www.storm.mg Open in urlscan Pro
13.32.21.27 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.storm.mg/article/3553076
Submission: On March 23 via api (March 23rd 2021, 1:28:19 am UTC) from SG

Summary HTTP 850 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 122 IPs in 13 countries across 70 domains to perform 850 HTTP transactions. The main IP is 13.32.21.27, located in United States and belongs to AMAZON-02, US. The main domain is www.storm.mg.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 1st 2020. Valid for: 2 years.

This is the only time www.storm.mg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
71	13.32.21.27 13.32.21.27	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
99	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:200... 2a04:4e42:200::621	54113 (FASTLY) (FASTLY)
1 3	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
1	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
17	104.108.42.51 104.108.42.51	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.58.98 65.9.58.98	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
28	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	54.150.150.172 54.150.150.172	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:206... 2600:9000:206f:ca00:1d:68e4:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
22	65.9.58.81 65.9.58.81	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
11	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
13	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
106	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:710... 2a02:26f0:7100:48a::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.226.155.13 13.226.155.13	16509 (AMAZON-02) (AMAZON-02)
1 3	184.25.115.49 184.25.115.49	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
2 66	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
9	3.35.249.226 3.35.249.226	16509 (AMAZON-02) (AMAZON-02)
3	65.9.58.62 65.9.58.62	16509 (AMAZON-02) (AMAZON-02)
2	52.198.167.159 52.198.167.159	16509 (AMAZON-02) (AMAZON-02)
4	192.229.233.139 192.229.233.139	15133 (EDGECAST) (EDGECAST)
1 2	2620:119:50e4... 2620:119:50e4:101::6cae:b55	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:f48:2000... 2a00:f48:2000:1023::3	47447 (TTM) (TTM)
46	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
1	13.226.155.103 13.226.155.103	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:10:... 2a02:26f0:10::214:b4a1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	34.237.155.161 34.237.155.161	14618 (AMAZON-AES) (AMAZON-AES)
2 4	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	210.59.219.31 210.59.219.31	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	115.88.123.125 115.88.123.125	45974 (NHN-AS-KR...) (NHN-AS-KR NHN)
1	211.231.100.211 211.231.100.211	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
8 12	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	3.35.111.161 3.35.111.161	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:710... 2a02:26f0:7100:484::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
28	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2016	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
4	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	52.206.107.130 52.206.107.130	14618 (AMAZON-AES) (AMAZON-AES)
1	52.206.105.201 52.206.105.201	14618 (AMAZON-AES) (AMAZON-AES)
3	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
3	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	185.59.220.198 185.59.220.198	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3 9	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	3.113.254.193 3.113.254.193	16509 (AMAZON-02) (AMAZON-02)
3	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
3	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 9	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	213.19.162.31 213.19.162.31	3356 (LEVEL3) (LEVEL3)
1	193.122.174.27 193.122.174.27	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2 6	52.59.121.220 52.59.121.220	16509 (AMAZON-02) (AMAZON-02)
2	52.3.103.250 52.3.103.250	14618 (AMAZON-AES) (AMAZON-AES)
4 6	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	13.58.174.102 13.58.174.102	16509 (AMAZON-02) (AMAZON-02)
1 1	116.202.172.174 116.202.172.174	24940 (HETZNER-AS) (HETZNER-AS)
1 12	3.123.110.9 3.123.110.9	16509 (AMAZON-02) (AMAZON-02)
1	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
6	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	52.79.132.3 52.79.132.3	16509 (AMAZON-02) (AMAZON-02)
2 6	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
4	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
5	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
3 3	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:6ea0:c70... 2a02:6ea0:c700::1	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
1	61.221.230.167 61.221.230.167	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.48.14 35.157.48.14	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.135.227 185.29.135.227	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
12	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.218.208.200 23.218.208.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
3 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 3	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	13.112.166.41 13.112.166.41	16509 (AMAZON-02) (AMAZON-02)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2606:4700:303... 2606:4700:3037::ac43:9427	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	213.155.156.167 213.155.156.167	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	35.201.96.126 35.201.96.126	15169 (GOOGLE) (GOOGLE)
1	185.64.189.249 185.64.189.249	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	159.253.128.188 159.253.128.188	36351 (SOFTLAYER) (SOFTLAYER)
4	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 4	3.124.165.65 3.124.165.65	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	3.123.55.203 3.123.55.203	16509 (AMAZON-02) (AMAZON-02)
3 6	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
850	122

71 13.32.21.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-27.fra56.r.cloudfront.net

www.storm.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

99 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::621 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.119.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

apn.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.108.42.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-42-51.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.58.98 (United States)

ASN16509 (AMAZON-02, US)

image.cache.storm.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.150.150.172 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com

track.storm.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:206f:ca00:1d:68e4:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

track.unidata.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 65.9.58.81 (United States)

ASN16509 (AMAZON-02, US)

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent-frx5-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

106 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:48a::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-13.dus51.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.25.115.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2a03:2880:f12d:83:face:b00c:0:25de (United States) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.35.249.226 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.58.62 (United States)

ASN16509 (AMAZON-02, US)

resources.storm.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.198.167.159 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-167-159.ap-northeast-1.compute.amazonaws.com

service-pvapi.storm.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.233.139 (Torrance, United States)

ASN15133 (EDGECAST, US)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e4:101::6cae:b55 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)

tags.viewdeos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-103.dus51.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10::214:b4a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.viewdeos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.237.155.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-155-161.compute-1.amazonaws.com

track1.viewdeos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.31 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

pixel-api.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 115.88.123.125 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)

ace-sync.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.231.100.211 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.35.111.161 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-111-161.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:484::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3f64db6d4324d99215cee6a288db42e5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b941f13208caded1abc44d9c50878d7a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.180 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.107.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-107-130.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.105.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-105-201.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-185-59-220-198.datapacket.com

cdn.viewdeos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::1c (France) 3 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.113.254.193 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.96.200.41 (United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.31 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.59.121.220 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-121-220.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.103.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.197.47.23 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.58.174.102 (Columbus, United States)

ASN16509 (AMAZON-02, US)

rtb.gamoshi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.172.174 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.174.172.202.116.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.123.110.9 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.34 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.79.132.3 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)

sp-api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 210.59.219.175 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.42.132 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.221.230.167 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-221-230-167.HINET-IP.hinet.net

banner-cfnetwork.cdn.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d5f4a27e2f4553f89373925ec6dccf16.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.48.14 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-48-14.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.227 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.23 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.200 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-200.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.80.71.186 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.112.166.41 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

ad.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::ac43:9427 (United States)

ASN13335 (CLOUDFLARENET, US)

videofile.stormmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.155.156.167 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 1 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.124.165.65 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-165-65.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.55.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-55-203.eu-central-1.compute.amazonaws.com

