpg
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45981e6dd07191215c6c0c9c1cf93592ee024fd464afb10bbef26269fd72e4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 05 Jan 2024 04:17:59 GMT
cf-cache-status: MISS
content-md5: u54z4W6q/6u6v9VC7IFpkQ==
content-length: 66374
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 26 Dec 2023 06:42:35 GMT
server: cloudflare
etag: "0x8DC05DDD81592C0"
vary: Accept-Encoding
content-type: image/jpeg
x-ms-request-id: 8b48d1df-301e-0010-298e-3f2293000000
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 8408ea24dae01c05-FRA

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ 140 B
686 B 1684ms
192ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=a944c006368241de&referer=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&bodyWidth=1600&bodyHeight=1200&cacheBuster=bb45f59c-ad5a-4c27-8c0e-90ec0c0b5a00
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: fea484e9d5904c802bb4e26a7273d7c4ccb754c972e6e1502c70e462c1d189cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upmedia.mg
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 140

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ 140 B
686 B 1684ms
193ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=a944c006368241de&referer=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&bodyWidth=1600&bodyHeight=1200&cacheBuster=d770b80d-30e7-46ca-9d7f-e4e71d7b4f57
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: d8c103f04cc2a4c60e113ad877c0a65263b3e31478a251e89efef03063e277e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upmedia.mg
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 140

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ 140 B
686 B 1685ms
193ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=a944c006368241de&referer=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&bodyWidth=1600&bodyHeight=1200&cacheBuster=599a2468-f821-4b9a-be5a-3a51c49c2419
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 2070a8493620032c86601f0de585c528d3ed8c9d2da0fd50b74a4391aedd8245

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upmedia.mg
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 140

GET
H/1.1 200
OK spaceSetting Show response
ssp.tenmax.io/supply/v3/universal/ 140 B
686 B 1683ms
191ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=5fa8b4358fde4db0&referer=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&bodyWidth=1600&bodyHeight=1200&cacheBuster=52c4d462-c359-424e-8369-88dbec39d649
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 3aa60dbc4122ed54c3966d9175404bdce24976515e3c535f36ee45c18995a6c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upmedia.mg
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 140

GET
H/1.1

204

cm
dmp.tenmax.io/
Redirect Chain

https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=612264231
https://dmp.tenmax.io/cmp
https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1704428279&google_hm=WjdqUHdLdUJFZTZlYnBldjNuSVdZZz09&google_cm
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEIyixVlZalX8E0yoKyoaDik&google_cver=1&google_ula=514624859,0

0
444 B

366ms
366ms

Image
text/plain

125.227.53.93
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEIyixVlZalX8E0yoKyoaDik&google_cver=1&google_ula=514624859,0

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

HTTP/1.1

Server

125.227.53.93 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

125-227-53-93.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:18:00 GMT
Strict-Transport-Security: max-age=31536000
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=9

Redirect headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEIyixVlZalX8E0yoKyoaDik&google_cver=1&google_ula=514624859,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame E89D 28 B
54 B 51ms
51ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-Goog-Request-Time: 1704428277844
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275615&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

date: Fri, 05 Jan 2024 04:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Fri, 05 Jan 2024 04:17:57 GMT

GET
H3 200 fp.min.js Show response
ecs.tagtoo.co/js/ 31 KB
13 KB 40ms
40ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/fp.min.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:14:05 GMT
content-encoding: gzip
age: 233
x-guploader-uploadid: ABPtcPrO_sc-d7iZlCyN6Rs-gUSxSDKkn-1erUtWi14F24t3ErJS9Tz6q5wo10Cvky_m4L3cEg0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12950
last-modified: Thu, 16 Sep 2021 09:25:47 GMT
server: UploadServer
etag: "5d9159073c44e4858b07d4445a1adceb"
vary: Accept-Encoding
x-goog-generation: 1631784347603860
x-goog-hash: crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=300
x-goog-stored-content-length: 12950
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 05 Jan 2024 04:19:05 GMT

GET
H2 200 permanent Show response
event.tagtoo.co/ 48 B
113 B 312ms
312ms Fetch
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=d53092bf07abf3be87cdc9da768f5a82
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 5d138c5b17501f785e873982ae8ad7f8f3887ecf9c7fe70399a58d82eda65db6

Request headers

Referer: https://www.upmedia.mg/
X-TOKEN: a5808d50cbd8897ace6b6b62abf51d37c19e599aea49012c32a74de228b9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 05 Jan 2024 04:17:58 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
content-type: application/json

OPTIONS
H2 200 permanent
event.tagtoo.co/ Frame 0
0 397ms
301ms Preflight
text/plain 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=d53092bf07abf3be87cdc9da768f5a82
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-token
Access-Control-Request-Method: GET
Origin: https://www.upmedia.mg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Fri, 05 Jan 2024 04:17:57 GMT
server: uvicorn
via: 1.1 google

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ 66 B
223 B 282ms
281ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Ind3dy51cG1lZGlhLm1nIiwidXJsIjoiaHR0cHM6Ly93d3cudXBtZWRpYS5tZy9uZXdzX2luZm8ucGhwP1R5cGU9MjQmU2VyaWFsTm89MTkxNzQ5IiwidWlkIjoiYzNkMGI1MWI1MDcwZjY4N2ZlMDE3MDQ0MjQ2NzY4MzQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkYWU0YTMxYy0yNTU4LTQwNWEtOWE5Ni0yZDEyNjc1MzU0OTQiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly93d3cudXBtZWRpYS5tZy9uZXdzX2luZm8ucGhwP1R5cGU9MjQmU2VyaWFsTm89MTkxNzQ5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEyOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJ3d3cudXBtZWRpYS5tZyIsInRkX3BhdGgiOiIvbmV3c19pbmZvLnBocCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZGFlNGEzMWMtMjU1OC00MDVhLTlhOTYtMmQxMjY3NTM1NDk0IiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1704428278373
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:58 GMT
last-modified: Fri, 10 Jan 2020 11:34:08 GMT
server: nginx/1.13.5
etag: "5e186130-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 865ms
284ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=c3d0b51b5070f687fe01704424676834&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&t=1704428278375
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:59 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H3 200 v1
event.tagtoo.co/event/ 2 B
16 B 393ms
313ms Ping
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/event/v1
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 05 Jan 2024 04:17:59 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: application/json

GET
H2 200 / Show response
ttd-cm.tagtoo.com.tw/prn/uidm/ 21 B
161 B 1304ms
1208ms Fetch
application/json 35.244.186.85
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=3eaea44e6d97abb758a456f10c668b3e&pid=1008&puid=c3d0b51b5070f687fe01704424676834&
Requested by: Host: uec.tagtoo.co
URL: https://uec.tagtoo.co/tuec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.186.85 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 85.186.244.35.bc.googleusercontent.com
Software: gunicorn/19.9.0 /
Resource Hash: de8a41e157ef0da2ade162ac2dc3a95e99ae93f24be2e671deef7a0df9677c12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:00 GMT
via: 1.1 google
server: gunicorn/19.9.0
vary: Origin
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21