ads-eu.v.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.201.76.93 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
120	gstatic.com fonts.gstatic.com www.gstatic.com	5 MB
107	doubleclick.net 8 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net googleads4.g.doubleclick.net pubads.g.doubleclick.net	850 KB
95	googlesyndication.com pagead2.googlesyndication.com 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com tpc.googlesyndication.com 3f64db6d4324d99215cee6a288db42e5.safeframe.googlesyndication.com b941f13208caded1abc44d9c50878d7a.safeframe.googlesyndication.com 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com d5f4a27e2f4553f89373925ec6dccf16.safeframe.googlesyndication.com	1 MB
84	storm.mg www.storm.mg image.cache.storm.mg track.storm.mg resources.storm.mg service-pvapi.storm.mg	829 KB
66	facebook.com 2 redirects www.facebook.com	2 MB
34	scupio.com img.scupio.com pixel-api.scupio.com bw.scupio.com prebid.scupio.com Failed rec.scupio.com	384 KB
30	dable.io static.dable.io api.dable.io adx.dable.io images.dable.io sp-api.dable.io	144 KB
28	2mdn.net s0.2mdn.net	383 KB
27	googleapis.com fonts.googleapis.com ajax.googleapis.com imasdk.googleapis.com	3 MB
24	googletagservices.com www.googletagservices.com	798 KB
22	aniview.com player.aniview.com track1.aniview.com go1.aniview.com sync.aniview.com	185 KB
19	criteo.com 3 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	5 KB
19	google.com 2 redirects adservice.google.com analytics.google.com www.google.com	15 KB
18	advertising.com 5 redirects pixel.advertising.com ads.adaptv.advertising.com	6 KB
16	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image6.pubmatic.com aud.pubmatic.com image2.pubmatic.com simage2.pubmatic.com image4.pubmatic.com	32 KB
15	rubiconproject.com 3 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	37 KB
13	holmesmind.com 3 redirects ad.holmesmind.com cdn.holmesmind.com c.holmesmind.com	105 KB
12	popin.cc api.popin.cc tw.popin.cc log.popin.cc r.popin.cc inrecsys.popin.cc	105 KB
10	ampproject.org cdn.ampproject.org	196 KB
10	youtube.com www.youtube.com	681 KB
9	aralego.com 3 redirects hb.aralego.com sync.aralego.com	3 KB
9	google-analytics.com www.google-analytics.com	53 KB
7	yahoo.com 3 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com ads-eu.v.ssp.yahoo.com	6 KB
7	adnxs.com 2 redirects ib.adnxs.com acdn.adnxs.com	22 KB
7	fbcdn.net scontent-frx5-1.xx.fbcdn.net	111 KB
6	criteo.net static.criteo.net	154 KB
6	360yield.com 2 redirects ad.360yield.com ice.360yield.com	2 KB
5	google.pl adservice.google.pl	2 KB
5	unidata.ai track.unidata.ai	30 KB
4	bidswitch.net 4 redirects x.bidswitch.net	2 KB
4	viewdeos.com tags.viewdeos.com player.viewdeos.com track1.viewdeos.com cdn.viewdeos.com	13 KB
4	facebook.net connect.facebook.net	155 KB
4	appier.net 2 redirects apn.c.appier.net gocm.c.appier.net adx.c.appier.net ad2.apx.appier.net Failed	2 KB
3	stormmg.com videofile.stormmg.com	61 KB
3	adsrvr.org 3 redirects match.adsrvr.org	2 KB
3	adform.net 3 redirects c1.adform.net	2 KB
3	creativecdn.com prebid-asia.creativecdn.com	528 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	google.de adservice.google.de www.google.de	360 B
3	googletagmanager.com www.googletagmanager.com	157 KB
2	avct.cloud 2 redirects ads.avct.cloud	894 B
2	fiftyt.com 2 redirects visitor.fiftyt.com	992 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	651 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	sonobi.com sync.go.sonobi.com	889 B
2	ytimg.com i.ytimg.com i1.ytimg.com	98 KB
2	polyfill.io polyfill.io	705 B
1	simpli.fi um.simpli.fi	609 B
1	zeotap.com mwzeom.zeotap.com	595 B
1	de17a.com d5p.de17a.com	134 B
1	doublemax.net ad.doublemax.net	153 B
1	quantserve.com cms.quantserve.com	463 B
1	hinet.net banner-cfnetwork.cdn.hinet.net	711 B
1	loopme.me 1 redirects csync.loopme.me	270 B
1	gamoshi.io rtb.gamoshi.io	321 B
1	onetag-sys.com onetag-sys.com	818 B
1	technoratimedia.com sync.technoratimedia.com
1	treasuredata.com in.treasuredata.com	515 B
1	ggpht.com yt3.ggpht.com	2 KB
1	daum.net analytics.ad.daum.net	571 B
1	toast.com ace-sync.toast.com	650 B
1	alexametrics.com certify.alexametrics.com	552 B
1	cloudfront.net d31qbv1cthcecs.cloudfront.net	2 KB
1	licdn.com snap.licdn.com	2 KB
1	googleadservices.com partner.googleadservices.com	435 B
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	onesignal.com cdn.onesignal.com	3 KB
850	70

	Domain	Requested by
119	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
77	securepubads.g.doubleclick.net	www.storm.mg securepubads.g.doubleclick.net www.googletagservices.com 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
71	www.storm.mg	www.storm.mg track.unidata.ai
66	www.facebook.com	2 redirects www.storm.mg connect.facebook.net www.facebook.com img.scupio.com
53	tpc.googlesyndication.com	securepubads.g.doubleclick.net 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com www.storm.mg cdn.ampproject.org tpc.googlesyndication.com googleads.g.doubleclick.net pagead2.googlesyndication.com
33	pagead2.googlesyndication.com	www.storm.mg pagead2.googlesyndication.com www.googletagservices.com securepubads.g.doubleclick.net googleads.g.doubleclick.net 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com tpc.googlesyndication.com srcdoc
28	s0.2mdn.net	0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com s0.2mdn.net 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com imasdk.googleapis.com www.storm.mg
24	www.googletagservices.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com www.storm.mg
22	img.scupio.com	www.storm.mg securepubads.g.doubleclick.net img.scupio.com
17	track1.aniview.com	www.storm.mg player.aniview.com
12	imasdk.googleapis.com	player.aniview.com imasdk.googleapis.com
12	ads.adaptv.advertising.com	1 redirects player.aniview.com
12	cm.g.doubleclick.net	8 redirects www.storm.mg 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
12	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net imasdk.googleapis.com
12	static.dable.io	www.storm.mg api.dable.io
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	www.youtube.com	www.storm.mg www.youtube.com
9	gum.criteo.com	3 redirects static.criteo.net
9	api.dable.io	static.dable.io ajax.googleapis.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.storm.mg
9	fonts.googleapis.com	www.storm.mg 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com api.dable.io
7	scontent-frx5-1.xx.fbcdn.net	www.facebook.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com www.storm.mg
6	c.holmesmind.com	3 redirects www.storm.mg
6	pubads.g.doubleclick.net	imasdk.googleapis.com
6	sync.aralego.com	3 redirects www.storm.mg img.scupio.com
6	eus.rubiconproject.com	www.storm.mg eus.rubiconproject.com
6	ib.adnxs.com	2 redirects player.aniview.com acdn.adnxs.com
6	static.criteo.net	img.scupio.com static.criteo.net
6	pixel.advertising.com	4 redirects player.aniview.com www.storm.mg
6	mug.criteo.com	www.storm.mg
6	ajax.googleapis.com	img.scupio.com api.dable.io
6	www.google.com	2 redirects securepubads.g.doubleclick.net www.storm.mg www.youtube.com
6	track.storm.mg	www.storm.mg track.storm.mg
5	ups.analytics.yahoo.com	3 redirects www.storm.mg
5	rec.scupio.com	img.scupio.com
5	images.dable.io	static.dable.io
5	adservice.google.pl	securepubads.g.doubleclick.net
5	track.unidata.ai	www.storm.mg track.unidata.ai
4	x.bidswitch.net	4 redirects
4	simage2.pubmatic.com	ads.pubmatic.com
4	hbopenbid.pubmatic.com	player.aniview.com
4	ice.360yield.com	player.aniview.com
4	ad.holmesmind.com	img.scupio.com
4	bw.scupio.com	img.scupio.com ajax.googleapis.com
4	api.popin.cc	www.storm.mg api.popin.cc
4	0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	connect.facebook.net	www.storm.mg connect.facebook.net
3	image2.pubmatic.com	ads.pubmatic.com
3	videofile.stormmg.com	www.storm.mg
3	token.rubiconproject.com	eus.rubiconproject.com
3	match.adsrvr.org	3 redirects
3	c1.adform.net	3 redirects
3	cdn.holmesmind.com	www.storm.mg img.scupio.com
3	secure-assets.rubiconproject.com	3 redirects
3	sp-api.dable.io	www.storm.mg
3	fastlane.rubiconproject.com	img.scupio.com
3	hb.aralego.com	img.scupio.com
3	bidder.criteo.com	img.scupio.com
3	prebid-asia.creativecdn.com	img.scupio.com
3	r.popin.cc	www.storm.mg
3	log.popin.cc	www.storm.mg
3	resources.storm.mg	www.storm.mg
3	sb.scorecardresearch.com	1 redirects www.storm.mg www.googletagmanager.com
3	www.googletagmanager.com	www.storm.mg www.googletagmanager.com img.scupio.com
2	ads.avct.cloud	2 redirects
2	visitor.fiftyt.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	ads.pubmatic.com	player.aniview.com ads.pubmatic.com
2	sync.mathtag.com	2 redirects
2	pm.w55c.net	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	sync.go.sonobi.com	player.aniview.com
2	sync.aniview.com	player.aniview.com
2	ad.360yield.com	2 redirects
2	3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	player.aniview.com	player.viewdeos.com player.aniview.com
2	pixel-api.scupio.com	img.scupio.com
2	www.google.de	www.storm.mg
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	px.ads.linkedin.com	1 redirects www.storm.mg
2	service-pvapi.storm.mg	www.storm.mg
2	image.cache.storm.mg	www.storm.mg
2	adx.c.appier.net	www.storm.mg apn.c.appier.net
2	polyfill.io	www.storm.mg
1	ads-eu.v.ssp.yahoo.com	www.storm.mg
1	image4.pubmatic.com	ads.pubmatic.com
1	pr-bh.ybp.yahoo.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	aud.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	image6.pubmatic.com
1	d5p.de17a.com	image6.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ad.doublemax.net	cdn.holmesmind.com
1	acdn.adnxs.com	player.aniview.com
1	cms.quantserve.com	3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
1	d5f4a27e2f4553f89373925ec6dccf16.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	banner-cfnetwork.cdn.hinet.net	www.storm.mg
1	csync.loopme.me	1 redirects
1	rtb.gamoshi.io	player.aniview.com
1	onetag-sys.com	player.aniview.com
1	sync.technoratimedia.com	player.aniview.com
1	prebid.scupio.com	img.scupio.com
1	i1.ytimg.com	www.youtube.com
1	www.gstatic.com	www.youtube.com
1	cdn.viewdeos.com	www.storm.mg
1	inrecsys.popin.cc	www.storm.mg
1	in.treasuredata.com	api.popin.cc
1	go1.aniview.com	player.aniview.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	b941f13208caded1abc44d9c50878d7a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	3f64db6d4324d99215cee6a288db42e5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.doubleclick.net	www.youtube.com
1	adx.dable.io	www.storm.mg
1	analytics.ad.daum.net	www.storm.mg
1	ace-sync.toast.com	www.storm.mg
1	tw.popin.cc	api.popin.cc
1	track1.viewdeos.com	www.storm.mg
1	player.viewdeos.com	tags.viewdeos.com
1	certify.alexametrics.com	www.storm.mg
1	tags.viewdeos.com	securepubads.g.doubleclick.net
1	analytics.google.com	www.googletagmanager.com
1	www.linkedin.com	1 redirects
1	d31qbv1cthcecs.cloudfront.net	www.storm.mg
1	snap.licdn.com	www.googletagmanager.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	www.storm.mg
1	cdn.onesignal.com	www.storm.mg
1	gocm.c.appier.net	1 redirects
1	apn.c.appier.net	1 redirects
0	ad2.apx.appier.net Failed	img.scupio.com
850	135