GET
H2 200 logo.png
api.pvmax.net/logo/ Frame D067 2 KB
2 KB 49ms
49ms Image
image/png 2606:4700:10::ac43:290a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.pvmax.net/logo/logo.png
Requested by: Host: api.pvmax.net
URL: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1704428277666
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:290a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0339e334c077ff7d80ddbcb9b2a170b6b53928c63e4ce0c1c904f60c514c33c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.pvmax.net/popup/popup-en.html?cacheBuster=1704428277666
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:17:59 GMT
cf-cache-status: REVALIDATED
x-goog-meta-goog-reserved-file-mtime: 1651823315
x-guploader-uploadid: ABPtcPoTOPFgMkzg_MmvJbnUyRZg4TVZB2CHjCabgPdb6mYl-gaMS0EEKxApKSyXwofUx1YBmSndfyUqVg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1997
last-modified: Fri, 06 May 2022 09:17:05 GMT
server: cloudflare
etag: "3e51dc1449f6c7c2d44476ec698a101a"
vary: Accept-Encoding
x-goog-generation: 1651828625320558
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=BeP4RA==, md5=PlHcFEn2x8LURHbsaYoQGg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1997
accept-ranges: bytes
cf-ray: 8408ea29bd061c05-FRA
expires: Fri, 05 Jan 2024 05:11:52 GMT

GET
H/1.1 200
OK grouped-plan Show response
ssp.tenmax.io/supply/v3/universal/ 1 KB
2 KB 209ms
209ms XHR
application/json 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/grouped-plan?rmaxSpaceIds=5fa8b4358fde4db0%2Ca944c006368241de%2Ca944c006368241de%2Ca944c006368241de&sessionIds=68e73da0-ab81-11ee-9237-3def41606272%2C68e73da1-ab81-11ee-9237-3def41606272%2C68e764b0-ab81-11ee-9237-3def41606272%2C68e764b1-ab81-11ee-9237-3def41606272&referer=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&bodyWidth=1600&bodyHeight=1200&cacheBuster=7008042b-84dd-4d99-8213-5a7474ea566c
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 059216c5ffb533ec0980b8f88f777909a8d22c46b467aec4d5bb8fc4d7080cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://www.upmedia.mg
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1425

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
373 B 194ms
193ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=690525e0-ab81-11ee-9237-3def41606272
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
373 B 194ms
193ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=6905c220-ab81-11ee-9237-3def41606272
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
373 B 193ms
192ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=69065e60-ab81-11ee-9237-3def41606272
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 204
No Content done
ssp.tenmax.io/supply/tracking/ 0
373 B 192ms
192ms Image
text/plain 52.163.200.170
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/done?bid=68e764b1-ab81-11ee-9237-3def41606272
Requested by: Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.163.200.170 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:17:59 GMT
Server: nginx
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
P3P: CP="CUR ADM OUR NOR STA NID"

POST
H3 200 videoplayback Show response
rr4---sn-4g5edndk.googlevideo.com/ Frame E89D 157 KB
157 KB 40ms
40ms Fetch
application/vnd.yt-ump 2a00:1450:4001:23::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5edndk.googlevideo.com/videoplayback?expire=1704449875&ei=84KXZZbVMYSni9oP65268AU&ip=2a01%3A4a0%3A1338%3A92%3A%3A5&id=o-AO8PQlPJw7N3B-nKy_agg1L_EBSVF2mFqxftx_3uPFCs&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=X7&mm=31%2C29&mn=sn-4g5edndk%2Csn-4g5e6nze&ms=au%2Crdu&mv=u&mvi=4&pl=36&spc=UWF9f7v4B56we2VYJ6I-UhDCN5CZVMMIAgkqj1-2ww&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=dkpzbUIHg4FMR2IhcmuotS4Q&gir=yes&clen=14209842&dur=987.941&lmt=1704416062663306&mt=1704427317&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=3fc306-fr6rSfQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIgHQHIyWuF8EB_dQ9umraEGdiWlp9R14z5bmjXWSzn2CcCIQCdF9MEOs9Xd2PrWZbNVa98u88lm-H4I9FdTcN_zG9k1A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl&lsig=AAO5W4owRQIgX0p25dWpOECFoO-4Aa92uD5RQxfjtlE6aapvga6GT1UCIQDxv2XAQCId3Zokl4BSd-emIfP3a8TDIuug_5-1rcLFEg%3D%3D&alr=yes&cpn=1ZXV1NBrIDBDrqO3&cver=1.20231217.00.00&range=269106-430127&rn=8&rbuf=14222&pot=MnRYfRyeXdvTfFhFnMx1fria0iprlQhB0b2_I0IDsoYpC3TY47228pfZiqJaC9L5w3rYPqsW3hMvziOIFQbtB_FIZoQ4O3j83rDXuL3qiu7IwmETKkSajQDerua8DwqhggPiTo_5dHwU8O5LCEf6PoWrTNCAhg==&ump=1&srfvp=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:23::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

eb72a93aa7c362ab04da7da3ef8419dbf01182aa7668360359c58823fe668a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 05 Jan 2024 04:18:00 GMT
x-content-type-options: nosniff
last-modified: Fri, 05 Jan 2024 00:54:22 GMT
server: gvs 1.0
vary: Origin
content-type: application/vnd.yt-ump
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21295
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: https://www.youtube.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires: Fri, 05 Jan 2024 04:18:00 GMT

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame E89D 0
19 B 54ms
54ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=1ZXV1NBrIDBDrqO3&ver=2&cmt=4.571&fmt=397&fs=0&rt=5.09&euri=https%3A%2F%2Fwww.upmedia.mg%2F&lact=5120&cl=591746904&mos=1&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20231217.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&epm=1&delay=4&hl=de_DE&cr=DE&len=988&fexp=v1%2C23983296%2C21348%2C2602%2C73492%2C54572%2C73455%2C176963%2C53633%2C84737%2C25688%2C9542%2C1088%2C6271%2C26439494%2C4054%2C1930%2C5181%2C9369%2C1556%2C1141%2C5877%2C2251%2C859%2C1094%2C4014%2C5499%2C4683%2C1360%2C945%2C7649%2C2008%2C4552%2C6946%2C3033%2C5178%2C1497%2C4474&afmt=251&muted=1&docid=EEDdbjTdy7c&ei=84KXZZbVMYSni9oP65268AU&plid=AAYOKyHtNu0gNuUf&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FEEDdbjTdy7c%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26playlist%3DEEDdbjTdy7c&list=TLGGvzERbbpB5uUwNTAxMjAyNA&of=o7q1gBZhegHlYrntZqhXmA&vm=CAEQARgEOjJBSHFpSlRLSGVaYlhDMThzSzRBUFdFSEdHQ2VHSzRJUG9xVW16Ni1IRkRVd1NBTXI2d2JsQVBta0tESlJDbHF5Z2N5cXctRGV3Q2VHVWdoanRSNXF4TGVYOWxEYmhWZWhycThmek9fYnR0OGlpbGtMRHBPQy1sejhnSkhVT29uWGdMdm4xc0dHTEZVcy1nWlRlVk5adGFJakJkQzVDMTFOaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275686&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:00 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 watchtime Show response
www.youtube.com/api/stats/ Frame E89D 0
17 B 47ms
47ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=1ZXV1NBrIDBDrqO3&ver=2&cmt=5.488&fmt=397&fs=0&rt=6.007&euri=https%3A%2F%2Fwww.upmedia.mg%2F&lact=6037&cl=591746904&state=playing&volume=100&cbr=Chrome&cbrver=120.0.6099.129&c=WEB_EMBEDDED_PLAYER&cver=1.20231217.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&autoplay=1&delay=4&hl=de_DE&cr=DE&len=988&rtn=16&afmt=251&idpj=-5&ldpj=-36&dtm=1&rti=6&size=978%3A550&inview=0&st=0&et=5.488&muted=1&docid=EEDdbjTdy7c&ei=84KXZZbVMYSni9oP65268AU&plid=AAYOKyHtNu0gNuUf&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FEEDdbjTdy7c%3Fautoplay%3D1%26mute%3D1%26loop%3D1%26playlist%3DEEDdbjTdy7c&list=TLGGvzERbbpB5uUwNTAxMjAyNA&of=o7q1gBZhegHlYrntZqhXmA&vm=CAEQARgEOjJBSHFpSlRLSGVaYlhDMThzSzRBUFdFSEdHQ2VHSzRJUG9xVW16Ni1IRkRVd1NBTXI2d2JsQVBta0tESlJDbHF5Z2N5cXctRGV3Q2VHVWdoanRSNXF4TGVYOWxEYmhWZWhycThmek9fYnR0OGlpbGtMRHBPQy1sejhnSkhVT29uWGdMdm4xc0dHTEZVcy1nWlRlVk5adGFJakJkQzVDMTFOaAI