This site contains links to these domains. Also see Links.

Domain
events.storm.mg
service.weibo.com
lineit.line.me
www.facebook.com
line.me
www.youtube.com
www.instagram.com
itunes.apple.com
play.google.com
www.104.com.tw
t.me

Subject Issuer	Validity	Valid
*.storm.mg Go Daddy Secure Certificate Authority - G2	`2020-02-01` - `2022-04-01`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
*.c.appier.net R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
static.dable.io R3	`2021-01-12` - `2021-04-12`	3 months	crt.sh
image.cache.storm.mg Go Daddy Secure Certificate Authority - G2	`2020-07-10` - `2022-09-07`	2 years	crt.sh
*.unidata.ai Go Daddy Secure Certificate Authority - G2	`2020-04-21` - `2022-06-20`	2 years	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-11` - `2021-06-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.dable.io Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
api.popin.cc DigiCert SHA2 Secure Server CA	`2020-05-05` - `2022-07-14`	2 years	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
tags.viewdeos.com R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	a year	crt.sh
*.google.pl GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
wl.aniview.com R3	`2021-03-11` - `2021-06-09`	3 months	crt.sh
*.avideotech.com Amazon	`2020-05-04` - `2021-06-04`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2020-11-12` - `2021-11-15`	a year	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2020-05-12` - `2022-08-10`	2 years	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2021-01-07` - `2022-02-07`	a year	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-02-23` - `2022-02-27`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
edgestatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.treasuredata.com Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
cdn.viewdeos.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
onetag-sys.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
rtb.gamoshi.io R3	`2021-03-02` - `2021-05-31`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
1923398352.rsc.cdn77.org R3	`2021-02-25` - `2021-05-26`	3 months	crt.sh
*.cdn.hinet.net	`2019-05-10` - `2021-08-11`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-22` - `2021-09-15`	6 months	crt.sh
*.doublemax.net Go Daddy Secure Certificate Authority - G2	`2020-04-24` - `2021-06-24`	a year	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.semasio.net GlobalSign GCC R3 DV TLS CA 2020	`2021-03-09` - `2022-04-10`	a year	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-30` - `2021-04-27`	6 months	crt.sh

This page contains 97 frames:

Primary Page: https://www.storm.mg/article/3553076
Frame ID: F616F5FB803D7B927E887296E3259D52
Requests: 290 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html
Frame ID: 1E09D82E30D9F7DAAA1BE28D26FBEDBE
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
Frame ID: 8BF194F285F4C3830D1AA155A01A0115
Requests: 1 HTTP requests in this frame

Frame: https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoic21nX3VpZD0xNjE2NDYyODYzNDE1OTAxOyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTY0NjI4NjM0MTU5MDEiLCJtZW1iZXJJZCI6bnVsbH0=
Frame ID: 044DEFB63C621972ABC1E23AE45B983B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022331377991686&output=html&adk=2801219079&adf=3163849507&lmt=1616462863&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ea=0&flash=0&pra=5&wgl=1&dt=1616462863061&bpp=376&bdt=1293&idt=689&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4517097838771&frm=20&pv=2&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060031%2C44738185%2C44739387&oid=3&pvsid=4428478098213158&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=721
Frame ID: 74D8CD04E10C6E9D31C659C27DD0CCCF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Frame ID: ACD9F4BFB47029AF752D70814A9FF454
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
Frame ID: F9BAE2D87B3D0E29E696E552E6647B3A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
Frame ID: EBF9485A430532D0B2771B709103C38D
Requests: 18 HTTP requests in this frame

Frame: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: EA8780608064528D58B3379A7209C14C
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
Frame ID: 737D9E966C33460FD4CCD9B208ABC377
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Frame ID: 79642E6F046952B3A6FCF49526AD8F52
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
Frame ID: 9648A591582B41B1B887C2E070571C0B
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Frame ID: D41F1CF3692AB5D95F5E3E1992D316E9
Requests: 11 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Frame ID: 23047DC609A0A1A6F4FB0E53DEFDA4E1
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumzMn3YAc3VO75O9iJZC3E3YLCSLiUS_KufyXfPppvVchLceOJ_-b7lxoO9O0PqR40y-wM7WqIYXJ9HOSSXUsLo0aa5bOa6eXKRAPoyZW6Jqa7ZpdT50XbpnD4UYCeE8_jhGf_wIpEDdA4Z5vxBtFK34YKm0luYWtrRzjDgCUprAhhTjp3_qXtXQyfiv3qdGNV-2WEhTB6XB7pMMJc3NXTRo9DgUfE1gBgnHUhuDgycvOv8TH7ONYu_OgSgtNorkYtTdLNhe0RxIFOgCS5lj1YmDZ9-diArdZCDMNNZkWb16pBqjGYesvaNkt4fsY&sig=Cg0ArKJSzPf5KSqA_dzNEAE&urlfix=1&adurl=
Frame ID: 24753DD77351CF421452CE8DE6187D83
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfnbTs6Fi-IGzCT-LuGh5YNAErG32x0awyXlFRkKH37f3wA4YeihmyJkVoWSxnz_zHZHVzN67e0s3KGgVChN4YbLLjBx4vGF2AU-kZgx2JwZvrJGoLKTwpvcbOui4AvmorTx444RCqxvD3xtzYiJrdL66QZOjJa5jgEjmh8sBTQI-W9Sn6u6UNCG2kOsNStkajLCtspXYaKDxia0V93ViLe-WzFFLj7_QKneflKH0xKD2yLNjsmc4kGsDy0G7lL8iFvfgQYj5pHXL6pPOcNq5tCfD7v8REb4T7INjZO6sj_zGNiZc1h9jo&sig=Cg0ArKJSzIy3wcivHHYWEAE&urlfix=1&adurl=
Frame ID: 0DBC5DAE26FE00587F2D3A724D6072CF
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstgwFUx-uQePlCB8SNijPq4TRc0-UgCvkh4I_Pe_cxYWHCj5XZ6hHsefcYXHHQVDfC26S15LV8cZ89dwnyfzKe5eAATIV3FlXI_FH5uhjLnKRF1ik8D_cx9aWcdoLjxcmmTsItXQKLT3GrzvZQlkJ_UPEjo1sKBXrxOXpMAlorkGYA7AsLzAySjp-FWKD9U9WLRQIOCGUMs6KaVDXUvG_vuOKCNXuEoBJhYIkf3JPc7DTF4ttj00mDFW2o8VZ6EAGGSiC8LN3FZGp5eZTSo6kiIbDWPKy-PEnS6TUhD3b-UZAtiEIHP78&sig=Cg0ArKJSzKqNhRMnzhzVEAE&urlfix=1&adurl=
Frame ID: 1C73F422719A4243D0EA5AD091AD0A6C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxpgdYuE3rWoKD8b3DmiS-KMj0LaGZa3GgYetyP2XRchvK4fCMFgzQGUhpc1skJa8iuY9UaFvjTxv6-ne9ZtwxxxMj5RBPpajGOMAKTOmH7ovNddszO5tZZ_6dI_-f29wv9LhA8Hi5yLNz9TwSCegpGaiPdqJ5g-Ac-oVBN0pKiXTojHU8qSPOI8uX4D3yQQ6oI2-_Z7623gMPz6fBhBcGNjcdzagfedirmra8tRAdi9oZqR0DSizUhfNryyLiXJbBjRCkljHEemdHLBpAHC-tZGF-hMwYw9tmefubz4d_f_V9GmfstgFGeZPzDXw&sig=Cg0ArKJSzGTKhvaciC_mEAE&adurl=
Frame ID: A905B2F2F15ABB0CC2CED4FC51737A47
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrj_xO8kVdYbEI89gA4Mfjq5JCWNBKs7h5CDGOsOPSC2bPiDt8SVVly_744l2_KmVG3ZQ41WfosWiEmvBUftgrbTjGt_gIXGFMf7viPCMu4lGjiF3wDJpx0YiD6ROGykB-0ah_eRGVjxmNWO1By009Sle2WlFk1YJ5tng9NYHhfB-geeiFCdEBZkljW_g9c12BmNUvxUIm8a3hhKUtXXD92Qj4LylYQFCdY6IPlg5F4raIgh2uvQr_1iHqC3LSklVpI0gy2dZn1xFKmdC9As9ga98AzJaJItQLxau2Tj4iyB4r2spY2KwJxzI&sig=Cg0ArKJSzKf3dBoNz0LaEAE&urlfix=1&adurl=
Frame ID: 65A9C9B12EAD2D3DEA6C155D2C20D6CB
Requests: 6 HTTP requests in this frame