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/da154528/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/EEDdbjTdy7c?autoplay=1&mute=1&loop=1&playlist=EEDdbjTdy7c
X-YouTube-Client-Version: 1.20231217.00.00
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtCX3FZRGdZX3c4USjzhd6sBjIKCgJERRIEEgAgRQ%3D%3D
X-YouTube-Ad-Signals: dt=1704428275686&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C978%2C550&vis=1&wgl=true&ca_type=image

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:01 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 1625
Redirect Chain

https://www.facebook.com/v2.12/plugins/page.php?adapt_container_width=true&app_id=125239581431127&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

158ms
157ms

Document
text/html

2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24b03f18900e44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ffaf41300ad88c8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=badc2f4512f3bcd8194c65897111ba1c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 05 Jan 2024 04:18:05 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: g/P7vKw7ak8EjoBeNYzSUlEuOE1pURs0ejvChgXj3tCzaAqHdfWhMRDBmmZj5Zl/wo73MqhWTapB3OrjiztPgA==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 04:18:05 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D125239581431127%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df24b03f18900e44%2526domain%253Dwww.upmedia.mg%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.upmedia.mg%25252Ffaf41300ad88c8%2526relation%253Dparent.parent%26container_width%3D300%26height%3D715%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FUPMEDIA.MG%252F%253Ffref%253Dts%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26tabs%3Dtimeline
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), display-capture=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), keyboard-map=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: pkHqe6eQn/Yr+SiD4uYZ2IhI6kiXo7vOAuZMvMdo5pQ07uXw+AHIvngMEPlZBygD6Xq2qD4yedVNrGgVNzbz3g==
x-xss-protection: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 129ms
128ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19d9929cc88efaa78d16ff54cfebb678bd8f47913c7f586f9546035a5da35e30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29394
x-xss-protection: 0
server: cafe
etag: 974 / 19727 / m202312070101 / config-hash: 147569701560198365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 05 Jan 2024 04:18:05 GMT

GET popad_close_button.png
sslcode.adgeek.com.tw/public/images/ 0
0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 71 KB
26 KB 97ms
96ms Fetch
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=569871508216661&correlator=3067141099728504&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fifs&iu_parts=303462569%2Cupmedia_content_336280_1%2Cupmedia_content_336280_2%2Cupmedia_content_336280_3%2Cupmedia_content_160600_1%2Cupmedia_interstitial%2Cupmedia_all_anchor%2Cupmedia_article_inread&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7&prev_iu_szs=300x250%2C336x280%7C300x250%2C336x280%7C300x250%2C160x600%2C1x1%2C728x90%2C300x250&ifi=1&sfv=1-0-40&ists=4&fas=0%2C0%2C0%2C0%2C8%2C0%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1704428285112&lmt=1704428285&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C1476&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C1292&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C300x0&fws=1026%2C1026%2C1026%2C1026%2C1026%2C1664%2C1024&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=317687571.1704428275&ga_sid=1704428285&ga_hid=1492994485&ga_fc=true&dlt=1704428274792&idt=786&adks=2258178487%2C1311054807%2C442682614%2C2586341790%2C1626263156%2C2370275117%2C504298237&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b707a91ada5505143756f7db3686e085a289ef7b011139c92a67344ab8426996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25881
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,6427492304
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,138457837957
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 180ms
88ms XHR
application/json 2a00:1450:4001:809::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312070101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

fe9ad446004f69bce642c3c222078b9935ca17cf0c51770cda8040ee1ed26b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12206
x-xss-protection: 0

GET
H2 200 container.html Show response
62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8925 6 KB
3 KB 155ms
46ms Document
text/html 2a00:1450:4001:809::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.upmedia.mg/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Jan 2024 04:18:05 GMT
expires: Sat, 04 Jan 2025 04:18:05 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 39 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f3eaaa770eff2dd12e4ad3de6868aa06091c8a8fd1b62f3524f6ad522f0c58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50819
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13829
x-xss-protection: 0
server: cafe
etag: 3470722564403224980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 03 Jan 2025 14:11:06 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1016 B 147ms
46ms Script
application/javascript 2606:4700:20::ac43:4bf1

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:18:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 27 Nov 2023 07:14:08 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 680596
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWO3XYR4ELMTBmD0aVnMAD8s2YQyQcQsdNiB6hC2qvX1cxaE8VBvsZ1vLQalXK9moIFjFY6Pem%2FxQb9CPf3fecXwyrXjsrpJZWpyTSdRDi4E5XiWC%2FNWaq87OdKC0vWzg8LxklJaeQw8teWO"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 8408ea4f88541e4d-FRA

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
170 B 149ms
43ms XHR
text/plain 145.40.97.67

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.67 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Fri, 05 Jan 2024 04:18:04 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://www.upmedia.mg
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST /
ghb.adtelligent.com/v2/auction/ 0
0

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
381 B 200ms
69ms XHR
application/json 88.221.169.49

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.49 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.upmedia.mg
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Fri, 05 Jan 2024 04:18:05 GMT

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 186 B
564 B 285ms
143ms XHR
application/json 5.135.209.97

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.135.209.97 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.upmedia.mg
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
mp.4dex.io/ 66 B
476 B 149ms
58ms XHR
application/json 2606:4700:4400::ac40:994e

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:994e -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

x-version: 3.0.0-gcp-ams
date: Fri, 05 Jan 2024 04:18:05 GMT
x-err: Shapings: no adunits with size and seat and mapping
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: gzip
x-warn: Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond7281
pragma: no-cache
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 8408ea4f9ef82c52-FRA
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 334 B
849 B 284ms
114ms XHR
application/json 2602:803:c003:200::45

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=385798&zone_id=2148672&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11633,1,,,&eid_pubcid.org=9cbac60e-e43f-463b-a5dc-266dc7f6f576%5E1&rf=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&kw=ACE%E7%8E%8B%E7%89%8C%E4%BA%A4%E6%98%93%E6%89%80%2CMOCT%2C%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%2C%E6%9E%97%E8%80%BF%E5%AE%8F%2C%E6%BD%98%E5%A5%95%E5%BD%B0%2C%E9%AD%94%E5%88%B8%E5%B9%A3%2C%E8%A9%90%E9%A8%99&tg_i.domain=upmedia.mg&tg_i.page=https%3A%2F%2Fwww.upmedia.mg%2Fnews_info.php%3FType%3D24%26SerialNo%3D191749&tk_flint=pbjs_lite_v7.54.5&x_source.tid=209410e7-c887-40f3-8bfd-0dc83ce2a3d8&l_pb_bid_id=1274f78e3136f04&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=209410e7-c887-40f3-8bfd-0dc83ce2a3d8&rp_maxbids=1&slots=1&rand=0.12454003909197753
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::45 -, , ASN (),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 87435410646d968ee063aa9922daa9186985bf8baf5362f009b35a80346742da

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:05 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.upmedia.mg
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
647 B 155ms
61ms XHR
application/json 34.120.63.153

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by: Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: 605ead2e45f51e7dd9212dda1f2cd9c83316c25505a59df40c914098514f2f18

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 05 Jan 2024 04:18:04 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.upmedia.mg
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 13
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 05 Jan 2024 04:18:05 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
193 B 207ms
87ms XHR
text/plain 2a02:2638:3::7

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=5611882778&lsavail=1&bundle=OX84PV84U29EOGlCNnhVWkp6VElrMkk1aDB1WnFCcHlIMWhQMHBrTmoxdlNJbzVpb3Q4dGMzOFk0VW5oaHRvYXJHMFd6YWJnRyUyRnhXeG53WEMlMkZVbVFFUUkyWGdQJTJGcnV0SXY5V0hOMmROOFdDRXJreW5UVWkwS2Y1U1c3dTY1QiUyRjh5NTRkTWhLN1REWm1IJTJCWnlNU3JkWjJFTGRRJTNEJTNE

Requested by

Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.upmedia.mg
date: Fri, 05 Jan 2024 04:18:05 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
411 B 131ms
42ms XHR
application/json 51.75.86.98

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-regular.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 -, , ASN (),

Reverse DNS

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.upmedia.mg/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.upmedia.mg
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST hbjson
grid.bidswitch.net/ 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D8A4 0
0 79ms
78ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWO0RZEzgorN1vGQZHbsFrsMQbme7gagpb79udZi6yW7aL_vpoynqiBZaK4FwJgcisINWoXPBiKVjUEahRsv-_Gq_H4VQxQlSi28c4QuGEoMx0gviuWVZKKv_da9sD2f3wm-7XEcIdcwcWOMFr2H-OlAw3cJWycVcMX3RUNDvpe_YyQUIfgGkyWhiSoaP2-w3Q-68LACtunyddLeAj2H2qfXmtZhmzR_-zCvpIEf3XK6W9uiK8S2IvKTewZjiGSjxAgPSSQs5I2U_OWXCr4YmNyMVssw1k3-sME6bp1Wc4gWgtawCnIn5eSCUMjCMXdEz8A8H4W6tUKJ3LJNjubI4i8yuHgMAtguk&sai=AMfl-YQAHZZj_3B81X639De2PsW-_sFxOcLHR3xcfJ5ne1F0UAKYZXdL3ut4JFeJjJFo52bAuH3a3-l9YItZURPjbmSktGHKCCY_Zq1QkiOYb_QzOb8-CQT5Y_q6nYjRmGg&sig=Cg0ArKJSzBUyJwETsFLZEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.upmedia.mg
URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame D8A4 23 KB
9 KB 145ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame D8A4 3 KB
1 KB 149ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 14:37:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Jan 2024 14:37:27 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8A4 204 KB
64 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65775
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704286440049996"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 05 Jan 2024 04:18:05 GMT

GET
H2 200 3197189910167996096
tpc.googlesyndication.com/simgad/ Frame D8A4 78 KB
79 KB 147ms
46ms Image
image/jpeg 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3197189910167996096

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

88e5b593534d3e7fa7a0348ed562180ec3738a310d29c38c56005deb03f18a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 31 Dec 2024 23:40:14 GMT
date: Mon, 01 Jan 2024 23:40:14 GMT
x-content-type-options: nosniff
age: 275871
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80075
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 14:20:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame D8A4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc813bf2055ac945f35bc91d6688e6ba70a34a19678b4d972b53f3419ac087cc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 218ms
126ms Script
text/javascript 2a00:1450:4001:82f::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 04:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 05 Jan 2024 04:18:05 GMT

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 128ms
47ms Fetch
application/javascript 2606:4700:20::ac43:4bf1

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.upmedia.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Fri, 05 Jan 2024 04:18:05 GMT
Content-Encoding: br
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 593976
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 07:14:07 GMT
Server: cloudflare
ETag: W/"6faf3acfde3bb82adada71be4fc1deb0"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLcNnLNQdaOUx9YrMsuGPyJ2akdvurDB7ajaxxqjq%2BhA1DRr8Bmr%2BtKzGLOX8vcUuGODsFUa9Jbo2sSLaQnNQqB27J%2FGHTTk2j5CiAgjGq2LL0EnSAqA8p7f7nlMifFF431Vt6%2BJZf5nUX02"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 8408ea50590e37e8-FRA

GET view
securepubads.g.doubleclick.net/pcs/ Frame D8A4 0
0

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A6BB 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame 0123 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Domain: sslcode.adgeek.com.tw
URL: https://sslcode.adgeek.com.tw/public/images/popad_close_button.png

Domain: ghb.adtelligent.com
URL: https://ghb.adtelligent.com/v2/auction/

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: grid.bidswitch.net
URL: https://grid.bidswitch.net/hbjson

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuh8Y2psEV5e35bcZB_NjbCDSJYbcQTEvXHGAc5MzhAGdMDbPSNuLFx6Fk3xyncni5fNSl3Iw2Msm92gR-ysxSnCPbGIftNtdhHcFwRGaM3vSzqJwkLKL8uwDNub1SjM-fpv4S4ihwKvzIXGruiZf8OZJgXs1Xw3CKvB2-E_57x423v3fXcOCxXpORBV1wc-n9RWe6Zs2NF7_vAkYnw15uKvIudOWxLbzB-Hy6iOsYmz1f4i6meKYGU56z_xNg5QFwo2yAemnIy0ccceE9skgHRD2qxixnzxtebDzGM5psrejZgMsN5Bupwe2NV-lExumbl1yVhKDHODPT8YoCGHOUKcZAoxTie-p6-cA&sai=AMfl-YQkdYgIe1YcWXasuToZI9eihJWcYgGktYhUDlpqalFNcN-HurjamLKO8W8i0c3hZwy9sbTxkXXTDhKNdkdGawLdCQnAhAECkDaPDeIT5CioVs4TyrgYToSkl1FICco&sig=Cg0ArKJSzHQXSYWq4cGYEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