Frame: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
Frame ID: B6906067DD073D747CBD7D9267FA0B97
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVUNLKBrxBI-i6Cr2GisuJYPAre13CR9khyPqB3aqecQ8eXZmKeNv5ZgGUxA2qqSotpshOh5YVRB68eKgVGZ_1sFp3EmsOnvVWUDxciojiXuEFsNudrR3HQmkkeULksLyQHHmtMSL0x1KRxZA3Aia75r6wW6aelyOS06PimLuGcTLNL6zZkIQtK_98cYGzCdO7Tw_ElbRIakw-qnP2UO1eKHs0zpGl-b9gMy0HWkO1cQUivdRZsL8PNLu0gdkgT7NH1tHmjLMsHUT6sNHz6a6RM3J24SwXOKXgH2MG9_JvMFn3OqOzQiYnRLOYdMXVZY7yoA38Z8291LRP9_5lgIYy6gPzYFM&sig=Cg0ArKJSzM3ISfM2fgYXEAE&adurl=
Frame ID: 3D5CAD5473569AD0342DDD0E6BA665BB
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEJcnFF4G6gsFIJpw-g6MzRuriligAP9wggtFD_yeiCraJ4SH3c7vUznm2hnGf0qc__Wi62UQCYfEU-Lq0ccl7ffDSS5MZtJE0YyIVeQd_H6WS1B2tsbtmkxf2Wl4U-7yEaHG9prgxiZXaAxLKcB_ZQTuwc0UYA45O1WTm78mAts0fBAwvOSwvmCFS4iQN3_L12coQUUK5NYHX9vA7GZpDsXxwifGQg968cjIxw3eizECs0CK-YeFdnlxDRe2tWsECOG0VhGhx7gUIGlkufgMhCn7LZ8Xq4PBGd3lKrwziVaZA3Sw8ps7taJy2dQVlzF5VctAEEcY&sig=Cg0ArKJSzOscERUZF4KUEAE&urlfix=1&adurl=
Frame ID: A983599018E6AEF06D906D9F00A77392
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthdvxIQ6RFl893cmp98CrCap9u519Sa9MOfXW76vr3Q62L-TXiNDwyL2yUKvmBNIuYe6Gqi2kW4ELiCaOr94syzIN-YT2X7lyXX_HDxBTqTH2O3U-zyAXlrTikXiolSbkHhe5W2W4qkwACStsirsBhusuO0daxzktGyo6JK8UA0HBpeyRYFPDmF85AfWfG68g_O1xUO2-Zfa6HZsrsQqWEsSZ59mxlV3BZB5B3jbwrRhtZ0PIm3vu47q_fh78PJud_cXX3gDlZYgJDmYmJ8HHf6WCSLBtZCwOYZzNH57Kbm-onvWSpPiSccw&sig=Cg0ArKJSzDpoivhRv-AkEAE&adurl=
Frame ID: A25DD361C5BE732017951B48C93E6832
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_q6Bkf_HjT9fpYTvgjIExLO9eEb3CGKGl-jt2Tc7xyQFKEJaISNkAn0dzIH0Ee0qSHVPZHekaGBUNCb5z-lB73YKCJixxc6Nf4mudnHj363uZGSVIRybpO5pICEunQZqhS6n-RHSHvrbpzWGEIs_pMxcM_isc7KnhOjct2zZVuLnVtQ_eQ6FoUNkpki4Ap5blWyTnTIkbmDoc46t-DQehmV2cSIRYVvJ-Tlr9jLzEBNuXOebxXP5DzZYmu7Qbfy_-r2CvtX_qlSvDH6ruDBypZLSsy3-GMQ-qPY6NJZV3G6IAqaGpJryv&sig=Cg0ArKJSzOGE83Agk1RCEAE&urlfix=1&adurl=
Frame ID: 3D30447861546D52D728F6A992B90D58
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-GtYQkQiGFX0XjnMtaBGPBC4FJ1zp9kZP__97pjZ46n75XMi-uCGIGtGYez8DuratuYrLwh-73TpCLtSB5DvUSL426lUfutbZKQmd_NucUFZzRdsmK7bqoOwe20_LJApHj56S7dQFf-K27o9J8m6qpzPxLgDUpBJ7yKeNSEKvCOxf37oTmmlNzylz9hZZSp0lbe2A_DnSSBWsB5K4E23tL9iddjo0oYK_N6ZBZ8fvPT2HHxYlfGNp8YBzfMJ4_fE45BLgl9YEkXoFAQxSuW5A-7lza1AEoWepGCHtT5cUdpyuyPun6Eyymw&sig=Cg0ArKJSzDhxl3yPoXQAEAE&urlfix=1&adurl=
Frame ID: CC3C45B425D66DB78E2281936F0F72CE
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvno1qKL7DtHrH6WQYavVPENs9jUnfkdK6f5aUUZtQAxycR-hPJ-gwi4ctOAUzzS2cJhTQvyb1nIgdddz2iNT5Tq0uK0nunUgrE5MUfRNyvezG3f4KUUyIivGLiRntqRba3EQXxhmToBpCTsdjgqATNvJF_P0lfcPg3MjzRWpDJIqQG3IoWt1O63h70xB-D8SZxgEFGWOx5o6zXAgpKWcV5pTITipCdbOyH9oqNqblSvl3xkEqHQKHpLPeEZ5dCaU1C2uEA37LEqKrr3iFLMBtTkIxxw7SoW0MhyT5yhrS0OVhPA_KVMMPC2Q&sig=Cg0ArKJSzO_VzQO3bPfeEAE&urlfix=1&adurl=
Frame ID: 8175FB3DF57F5F39851D3AAD8938FDFD
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunUCR_ptrrMladkZbJpcdtD_XQo1atWq9WCXNYb30vVnob4dmwhKkY4kmzNUnb6mVyHHHbwD2yJg55-CMBZsWbyElUvF7vdejTe1Efq3_fWAj75MsQRpA-DBd3Nkng0SWnY0QNHt9W81o8M6Arb0-NpiZ-kBNe-Jnjlf2JSW6ZBJiXIn7EkD-IcmoZjchItJW5Cvsy1o6WOgGoWtjhP067SnykpCJpm36j3Z-WhwwrXyb6WLfz0bv1P7yQX9JGA4XHImvOAoJWs2twLLw-ZwIFvoCCtrhXpQam8wbG1XjZamDUM5tEV3xnn8I&sig=Cg0ArKJSzGUg7om0XxjnEAE&urlfix=1&adurl=
Frame ID: 9EE2E5ED344B46442A91C5116EF54014
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAkV9jxyx71baqVZTF22X4WAeKI3_XV4dcBF02t2i__bd8mmATgQQtv1es7aI_LT0rIwXr3hKF_zlSxJ7JDuxq2K_jR89on67rg8xWfCo3ZjDPuCIjnFPg-edLGTf00CAK1t8Iqy_bksaQDX7EChxXs2_4Rk37ECl1B2rM_4vBcWKA_uapUJh3SfFs8EFF-qpJuDQd-GWlu3dCJvnGHVz8Oim9J2_xl7M6ZCVdXDq720EXAtGLDROHNLGXFe4QjdKbjCS_xE4VcA9Lf6y7__-f5fPNzdwofGzZNg0243O24g9xPQEnIt0u3xg&sig=Cg0ArKJSzGL5KONL1CUDEAE&adurl=
Frame ID: 023CA23E9F07D90C49EC438F4FD54CD1
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ7pTugytN88O38k0ebzGYp9U4f--Yjw1mtnHYvc1uhJQz3X8y7QUCSKfZked1rMtk-InFyeDq2xig5j3pfToDv-PEvVA4YAaKBSOvlKozXWDJCGaa2CGuykSjW_fehSF5SOHUElOg0grpNymmR2oLloxkPvLEbne-Y2XCRzbGV4m30NG2pUCMGO1Ka5Z-mPclfSOmYCeSdjP_SWBu0i_5rRVUfL0ahlPvC11XgTn00DbKwd6D3SQp0wSBv7wnUqmFJA_NUmuAkBLLPxlo5QDvaME2l-ZdOwpU1R1dNJibe9B3r8H1MM0hVQ&sig=Cg0ArKJSzBNvQhi5GqQtEAE&adurl=
Frame ID: B463885C7240137F1061ED6B0E16828C
Requests: 7 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=0
Frame ID: 0DB1B3D329927646B1B44693FC53F0D7
Requests: 2 HTTP requests in this frame