461 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.upmedia.mg/	1970-01-20 17:28:34	Name: _gid Value: GA1.2.284950230.1704428275
.upmedia.mg/	1970-01-20 17:27:08	Name: _gat_gtag_UA_80236651_1 Value: 1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: W-ocuvnUX4E
.youtube.com/	1970-01-20 21:46:20	Name: VISITOR_INFO1_LIVE Value: B_qYDgY_w8Q
.upmedia.mg/	1970-01-20 19:36:44	Name: _gcl_au Value: 1.1.522058696.1704428275
.upmedia.mg/	1970-01-21 03:03:08	Name: _ga_DQPHBPSR3Q Value: GS1.1.1704428275.1.0.1704428275.60.0.0
.upmedia.mg/	1970-01-21 03:03:08	Name: _ga Value: GA1.1.317687571.1704428275
.upmedia.mg/	1970-01-20 19:36:44	Name: _fbp Value: fb.1.1704428275551.1490815832
.likr.com.tw/	1970-01-21 03:03:08	Name: uuid Value: c8ac6a0e-33ec-48bc-8380-951dc1770eff
.likr.com.tw/	1970-01-21 03:03:08	Name: AviviD_uuid Value: c8ac6a0e-33ec-48bc-8380-951dc1770eff
.upmedia.mg/	1970-01-21 03:03:08	Name: AviviD_uuid Value: c8ac6a0e-33ec-48bc-8380-951dc1770eff
.upmedia.mg/	1970-01-21 03:03:08	Name: AviviD_refresh_uuid_status Value: 1
.upmedia.mg/	1970-01-21 03:03:08	Name: webuserid Value: a301ec10-8fdb-75c0-2e54-867ea3ee7435
.upmedia.mg/	1970-01-20 17:27:08	Name: lotame_domain_check Value: upmedia.mg
.criteo.com/	1970-01-21 02:48:44	Name: uid Value: 3af66c7b-b441-4e9e-be1f-22392324d77d
.criteo.com/	1970-01-21 02:48:44	Name: receive-cookie-deprecation Value: 1
www.upmedia.mg/	1969-12-31 23:59:59	Name: PHPSESSID Value: d52nkouqevfl3hjgh874mf814f
.openx.net/	1970-01-21 02:12:44	Name: i Value: e77eeda7-f4db-48f7-aaa9-c6e9330e67cb\|1704428276
www.upmedia.mg/	1970-01-20 18:10:20	Name: _pbjs_userid_consent_data Value: 3524755945110770
.upmedia.mg/	1970-01-20 18:10:20	Name: _sharedID Value: 9cbac60e-e43f-463b-a5dc-266dc7f6f576
.upmedia.mg/	1970-01-21 02:48:44	Name: cto_bundle Value: OX84PV84U29EOGlCNnhVWkp6VElrMkk1aDB1WnFCcHlIMWhQMHBrTmoxdlNJbzVpb3Q4dGMzOFk0VW5oaHRvYXJHMFd6YWJnRyUyRnhXeG53WEMlMkZVbVFFUUkyWGdQJTJGcnV0SXY5V0hOMmROOFdDRXJreW5UVWkwS2Y1U1c3dTY1QiUyRjh5NTRkTWhLN1REWm1IJTJCWnlNU3JkWjJFTGRRJTNEJTNE
.advividnetwork.com/	1970-01-20 17:27:10	Name: __cf_bm Value: 4C_q16lMCac5zu8ab.02zv3KOaV10l2VNfy_YZDcrLo-1704428276-1-AZx4Pg8R1f//AATQIz6YPqXNwXTdT6RwSf95Ho61uTsHL09lyTNU2gi68D+O9asRqqbQqz7emuQKcBCuWXDBGgg=
.upmedia.mg/	1970-01-21 03:03:08	Name: AviviD_sw_version Value: 1.0.868.210701
.upmedia.mg/	1970-01-20 17:28:34	Name: show_avivid_native_subscribe Value: 1
.advividnetwork.com/	1970-01-21 03:03:08	Name: AviviD_uuid Value: c8ac6a0e-33ec-48bc-8380-951dc1770eff
.upmedia.mg/	1970-01-21 02:12:44	Name: _ss_pp_id Value: c3d0b51b5070f687fe01704424676834
.upmedia.mg/	1970-01-21 03:03:08	Name: AviviD_tid_rmed Value: 1
.upmedia.mg/	1970-01-20 17:28:34	Name: AviviD_already_exist Value: 1
.upmedia.mg/	1970-01-20 17:28:34	Name: AviviD_show_sub Value: 1
.upmedia.mg/	1970-01-21 03:03:08	Name: _td Value: dae4a31c-2558-405a-9a96-2d1267535494
.tenmax.io/	1970-01-21 03:03:08	Name: uid Value: 67b8cfc0-ab81-11ee-9e6e-97afde721662
.upmedia.mg/	1970-01-20 17:37:13	Name: AviviD_token_retake Value: 0
.popin.cc/	1970-01-21 02:12:44	Name: uid Value: c3d0b51b5070f687fe01704424676834
ssp.tenmax.io/	1970-01-21 03:03:08	Name: sspuid Value: fd769bbd-005f-4c21-9b79-b21e73abbf7f
.tenmax.io/	1970-01-20 17:28:34	Name: wt Value: 1
.tenmax.io/	1970-01-20 17:28:34	Name: pb3 Value: doubleclick
.tenmax.io/	1970-01-20 17:28:34	Name: ul Value: 514624859
.doubleclick.net/	1970-01-21 02:48:44	Name: IDE Value: AHWqTUkX1Dg_xzsuw1LFkU5uLloBQ9oFHr0FBQ674uS936tVbNkM1uY2emJ8-F0nR3c
www.upmedia.mg/	1970-01-20 17:47:17	Name: _tg_IM Value: 1
.tenmax.io/	1970-01-20 18:10:20	Name: x_dblkuid Value: CAESEIyixVlZalX8E0yoKyoaDik

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://www.upmedia.mg/news_info.php?Type=24&SerialNo=191749 Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62915023c335e2fec5fa5a96fa673db4.safeframe.googlesyndication.com
a.teads.tv
ad.tagtoo.co
ajax.googleapis.com
api.popin.cc
api.pvmax.net
auto-load-balancer.advividnetwork.com
auto-load-balancer.likr.com.tw
avivid.likr.tw
avividone.likr.tw
bcp.crwdcntrl.net
bidder.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.pvmax.net
cdnjs.cloudflare.com
certify-js.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
dmp.tenmax.io
ecs.tagtoo.co
event.tagtoo.co
fastlane.rubiconproject.com
firehose.ap-southeast-1.amazonaws.com
fonts.gstatic.com
ghb.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
jnn-pa.googleapis.com
kinesis.ap-southeast-1.amazonaws.com
log.popin.cc
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
pagead2.googlesyndication.com
platform.twitter.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.media.net
prg-apac.smartadserver.com
pvmax.tenmax.io
r.popin.cc
region1.analytics.google.com
rr4---sn-4g5edndk.googlevideo.com
rtbcdn.andbeyond.media
rtbdemand.apiip.net
rtbpass-us.andbeyond.media
sb.scorecardresearch.com
script.4dex.io
securepubads.g.doubleclick.net
sslcode.adgeek.com.tw
ssp.tenmax.io
static.criteo.net
static.doubleclick.net
stats.g.doubleclick.net
sun.advividnetwork.com
syndication.twitter.com
tags.crwdcntrl.net
tenmax-static.cacafly.net
tpc.googlesyndication.com
ttd-cm.tagtoo.com.tw
tw.popin.cc
uec.tagtoo.co
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.upmedia.mg
www.youtube.com
yt3.ggpht.com
certify-js.alexametrics.com
ghb.adtelligent.com
grid.bidswitch.net
ib.adnxs.com
securepubads.g.doubleclick.net
sslcode.adgeek.com.tw
tpc.googlesyndication.com
www.google.com
104.244.42.136
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
125.227.53.93
13.251.113.110
13.251.113.78
142.250.186.130
145.40.97.67
151.101.131.52
162.19.138.83
18.143.114.132
18.239.83.98
192.124.249.153
2001:4860:4802:32::36
2600:9000:2250:d400:a:e047:753:a221
2600:9000:236e:de00:2:d490:4d80:93a1
2602:803:c003:200::45
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:2b5e
2606:4700:10::6816:3af9
2606:4700:10::6816:3bf9
2606:4700:10::6816:9ee
2606:4700:10::ac43:266a
2606:4700:10::ac43:290a
2606:4700:20::ac43:4bf1
2606:4700:4400::ac40:994e
2606:4700::6810:5614
2606:4700::6811:190e
2a00:1450:4001:23::9
2a00:1450:4001:802::2008
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2016
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:400c:c0b::9a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3121::3
34.102.146.192
34.102.218.41
34.107.150.21
34.107.231.31
34.111.12.34
34.120.135.53
34.120.63.153
34.96.83.10
34.96.95.4
34.98.64.218
35.186.245.165
35.244.186.85
5.135.209.97
51.75.86.98
52.163.200.170
54.246.43.192
65.9.66.68
88.221.169.49
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
024072911215ced86db1ae2792e038499e2f1c28913a514731eaa9611c973046
030680d4f2f00af04f0833dfb31ddf08490896150ddd89c1bc547e10a21ad4bc
059216c5ffb533ec0980b8f88f777909a8d22c46b467aec4d5bb8fc4d7080cac
062c5ab335ffe26393b26c630521fdeac75d202bdf32a168b93535755e0b1a71
09516b3d1aeadac79acfe777d0caac94dd2007ae3e4a04838b45f63186b9e3e6
0a1be9981c0d8e130ef5bc7fecac75fb26a7428b9e91a8faedda343db76f2a6a
0d4b750495ed2679e51faa2c60a97f9e6d901e9726d879ef405406be283b3d74
0fabf6e82315f347ff8c9b6a921ab72f63746815650fd4aabf41d4475583b796
12848b451a2e726fc8821d1d3564f11023e451ed77c4ecb0ea29938a673b3704
148f0ae9490b5b176040529a78498de9b0576f5b0c30cef4f7ebb43f9696f8cc
14b09646c9055c9e2fa4cd89bc4c6f8a1e9758fcb3533195f7bd3d1128ab29c1
152e9c469c48f72f62d6fdc2655ae1a2836e2ca4585abf57dd43fec7d98eea6c
15380afad9acb04107242637c714e0a35d176df892afb92ebe8ffbc49370452c
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
192742672a5a9bb357b5b6d1d8a850e838634ac7ce9f5647472a74cc9ac0b759
1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19d9929cc88efaa78d16ff54cfebb678bd8f47913c7f586f9546035a5da35e30
1a9bb72d57b0023edad692359d5eee11c4930b400fda64116c47ca609daad3ea
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c61c13437107fbd44d1d635de495343f36ea1f0e2535f4fc1b3e55ee0a20b7b
2070a8493620032c86601f0de585c528d3ed8c9d2da0fd50b74a4391aedd8245
20d1b3e68226539ee1befa4e362c8be95c062686cc9556d422135c9df7cabcb9
22e641c19e2deab3ff8d58f8c7830b38c22278aef37fdf0cd44006789be1818c
23fe0600be2a9516c3806e1f896b0ce90b9e166ce18013982a3f516acc30f9f7
26305a08644b4f51b55812cf0ecf879c22da303a365b3d2769baa1b54c028c4d
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757
294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a
2a1070407509af8b7043eb73fa5861267deae8166558b5531b9f3beae17ce485
2a6c2ee6907e4997f221a2a46bf8faee0eacec736d54a6973a311876db5f3aff
2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5
2d66b8ffeba26235dc47c0232095430c72810d91567b6d24795470305a73af41
2e43938512568a6819be40d8c79292dc4b5d9ac9888f23a9f5ba931f98ce81aa
2ea2cef2fd04e1bbc69ebc2dd378d00da564ae8517a7c14869cc7abd534c5714
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
3043d22b2fa30770a01a86cbcbfc9b5f8fa6443f5a389566cf640c7d27b08e15
30fe2b25061c04e45888d4eccbe63e113ad09715a8ee40d87485f188a526aa2d
311cf3a7782168ebcc0f85de83dc1474072fba0e835e3a5a565c5061c4d7a4a8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
39785e11f5691152f2df6618fd7ec32f634ae712fd72cbdd9e5e5e951b45c5d4
3a59fc0dd7badbd25ef4d8d9d8ddc9c91e456c9cd5863ff30fdade102b62f869
3aa60dbc4122ed54c3966d9175404bdce24976515e3c535f36ee45c18995a6c3
3bd28d8afda934a53f2efa9de21782c62bdd6e942bab96c9e68ca56dd8b66ff9
3c0f5260093d770d9f37b112bc019f2f9e71984903ab4b11ba27890e9019e2b3
3cf1e2a096c2058882d4893855db6c15bb630e077e92e0ee4604b4f0396094ad
3d0acbdbf663bf200a883d25af7a2b20e9688bc4293080cd0e655959ef5a69c9