Frame: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 08F4C41C8BAC5C09470723E1C4F84CBF
Requests: 13 HTTP requests in this frame

Frame: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 7BF6EC108A8907D899115F42F195E870
Requests: 15 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.54
Frame ID: 3B9A4E6833853A18FFE1ADCF33AB0C9A
Requests: 17 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.54
Frame ID: F3C4135436E4250542DF90DEB12ABC44
Requests: 16 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: 4B03632031BDE231B7A3165659E30840
Requests: 25 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: 9329C2BD672405FA481DBD7880F1ED13
Requests: 22 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: F8ACFCF6169B697869B9C400EEAD3EE7
Requests: 32 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Frame ID: 34D05FA14EE707F1655BFDE5FF464DC3
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.54
Frame ID: 7672768BF5331DDA3F4D25244070F001
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 492C1DBE7D353A4F1E8C209B5DA21D5D
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 853CBB8F55F3DCAC35DE94D8EDD0F28C
Requests: 14 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
Frame ID: F2D8DEC4F79EFD5C1AC6A296D3D33C39
Requests: 23 HTTP requests in this frame

Frame: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: CFC07BF2B86A7F2AD653AC11DC15E44B
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1616462868053-915114750161-022002-010-003685&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D3%26key%3D%5BUSER_ID%5D
Frame ID: AA35328ADC1DDAAF67D752894821DE85
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=22&key=12576007-c9f7-426f-95c4-8257ba53c9fc
Frame ID: 5C2AC60BE35F1EBBDC0DA3EA45627B3C
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 468616DBE621CB025DC407004F9EF7D7
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
Frame ID: DABDAA6E3122C2421CC4877138EA19B6
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D60%26key%3D%5BUID%5D
Frame ID: C3E2BABDCDB3221A3C972E97C93FA38C
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=
Frame ID: FB4FF1F15AF214AF3DA24912CBCBE818
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Frame ID: 6F0448A2626590728EA6D3DDFB773832
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=725a5d49-8672-4287-b412-46e9a14f39d8
Frame ID: 84A8355BFA409B953AB5FB5213F17FF9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxCE07gCGO69rpwBMAE&v=APEucNVGBgvE1Bz0zpLwQQHvQydrTpT4-1PvQF7oD1LNdAHNcuMwpeBaJAL-USRMVG3XpDhzzv4CWElKtcHrmx5zMKmQle2nEDZSGhj8066GCBILfTngOeyX9hOz41EFnJwOM0hs2xtxmxAtiIIGc-rxykI9lJbWP9WnQc2oB2NmFIxqw_LiYULbjSL7EHYqcc2k6Nby-bLsXdpYSZwyktpiY7Q95_IqLA
Frame ID: B1B1E149B439BDA02E7C3662BD9632DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtEf8GKY2REEaLCIQfmd37a0lxWgrg4hNIs06Fwb6fxOGafl4XfrHsyTnzp20FIqwaXLt1vVIRU8ZFe1RoJUH7OHYkfQ39ogirhBXbqwP_jnusJLolQxLF8CmVPNmstqf3moPgREEkDK3AhqOT6zxh8DPW6Q&dbm_d=AKAmf-DFYvG5TbO10L7q59cBMoW5oW22iKcxSzo-nzHsfACnFoZPiCUD_gH6kkD9lih_V_wD-aSkWabzhr21aNrQd82nmUhU5tREpQYDYwS2YTb_z2RCLJtNgQUXwFIBDv_vKM8CVscYfG5zz9MFyIQFQ5Jf9EBWJsDv3JjFMBFv3XjOdWYn8DBjIbbS_ZUhXY-EbXuDeqNJIgANICpYExVeWikGLSYrpzCNHcQS5we1TpqcrJXdqv4UtYyvsAWCOucU3K7038Xwoy0I7wRZsGV4QGotmIwzgKEbNxOUgsyX-u6C-k-58OnjZ9bvHhYjNrZJHdYhOc2XAznya1NzDA3Gax-4PRcRjo-gzc6xZv9Rp-ABBxHuhzlazS0Eu00OAZeHY3rS-MoOlqsgk3bLaylLV-EjJZ7EVbCczcm4csXqVqNbJ4Lv0AgfBjageO0EKFoKVYls5bNzXL7PyuuSpPfY8MhHNYCuHZ-5LJD1AUx5Q8GCPim1VP3N5taIJ44ZGIxTw4f-E047EdB_XS59EZBSRsdd_XiZJH9ToqUN3vO5ZYCGf-aKW1R0M9YdNoq38meRjOVJ4xl0ZVQu6bdkCICM95kPlau6pTNaU8HAzxvnwbEKnX5mKBB8hq0ivkPgZrvKJCSLwREaw8YZc4Lb_7GsRjmzVdeT1Enss2ug4UDaSL0gYw7CV7IZfq1Bs9thG_WvxDlKF87PKwwr6tzVRYA7udvukDbtCjXr9_4ptyXQjrIGQKANj-MhxjGIwSCONnio9tQay-QmWOh5TgsE4Dd1czB0vzCBrUatYULc2L3AVBTYPDJFzx-7dnO9XQXM4YIV80F7VdMsbu0WXonSDvXWguaZY3UY-EB8Q-rEVZbrPmzeX-UbfUhad2SPDIp9XYW0Mp9GAu-OOoZ_oReVfDYlknzfiLWXD3haAQDEJPelBW6YFMccgpRUQ4S6AkbGak65O4Xiq2A3WTktZ_yCvfxBIlRDwsKvsAjhb1HthYirC_-6eoKc5f2l9kg1Sp2tEd1zC4FFZ0Q87-riA_tJvkXNW-aK-Zv3k_0x9JBX6vz8PqlwDjw-p-FP-MnDt7WzmKDO4RDnROqgIHwvsZ1iyTFncKzF1JSfCt2ZR6A2iaXGptvUQoLxU6ErmdZhLPaDPWNnCTxsMuX-xWqFxGXfAbZJAikKnvY_ike2lZwT6H-p8QcaLQjHCuS8YtHsdXf4wceXYNEwF9LoxZfx84jUo-P0-xf6fGwaqGadcbcrCgL7k-26hOnduNjLblWoLoLYT3rA4tp2LwH84xnlmsGpxMbODE2E32CsrHaQntSVYeiswhsOZ-bnexNPgnRwEiAHmRxcOCmqSadKYl8RkKK8o4Mq7i_J7nNJyxuPly9zYHoTEIKP5axXWzYWOWr_3P7FOfd5bLKL7D4nVYrZKfJIQqya1db6ckSxzLUfS0xUcm1OB0JjIdBADpX-hribLMckop0T-IJoicaSUugtJxZgogVYipJijOlJtl2CMqFOBYeZ1Gret5cOfx3DMx_CEReGsqcTTkfb8mxjFMevwpeeSHtyknAklTzYMiYatLhJUE-BnoUgKMpQsq8JB6VNgG41IkaDl8AorMxfba19w2jScx2qonXSHsNvxqGDlwHdt8eEAtXARxJSIeFK3gM_pBgJbT8IimGAtjj37mvxf9XKZMdh0S92FeTNiOWes3_cx7lfNyu2e3FLWjqsiQNlyA43BcTf0o3--EUNpC1T0HDkx3dtHblm-PyG4aUpdCb2Ea_hMIwvGWOunHhFtR5X4KZmLlLk5_fCIDrCVfDQnR88O3m4e3y9ryf8RsuTbDamFJBcmKerFn1SQCkJCwY75GoU4tiTSeU-FuLtoPsHO4nt3p7syIYqu42WpeKkx--JUoVfHb3FesjXBYsJ_4VtA8mg72xsYb4Qw8lvqLdD-uI28WYTzYXeN4cZuCEqKptjb9TgqQ0f7R5EhGw9rwyRQ0QQow6LPiAV4OQ4OEz_izehW8CK1X_itrX0ZQu7wz2T1S-K_MAJp40D2Q0qhI8lixxoZWfRerbYH9KvsoUkRkBrzgk72JaVu1YsLcZfBhelrhANfvnfuL5cBt6p-JkmfaeiU9dPScuyVrSogueJsYeGNyMKgHsSad3eLIvWzGg2tZDA4klj6iQoTM7aqotCv6I6iV61kozdlPFz3x8ChwLW-MSO5RNb_x-RjHVuWBvMl-frlt2ecbavn9c_9Sp7ibXj679xntmrN0_yYQ6qZRS0HnOc_c1FKX4VZ6EsX882tc0zeuOlFtWMOrh7idai-K2PwTWaksbSEFQ7hwj2b53qfHDuMB1lhq5zryjexAsttIogveOIS244Y2yjEG1avNKm8p8btSaTKcOg8SvDkmRvEk0QnmwX4Zoh0xBKW0JhizBAr4NruT4yiRKbIpbJgNZwvp1Hkxbal6Dms0hRx1r5Ik9qCedSR_qk1Pt6R0XYDE2ZJKBDjDSFw7uM6iezvZT7gvxzUT-kNVrUcXl-fBhkwpUqpfw2hbze3kO4YQFdkn_PvuZQg6bgXK__2t6V4K38n_ehk0gyJEhXjZ43fn65oCopSSRgfRyfAxwYBh02i8PQ5MTguXf_QizNlkR_JhLXjS3vjhDwzfEYNMmJJ6QGCx0ayJxB7uXJ-sPyt2cdCWXXEk_u_hxxByqQ4JPZC5XhL_hDZRfOHLkNK0TPfhGU7Fk8tZwsriZl20rTGKUm1DLITeAX3fZ4DeSjEYhysvjTK7n46Qj18l91chGY4Z7rBFeZKRjVKbXZ1gIOTTwAEj5ySlMm58GcfQ8V6Qfwlev_lcmbClfZ68Mb1Mk2EgSVPX9oIg498EzCv2kYflhj2it6XPuONwY_9jPIc2t0bKMaaNLWh3WVtPcM9vuimVOym5OMluDem4egrXX6-Lv-TuNJ0BAiaNN3SuQlWar5l8kgWi51FbafUCZpniZk2GkbN-tE9s3Xmkl3he1bG21RfU9cfk3IN_4miMWf2yAeZEDzufJkozrk1EN3d9exymeo2BJ3ST3wQpmmC08tLwL5C243y6vy50fK9VKJKCUf0V8NX3qslNPphjurnJDUQaG-NdlbjJ2_-eMxMJx1I14ZORd14USOc-BdW-wDYyLzIccjurM1PGKzqtuDfjlijBzn_VQ_9vtjIihHtA&cid=CAASEuRohHNr8dLO7Nya2vlE9MJn9g&rfl=3%2Chttps%253A%252F%252Fwww.storm.mg%242%2Chttps%253A%252F%252Fwww.storm.mg%252F%240
Frame ID: 6D2529342E098DF304AEED48460B197F
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C0CC02036A4D952F927BD6FFBA3D8E66
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 2A9240CB03A0DF955CF313B3A135BF66
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 01F3927168C8E47895E9E74B4160EF72
Requests: 11 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 23EB5F8D4638B5DF15F5B8991A3C5BBB
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJA-zaU5KF22_LJGS3uu2kg&google_cver=1&google_ula=3918219,0
Frame ID: DB93EFB0B105CA5FE9B36AD9F367A9B9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 37DEBEABEA7E8E5B0BFF48160261EE66
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C94ADF93EF20E8586E25BFF133D829B2
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: CEF98311BC5C58738940EF2BE3A4CFCE
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: B56BFBCBEA41E0235BF43622CC8517D9
Requests: 1 HTTP requests in this frame