3e1357c818d956fe67c5ef3b96f1f47f2d8e145c54412cc1deef78cc7142525a
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f202bb574cc59398eeb3d0670f31b283c0721fc2ffc9222ef80f995ef060355
4002c8bd93674c5c6880070a5b8a6f6a2bcc21b2101ccee15ebb972b572ea6e2
40b884c867463baa440972d7416aec427050d565f53beb176ae78fccae9a428f
41c5eea1f77978efdb0084dfb91c4ace1bc8fc67a5ffaafb99a77fadca7d84ea
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
42a7a8707a6917c666777176ba2c4a9ca6d88ff10e9cf6ddf4932ff05261f067
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45981e6dd07191215c6c0c9c1cf93592ee024fd464afb10bbef26269fd72e4f5
46185fbafe0ecfdb9d2fbaada40103c2a75c2248782174ada4f687f7decbaf9f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b398a342a9e3ecad72ae77c744cf397f67614ca4a6f5339fea677c3243df02
4bde421c6142e2559961f9a6816ccea09fcd22a25f69b4dff63b7edef5c1a68c
4c66cf58bddf9101dd5e3d83235728a64c8e7ef7032c4bcbbcc91b8aa7dcac18
4d9d125c18a5f900841261eff7da0d2edc3b6563a0f6cf06692285ca3b5fe0eb
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
4ef78091d8ec82bc91f8d492162c93bf5e4f10918aec5a02f91d6bb510e0c875
519eb98dcb4e16d19e91185a49cffd292b3cb5506cdbff0448583ba639b836a0
523a5fb369d89cf63830b479941136c43333a1b5de77501e936efe6a7b4761ef
52f77053aeac5db39deac325f3814adf1e904aca0c6d9abe75f7ef3c55405929
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5481765f622b39403585a7949bf7c5fd1809b0545e9cbc548d51960826170d69
54bd3e8c92eda6bcc148ef2f9e5c839f486cf4ce9f69bcedf115efd77046524d
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
5775210722b04af6444db7329d52aa668f4470eb9e48af3d827efdd5c75fcc38
577e87e8acd73bd1456dfe92268e606758fe7618dba72a1f9e13c7fec9714da6
59044ab3eeb1b76edcafa83ed2acadca0c766ad84d39297409b64f1363c40541
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ba1cc8ace5bd2f8b0b185898e42649829fd86f1c1f270d3596f3d41ae4c34f5
5d138c5b17501f785e873982ae8ad7f8f3887ecf9c7fe70399a58d82eda65db6
5ddedd642480ef6b72ffe45e23df552f60aefdcf4af281cdb864993cc88e2180
5e7df6c60a179d2271ef21754dcd1616423c59bba9164972968ac72c17aed020
5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b
605ead2e45f51e7dd9212dda1f2cd9c83316c25505a59df40c914098514f2f18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64229b60017b665467fe4d72964be46b7e778496264ca812f06cd82e15d21dbd
649d4783db788733ac163b19b4fae88a8b4de7f0eab3a170929ca0053e070c8d
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65d03eb82a79a732d7c0180593c4f5dc98a8fac5c20c3a5446c4f14bf93d280a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66b8f2fb39029419b8fbcaac2798310101f3f4db05c89cea4809c99504e58e6a
6785473e049e821b09e334869ce33fab0034b510485238f097fcdbe66acef187
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68de9947c014ba26a1d48132dc5a94697f4c575972d2944da8e496f5780fd7b2
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
6992d83fcac1c28fa9b9c3ec90974607559550e5f92eb6074452936f0e2686d3
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b02fa45218625795d89950fd645838c8c4d7f6cb7f893fef9a8e191bfb204af
6d73deec54e4aeacef135bdbb5d58b3e9303bcf034f7782764b7d1e70c2454ff
6e07437fb45e9859c791fb44505108c8d4556937ae5e02ea668df99174cb6869
6f2d0b710f1e5f0cc19f2100ea4b4b6ae5cb52c0821007ee28a7f2e36f83384a
70270e26cdc41ff47602e2bcdc1f24d740da3330e6466cd472c24b6821e93885
70ba07fd6d1fc71cc98aae93fa37effb594720b42297251546fa2e99c6be1b1b
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
71c96af12567c3c09cbe6d4b1172b5e11ffe3c2d7a7a37aeb70ef790a66dd6db
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
757857ebe0cb650050be4c105dbe0a767079ebaaa088a867fbf3ed140c86653c
75f3eaaa770eff2dd12e4ad3de6868aa06091c8a8fd1b62f3524f6ad522f0c58
7687e7b72fe197fc52758c909a411e9bf2be520837cc554c096031969c276e59
774915e94f884108351342686d8d979dd97fbf2f821185d4c522e80b008c09bd
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7b439d6ac9434fb1ad4c00994dbc583f9a7f3e3ff214f072a69fa26722e0a9c6
7b57890f365b051a5555063af9a79e58f8a3f428a1c844ac4ee9fa74c7412320
7b7afaefa86a84a0ac9e2fd396fd5dbdf082b39148235e03093ab6b1eb82535e
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7e25253ee10b0bbfaaf8af60858e4189cc56f88c62a961b539f853402099f098
7f523921b7e888f3e482e56d75c93f14b76dd9a20decf4b8f37d2a9542abb5cb
7fe1f0de8262a510e0db041c52569fe71dd3e24d25ec105d8a7aa5eca8084c5a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f7ae3b6cc221f09245207c1a643d267580bf13331fd9f8173539ece95522e8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87435410646d968ee063aa9922daa9186985bf8baf5362f009b35a80346742da
88e5b593534d3e7fa7a0348ed562180ec3738a310d29c38c56005deb03f18a01
892932278d65bb0621657e099c3528a7ddb08b1d32f12046016e6d0a79c27d9e
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
8a7f50eb2324c4a2d803c4829349512fa441c40c3f0e670efcb22f8167dfa3e4
8ab188cfb207f0d2fd5895aea864b0edd0c3ab20196275fca5253046fab51af2
8ac5c2f517ef1b1e2017a576aaa262db69ed65742b82558bee534d262baadce8
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8e65c6da6715082eaea3efab11a559f93924be383cb0b8a9450e2ad6380a49f2
93afb81d346b0114e1ea6edf6e4c9789481cea971f9b3a06cf7b7eb488ba05e1
95adf40da050083c87881931df97f86fd7a08f451421b30195be72aa3147ee4c
9628a65b1c9f6d580d18b1025e5224cfe10f21c66b73ca8763ba674ab7be814c
970039be8affcc2a4784a06e910565bd7511b6743376371298fd01b91e417223
9981148617bf2e7847ba4faa3dde61a3050648789368ad6521135ad924cd6d7f
9cdb5ec10c06e04d59cb9ffc3ee1f189e93dcd9a1d131e707735bf36220cf58d
9d14627315877e3e35018078dbe4c3974379bf4ee2b32e53259c5f9b025760d6
9ea310526754f1c40cbd0e5e02daa576916738ad23ddfc30b77bdc6f4961cade
a3688320685f45f6cc8b3682a78245467fc437d62d51355b89e6f597e4ae0a23
a38fe68e33aa576f6ad9c2998a77fab4db8979be1d186e3ad919a647a7bfba84
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0
aa81ca3af4294db272d0322126acff07bf55a1fb9a88daa037e50938309993a3