Frame: https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Frame ID: 3AFA785E244B20CDA05651DE8C0EF862
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8281B42B8194263E944F3B73DE5E061F
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 481A59238D308436303D954F4C2BBEF7
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Frame ID: 449136C8D17E1BDC8C8787CCE5254327
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 48CEC22FAEE0E5095F349EDAEC5D1042
Requests: 3 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 94ADEA30A4842BA4484FA22196F75807
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Frame ID: DC7DBE7761A0AC5657D139A73AF82DDE
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 26739885D9562896F5CEC899BAE0F5D6
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubS-6_PRDlIfV1IBo3mIiluW8W2v7MERqMUIFwIaJcfR3CsnDLXgYCKCzfKpsAG3AYQN1A_8AQw1mKFT5L9DN1WLAKORSM7wOUxzenaToy_kqy47HEkPiJAkaLKMcehphRoju8xxIDp55qiNruyJVZ3tfZPyXkGmd2X29QBK6x9ytGEMEgXCt1TN0jS4_CxgiJwHWbHE7c9CGAcaBXn97zywsN6j1T6CpM9cNacKNaS_cvNE89bmVCGc_1jLKc2NpzbcUTiUuvhjaTlrqqW8v5yGMNmpN3VV3mpVNrWOR7waMvOVQBDHyzFPHivb-1gJ8TcArLw0w&sig=Cg0ArKJSzAaJqbxF5VyBEAE&adurl=
Frame ID: 681D1BA3F8E24199076B37413548D189
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 98E4A2AE4283F49EC741DB39B495F07A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 08536AAC5B4C203547CDD4AC541EC8D4
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: 80224965EE3BE66415E9BFB885D618B0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 34C3F1C7170BD0750F496D4B18F0CBAD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: A3580B271DC196BC1958360FA07C2D02
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: AA555DAFAF16FD2954D25B2F8B118589
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5AE17599623E1FEEC806B492366F2CA3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5740B5026C7251284B8DC946485B545A
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3440C974D7BC47B4E4725CACAB49AA5D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E8A3161A3D594AF09CD1ADA101407E97
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EA74F1F712C822E39CAF957E50D8F6E0
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 2C022998C1653969BFF28C77EE385137
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: AA22FE6FA08E6E2F77607D011DD6BE68
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 54BF59F231C8AEF5841FBADEDD1A5322
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 590612144D07CB523C372C2600B01233
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 9939EA32E53346B3123C6D65FA0D625B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6DCC6843E29875CE1B2374909A602E46
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 8B2D9531AD89947047009FAC583FD922
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 74BDB21A0A1AB2893F6242FA4104107C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1A9A562EAB238126B709ADA68D278F7C
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FDAC6FB64C898C9CAE82D5C0CA075AF0
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8EA2AD5120B5912371FD2A6BB5A9AB55
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: C4FB2D0BA4E5CBCFFB437BC3F86956EF
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html
Frame ID: 7D181C85BEB247176E025BED31CC1176
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 20551CB3425E652927AA19B26D2E1C35
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4B6C4C99E3C111804A21CBE787208C89
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

850
Requests

99 %
HTTPS

41 %
IPv6

70
Domains

135
Subdomains

122
IPs

13
Countries

16649 kB
Transfer

43641 kB
Size

4
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: https://events.storm.mg/campaign/2021SMCF_2/
Title: 好好退休

Search URL Search Domain Scan URL

URL: https://events.storm.mg/campaign/2021SMCF_1/
Title: 飛越疫情

Search URL Search Domain Scan URL

URL: https://events.storm.mg/stormcafe/
Title: 咖啡贊助

Search URL Search Domain Scan URL

URL: http://service.weibo.com/share/share.php?url=https://www.storm.mg/article/3553076
Title:

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=https://www.storm.mg/article/3553076
Title:

Search URL Search Domain Scan URL

URL: https://lineit.line.me/share/ui?url=javascript:void(0);
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stormmedia
Title:

Search URL Search Domain Scan URL

URL: http://line.me/ti/p/%40dyp8323m
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwWXGnvVmi-6Sfx2wf8S8tQ?sub_confirmation=1
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stormmedia_tw/
Title:

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/feng-chuan-mei-xin-wen/id898714286
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=cc.nexdoor.stormmedia
Title:

Search URL Search Domain Scan URL

URL: https://www.104.com.tw/company/1a2x6biltn
Title: 人才招募

Search URL Search Domain Scan URL

URL: https://events.storm.mg/campaign/media-kit/Marketing_in_5_minutes.pdf
Title: 品牌聯名合作

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stormmedia/
Title: 風傳媒

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SMediaLife/
Title: 風生活

Search URL Search Domain Scan URL

URL: https://www.facebook.com/smediasport/
Title: 風運動

Search URL Search Domain Scan URL

URL: https://www.facebook.com/workedmoney/
Title: 下班經濟學

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stormmedia.global/
Title: 風傳媒看世界

Search URL Search Domain Scan URL

URL: https://www.facebook.com/stormmedia.viewpoint/
Title: 風傳媒觀點

Search URL Search Domain Scan URL

URL: https://www.facebook.com/thejournalist/
Title: 新新聞周刊

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mentorstalk/
Title: 學長姐說

Search URL Search Domain Scan URL

URL: http://line.me/ti/p/@pps9440c
Title: 風生活

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/@zdr9880k
Title: 風運動

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/@jwv4477k
Title: 新新聞

Search URL Search Domain Scan URL

URL: https://www.instagram.com/stormmedia_tw
Title: 風傳媒

Search URL Search Domain Scan URL

URL: https://www.instagram.com/worked_money
Title: 下班經濟學

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCwWXGnvVmi-6Sfx2wf8S8tQ
Title: 風傳媒

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCneXqe_wDKzcUs3Yy9m24bA
Title: 下班經濟學

Search URL Search Domain Scan URL

URL: https://t.me/storm_media/47
Title: 風傳媒

Search URL Search Domain Scan URL

URL: https://t.me/new7_thejournalist/67
Title: 新新聞

Search URL Search Domain Scan URL

URL: https://t.me/storm_money
Title: 下班經濟學

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc HTTP 307
https://gocm.c.appier.net/apnnet?url=adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js&&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=06ZX8mppB2eVu8ixDkRZYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc

Request Chain 149

https://sb.scorecardresearch.com/b?c1=2&c2=20419801&ns__t=1616462863882&ns_c=UTF-8&c8=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1616462863882&ns_c=UTF-8&c8=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&c9=&cs_ak_ss=1

Request Chain 193

https://www.facebook.com/v3.2/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width= HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width

Request Chain 200

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1616462864582&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2701916%26time%3D1616462864582%26url%3Dhttps%253A%252F%252Fwww.storm.mg%252Farticle%252F3553076%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1616462864582&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&liSync=true

Request Chain 385

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc= HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESELqM2m9n5Dc72C0hTmIxnwc&google_cver=1

Request Chain 504

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 513

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 522

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=X6VhMXxiR3I0SFlCNWVKazdlUGhmN1QzS2JPNDRoVE1tODdGNUxDMkdDM20xbzJ5V251OTNSZG5uUmkrYXk2TmN3c3A1VjhXV2NialJWYkVJZXRSQmZZTnhJYm9RSUw4bzNScU9kSHZjeUk0TUdnWlk2ekV4ZmN5VVhDTWR2ZlJ5ZEpmSlJRdFRtU0s0M01ndW8vNDY5MkRvRE1XWWdGcVNVYURQVWc2b0tzYk9sb1JkOVZsOFYrZ3dXQk41bXR5azQ2R1hnZFZCS3duSHVIcHpkQUpyUW9RbFQ5UEFka1lIdHdsNy9Vd1d6QXQ1RHJjPXw&cppv=2

Request Chain 549

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=loNHe3w4WUhBS1VTY2t1UkloWXp3SFpxbkRHRHZnQmVKL3F4dk9yd1g3ajRycXdYS2ZuTVU0bS9lRklOQkQvaEZYNEFHdlpoZTV3Rlk1T09MRW1IWFBlWjRndGZ0UWl0bmx0ZzNuRXJjUFJPN2RRa2lrandrZ1FVTVR5S3VYZmlpcVhKeFVmZFdySUYxSUcvN3IxL1lkT2d1dXU1aUFqMnJxZk83dXFoS3FNejFWL3RENVFwV09mdjdzaUlOY05pWHhrZTVUTnRFUHBib1ZybXdDdUNwWmhPMHRsWGl2RmhvUFdnM015MEhtRWlzRkxjPXw&cppv=2

Request Chain 581

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D22%26key%3D%7BPUB_USER_ID%7D HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=22&key=12576007-c9f7-426f-95c4-8257ba53c9fc

Request Chain 587

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D56%26pid%3D5b59760c073ef46a2e6b8f13%26key%3D%7Bdevice_id%7D HTTP 307
https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=725a5d49-8672-4287-b412-46e9a14f39d8

Request Chain 596

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=FF_Rynw3d1R4Tk44Y3JTV2tHZWkvL3BKSThwRC9jdm1GTjhhd1kwZjVCaVg3VUNJOU5vRHE1U2trQ2xCVjhDOFNVQW14NHZJcFpNZG1MQVVRRkxua3NLa2oxcUdJbGtrL1pGakpkaUdBRS8zb2JXL1dOYXZBbm1kOXdNTzJ1RVFSR1NSSEJ5YjNUekpqdzRxSkorY1owMEhPRklON0p5M01HYmZEbkczZjJqcjNxekhmMG1CWE9IYTFjQUoxaDNVN1VrSno4cVp0cW5jZ0lYL2oxRWpFK3Z6RFhMcGdSWkgyeHkyTnByRzhpUUdkRVk0PXw&cppv=2

Request Chain 691

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hSMjAyMTAzMjMwOTI3NDc4NTM5Njc%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJA-zaU5KF22_LJGS3uu2kg&google_cver=1&google_ula=3918219,0

Request Chain 692

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 694

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXR20210323092747853967 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 709

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXR20210323092747853967 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 710

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hSMjAyMTAzMjMwOTI3NDc4NTM5Njc%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAfBgxDR_l0d50AuXZ4yDRg&google_cver=1&google_ula=3918219,0

Request Chain 711

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 727

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cver=1&google_push=AQvitUIZJHsNd5uTWtxrH9RcPMrAaGBi3YbzRlN-Lu4VuZjqVVElSU0gHHGlUgtOb5j3pO2KisIo2Uf8mWeukzHq-zgPCMXWU_D0 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cver=1&google_push=AQvitUIZJHsNd5uTWtxrH9RcPMrAaGBi3YbzRlN-Lu4VuZjqVVElSU0gHHGlUgtOb5j3pO2KisIo2Uf8mWeukzHq-zgPCMXWU_D0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WEZLSUYyTzUxTG92UE01&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cver=1&google_push=AQvitUIZJHsNd5uTWtxrH9RcPMrAaGBi3YbzRlN-Lu4VuZjqVVElSU0gHHGlUgtOb5j3pO2KisIo2Uf8mWeukzHq-zgPCMXWU_D0

Request Chain 728

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELHLNcRZiSGNP0V-uQspQ8k&google_cver=1&google_push=AQvitUL2Divhxh3tkdrMQbZmdy57kAyuixgk81PemCI1PxAL4zMx-DePjB7aS3RxBe1Nc6i3P8aksvmS703K54cZ-BA8nrITooLd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUL2Divhxh3tkdrMQbZmdy57kAyuixgk81PemCI1PxAL4zMx-DePjB7aS3RxBe1Nc6i3P8aksvmS703K54cZ-BA8nrITooLd

Request Chain 729

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJa-O9ow6WTLLjm5LNUYWcw&google_cver=1&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQmsdkLfnxjgBqBAHxaUue8u3O HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJa-O9ow6WTLLjm5LNUYWcw&google_cver=1&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQmsdkLfnxjgBqBAHxaUue8u3O HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1NjU0ODM0ODQ3NTYzMjU2Nw&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQmsdkLfnxjgBqBAHxaUue8u3O

Request Chain 735

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXR20210323092747853967 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 736

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 765

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YFlEFwAAAIbUHSrK&_origin=0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK HTTP 302
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFlEFwAAAIbUHSrK&_origin=0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e

Request Chain 766

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBmYmJlZjZiMy04Yjc2LTExZWItYjQ4YS0wMmU5ODU4NTQ5OGU%3D HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIRERlfth7OwSPNAa55u5GQ&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIRERlfth7OwSPNAa55u5GQ&google_cver=1&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e

Request Chain 767

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd

Request Chain 779

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 799

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AK_L8095SMuoab7mbs1i9Q%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 801

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 802

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&addseg=21

Request Chain 803

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDBBRkNCRjMtNEY3OS00OENCLUE4NjktQkVFNjZFQ0Q2MkY1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 804

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBkA7ZnCfpNP3xB1YT-A_J0&google_cver=1

Request Chain 806

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd

Request Chain 807

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1056548348475632567

Request Chain 808

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71c56059-4416-4900-b420-fa75977ef632&gdpr=0&gdpr_consent=

Request Chain 809

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6621114705051675582&gdpr=0&gdpr_consent=

Request Chain 810

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=b85e7df5-ee76-4832-92ae-503c4c35403a&ssp=pubmatic HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_id=b85e7df5-ee76-4832-92ae-503c4c35403a&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e00ff582-7be9-48f2-9514-e3e00a5feb30&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 812

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-B.U3CHBE2uWSEdrBzNxV0ZQdTpn7ntI-~A&gdpr=0&gdpr_consent=