aad250d7b68535456c576dadf8c1851d4ec5375908a4d13f7e97da2e4cc663ce
ab40bc14232d4b94dc250241de7f3df1e175cd9fbf76d43b75f08fbe158bf83c
abbda51c88a9a22c60f30b677f8925355382798bfcabb143d3938400c484d0f4
abef6ffc61220379d3cd85339d0d566adcab9ac75f04afcd6952e03bcdca4de7
abfca4e99921285b4c8f134ad1796acc42945a3c71fa1adc8467c0aed83dfe46
ad268267fe98485289ee2b7e1a03f94992bbb01eba71d29e06c33a4fed34993d
ae67be935c6a44177dde5962fe863296f72daf2514bfa3179d53781591b283ef
ae6a4f3df1aaa87e1648e5cfd111f8664537e9407f0ac9fa7fb9c96d663a9d5b
aefc8e50742cf3f1a28c9eef6522e3d3b1e573af55a387b23015ed965df8d948
af17d4cff542b33c97ee3a95f82a21d8993c87fd3472dff534fa855828a3b615
b039de0e80f7c53bd86f110d909eabc03adcfbc8621e81b3d3bda6d726f60a8f
b375d6572fc9a3912b12547f609d3769cc37f317a14e5a5dcc9fe15b6faabf20
b4f2a0cf4380d7f723b76c7a3f215f34788035abd0f78e40fe9a594d7dc1e011
b5be37649b85163a595d3ea57f9cde11e5c7d39edd440caf5f2891b786ccae67
b653f2d721b7be044661fd5a3bd2e3bbe9b82498dba0ad46ecadc25c31601e3b
b707a91ada5505143756f7db3686e085a289ef7b011139c92a67344ab8426996
ba6f8add01e7b10ae197bfc322df9ca12adf6d880dfc585f96c79d7aaf1f0ded
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1
be90698b08cf8091fe3aca6886cf520014327ff4e1c69f2fed194b0c197cb874
c0c71676fd900840c2698979462826c6b244e220f06bd8a1622cd1d23986ce3c
c0dac38b5e95e80193665025abe33d3d8d3982624384d9744f154169d9906c22
c10d2ca03db89e32aea5a917dd71ae0b1e5acfddccf80494a33df642e954d458
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2128aee4d84b2513a2041de5de6c02a512197a8015d97d745b72a7d37a69df0
c28040d4b11422384111482e6d22d82db5afa545b7b819bb16ce571e45ee8401
c287fda21fe692127e9bcbf16dd92dd62edcbe10a0e2b52957a258ddabcc37d8
c3d257d95652655b6205c366c3a83df0edf40c6e82013adff9284354720cadfd
c3e0fc205ad46e9fa2364a2b71a69279d819abe128a489987e3aeb458612e441
c4c3f22be5182e9b846e11ba021d213598d2dd8371002c0e725df2caa30d0afc
c4ea9713bd2194cea344cfd4e0ccbfdd7b7de07b0740be240079dafd065ae5d7
c5bb6b710f8b7a370fa88c92946a84991d8848d36d7f366fa6e27630a3244d5f
c6c2b7bab05f229d52688154dfee125ec9dbb30500c940e028eea8796d4d0124
cad1436883ae57b803de89c2faba1f01ad21b733fb80609c52b8d3f63e673877
cf66b1a88c1b59fe8d1068ff7ec392816c6a8a43a1d0647bd940591f09974446
d03e6cfc885351b8f70e0c404d7ff62be7270d52941dfc09be3f588374322e1e
d2df93cdf82ecadb17fa1511e62333500fee1411eca884eb02d6ed77c2c1a339
d31ea67fc058798ed7aabcb9a1de49a790038940042873121617f643c4a948c0
d50750bfd26f65c0f76691d3deef3ab1acb2cc26bdc200504d3ac3e271cb6411
d5b585fa33bbf00e29420d3306dd6aa96e58a91060b9854980f9e057dbae16a7
d78f0575e240b8dcbbe845ae8782efb32bb08c83c80537fa609cd22a33718820
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3
d854531f9c3833536d6971b4fd7617dafe1a2c6fd0bbed9469122e73ff3b13a1
d8c103f04cc2a4c60e113ad877c0a65263b3e31478a251e89efef03063e277e6
dc0d73c41dbec615509751bcd61f60533890e105f419fc50e1143f9395ae5227
de259eb7ba7a0e45575deb33946f1fbc695c97c33145ae4e49af0069d010868e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8a41e157ef0da2ade162ac2dc3a95e99ae93f24be2e671deef7a0df9677c12
dfd68e03d7b553507febb49143ed808b0cb300d962a6203781b4735a678dcef2
e1ed332112466dd48d0ce36435c780728b5a2663ec3a27203b410b9c1b4e820a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46ac8065faa6aea677aba42f7827c8c4baecdbb629d72e66bf4d095bfac71be
e50b3437118e3987bcf15bbe18094b785119f764d2af29be181b531de3b1bb08
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e938f3e7121f845d5f8a92b1e5d084829a3dcfc075e7d7484a9a6fd5936667e3
ea9a7cc743f85d8125ace5b7f7dac003957cde3ee374e88d560acbab98317885
eaee8078dd8f6dcfc4770c584d7a42b3c26ae506377e3294c5a69b8f059431b6
eb72a93aa7c362ab04da7da3ef8419dbf01182aa7668360359c58823fe668a2f
ed5e0b23e098a4b9bee661a904db54dd8bcdbfce9438db83298465431b14a9ab
ed6f64d6c235e39942d7851ce64f1d68ab5cc00c60a933cb0e640eef0eb3e6c0
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee7b59f5d8015e38d01dbf32da2b32c233e65553d5dffe350ef369d7d5b4b58a
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0339e334c077ff7d80ddbcb9b2a170b6b53928c63e4ce0c1c904f60c514c33c
f092d56d7cf0d6afcd9e76c8538638f13ca61e1a96508f279abceded94d84246
f0f4648d859154eaa5756f3aa53477880e5b196a940eceeeb7c872bd90f859d8
f134627eb3f3bfc8c2cfa31b31d159f4a34d983f1c10fdf44137029bd79063f9
f38cb1fbc3c4590541b90ad9b2de8a16c2cd49f0910267c5e2c2477c4a024743
f391358d52bc90c43a751754cd67a3ef99319b67a9bc4153c248df8830f5e466
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f555d131bc70a518438551247e8b9d491059789c996083667f53df05e9cda326
f6b32f5820acbfadd372e59d7a06cd93b7d2f080aa6008d1430fe51bb6203d48
f7f0ab9cd528d7c7472d26a2f9f73cbe20cea0a5a9b8ad30b38a3bc878ea43e3
f89a0b8fbca92b5c3dc319064475de033458c7cd4fcdbbd8bac30da5547b0e1d
f974a68c6aef2854af3b8d1597560f6f62f772a1c7a77379bc4f31a12f67f7c9
fbb5a700094409ba321ed63b2d293f1acb6934c15c4999fe206ba553a1ceda12
fc813bf2055ac945f35bc91d6688e6ba70a34a19678b4d972b53f3419ac087cc
fe20a993ae539a56ec5c5f6e9991a77eb9874de4aefb05e91addf16e10142a8b
fe74ac0a00e0ef9c39223ed68f3552f6eec39c824f793f047f53fccc67d983ee
fe9ad446004f69bce642c3c222078b9935ca17cf0c51770cda8040ee1ed26b03
fea484e9d5904c802bb4e26a7273d7c4ccb754c972e6e1502c70e462c1d189cc
fefd09307baf0332b143c3c14fb6851c10e354362510d85a0c43d7e3c479093c

www.upmedia.mg Open in urlscan Pro 192.124.249.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

274 Requests

96 %HTTPS

55 %IPv6

53 Domains

83 Subdomains

74 IPs

8 Countries

12851 kBTransfer

20861 kBSize

40 Cookies

22 Outgoing links

Redirected requests

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.upmedia.mg Open in urlscan Pro
192.124.249.153 Public Scan

Screenshot
Live screenshot

Full Image

274
Requests

96 %
HTTPS

55 %
IPv6

53
Domains

83
Subdomains

74
IPs

8
Countries

12851 kB
Transfer

20861 kB
Size

40
Cookies

274 HTTP transactions
4 data transactions