Request Chain 813

https://ads.adaptv.advertising.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462872242&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1 HTTP 302
https://ads-eu.v.ssp.yahoo.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462872242&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1&a.y_rid=d2cb824a-3c28-419a-94ad-0f91a4190e46&a.is_yahoo=0&redirect_y=dHM9MTYxNjQ2Mjg3MjM4Ny4zMzQ0NzM6YXBpZD1VUGZiYmVmNmIzLThiNzYtMTFlYi1iNDhhLTAyZTk4NTg1NDk4ZTpyZXF1ZXN0X2lkPWQyY2I4MjRhLTNjMjgtNDE5YS05NGFkLTBmOTFhNDE5MGU0Ng==

Request Chain 820

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 821

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 833

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

850 HTTP transactions
30 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 3553076 Show response
www.storm.mg/article/ 156 KB
35 KB 754ms
619ms Document
text/html 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b87d2b583d0c3be29b335e8a856f09f3a5b2530bf309a8efa71e736277ae9303

Request headers

:method: GET
:authority: www.storm.mg
:scheme: https
:path: /article/3553076
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
cache-control: max-age=338, public, s-maxage=338
content-encoding: gzip
date: Tue, 23 Mar 2021 01:27:41 GMT
server: nginx
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: qzKexOImzS02LPndlYNDUofbN9qUnL-RbSPopMJbqawrt62-Ggu_mg==

GET
H2 200 css2
fonts.googleapis.com/ 356 KB
98 KB 28ms
25ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02ec4a6487ac02d159fc096b0d4652ccf9c898aba6efffa95d5546065e1941ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:27:41 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:41 GMT

GET
H2 200 icon
fonts.googleapis.com/ 568 B
474 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8e7e777ab2c510a548bec6e1e8b9a3fbceb986ba8603686a64f7d11ed3e8805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:27:41 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:41 GMT

GET
H2 200 layout.min.css
www.storm.mg/stylesheets/ 528 KB
68 KB 73ms
70ms Stylesheet
text/css 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9ff926261a19ffc0741cb4b9dc3da250c82639cb881b7f3981234ee474b432a7

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:54 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 02:15:24 GMT
server: nginx
age: 167
etag: W/"6054093c-83f29"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: JU71ujP303iThIEnqQvAMRdAdQDXvzC1wyEcOqexJQ8iKiQPQmA0ng==
expires: Wed, 23 Mar 2022 01:24:54 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
www.storm.mg/js/ 90 KB
32 KB 121ms
119ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 167
etag: W/"5a5ebc04-169d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 32772
x-amz-cf-id: SR3twkR-6f0e37FlHjQRPxGTujCNM1YSjROunZXVx19kRfg2n8C8Jg==
expires: Wed, 23 Mar 2022 01:24:54 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 57 KB
20 KB 151ms
54ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e996784cacd24396160deff0366e192d503bab24c17c28b9692b087e2fb7ce5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 648 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19748
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49663
x-xss-protection: 0
server: cafe
etag: 2488594466385152879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H2 200 browser_define.js Show response
www.storm.mg/js/ 1 KB
852 B 127ms
124ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/browser_define.js?id=e4e26315b3a912dabc4f
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3d278d324065ab89c5eef315040c5084d97db20be44db41440980c99988b3cf1

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:08 GMT
content-encoding: gzip
last-modified: Tue, 28 Jul 2020 07:16:59 GMT
server: nginx
age: 913
etag: W/"5f1fd0eb-498"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 432
x-amz-cf-id: vPR-dnNAaY78MvHC4I3DrPZCfnk_KMKSt_JNU7uDB3p_odRppEfV8w==
expires: Wed, 23 Mar 2022 01:12:28 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
531 B 43ms
14ms Script
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CString.prototype.padStart%2CObject.values%2CPromise%2CElement.prototype.append%2CURLSearchParams

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 928876
detected-user-agent: Chrome/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Thu, 11 Mar 2021 21:50:30 GMT
date: Tue, 23 Mar 2021 01:27:41 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
https://gocm.c.appier.net/apnnet?url=adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js&&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=06ZX8mppB2eVu8ixDkRZYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc

537 B
427 B

309ms
309ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=06ZX8mppB2eVu8ixDkRZYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 7d9cb621633f5925775861be167c4ec7880e741b4db48caffb31cc5a9e5f118c

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=06ZX8mppB2eVu8ixDkRZYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
date: Tue, 23 Mar 2021 01:27:42 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 200
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 define.js Show response
www.storm.mg/js/dfp/ 8 KB
3 KB 126ms
125ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/dfp/define.js?id=e81d4b8a2ad079a69ad5
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 11e5f6fcb0e9f167de2c70823137b29eab53c944c144a9e615ad0f92729db0ae

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:54 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 00:09:57 GMT
server: nginx
age: 167
etag: W/"605931d5-1e6a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 2196
x-amz-cf-id: mz7Q0oS7clXM2GfatYpUQyNuqSAVY-0hgBk9_kjuCrQkvwQJTDZ79Q==
expires: Wed, 23 Mar 2022 01:24:54 GMT

GET
H2 200 tracking.js Show response
www.storm.mg/js/core/ 1 KB
1 KB 127ms
126ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/core/tracking.js?_v=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6d9eaafc340c46807a31a00917fb95d51c33321d52f3bcf41297a84fccef4553

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:54 GMT
content-encoding: gzip
last-modified: Fri, 15 Jun 2018 04:01:13 GMT
server: nginx
age: 167
etag: W/"5b233a09-5fe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 767
x-amz-cf-id: 12uZDHDBw1uZLvcg3E5pJIm1_83nrmuN3QhXeSkiMqrpcPMowuo2SQ==
expires: Wed, 23 Mar 2022 01:24:54 GMT

GET
H2 200 smg.js Show response
www.storm.mg/js/core/ 695 B
891 B 127ms
126ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/core/smg.js?_v=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ffcc0f5b5458b5e9eaa54a148c555593dde0d3e797314cffe8933e09fdb48586

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:04:25 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 19:01:40 GMT
server: nginx
age: 1396
etag: W/"5f2da514-2b7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 471
x-amz-cf-id: LiXpTPRKdxrz3rUtv-X_2JBy4VwS7Q5g3XA9klVw5a4bcTTmwGzLcQ==
expires: Wed, 23 Mar 2022 01:04:25 GMT

GET
H2 200 unidata.js Show response
www.storm.mg/js/core/ 717 B
893 B 126ms
125ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/core/unidata.js?_v=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8afb4e8baa2ec27159a9f1b678e3c7b3287a354c679711e1d7a9e8cb0a0ae798

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:54 GMT
content-encoding: gzip
last-modified: Fri, 03 Aug 2018 09:19:08 GMT
server: nginx
age: 167
etag: W/"5b641e0c-2cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 475
x-amz-cf-id: 4rTZ5-asnzFicxQ_70KlQ375cVBLT5-GcniWo79UKFufjMfvW5O_rg==
expires: Wed, 23 Mar 2022 01:24:54 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 32ms
16ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 3413
etag: W/"29e3b92597e716694def18b1f85abbfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6343e0fe2804d709-FRA
cf-request-id: 08fe4af2da0000d7096b952000000001
expires: Fri, 26 Mar 2021 01:27:43 GMT

GET
H2 200 wsj_red_btn.png
www.storm.mg/images/premium/ 2 KB
3 KB 60ms
60ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/premium/wsj_red_btn.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 37184b5b0c26342b3e4182bb81377106d50067c096aa1b3ded2bd4739e3b5d82

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 06:12:46 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e40f45e-90e"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2318
x-amz-cf-id: CPUBD095dVuFowYfvCA74u8SuQyweCV6wlWk-pzMPKO8jlcicx1Tew==

GET
H2 200 wsj_red_btn_active.png
www.storm.mg/images/premium/ 3 KB
3 KB 60ms
60ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/premium/wsj_red_btn_active.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8320a5fa8b7e5b43abe1359be9de3e9d7e93256f27f4c0f812444be3eb2ee3af

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 06:12:46 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e40f45e-a40"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2624
x-amz-cf-id: FS0KD4tqh02pqQXK4LsoqglvOfALrNanktdzuRf5znMvcfz2VMiUSA==

GET
H2 200 logo.svg
www.storm.mg/images/ 7 KB
3 KB 58ms
58ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/logo.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b50277b2389bfdda3bb9148d0c26c07324d1eb8db70a9c703d41325d66b4af6b

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:16 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 1593
etag: W/"5a5ebc04-1d6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: JmBANsBvE_zxCmfefnDF6_tYiiGiKNmIUZTbZwxvH02d-HuCU4yt5A==
expires: Wed, 23 Mar 2022 01:01:10 GMT

GET
H2 200 logo_CT.svg
www.storm.mg/images/ 4 KB
2 KB 58ms
57ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/logo_CT.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a2469b91c0bb4ca4f8f1d67b79f1ada540029e248827717b22e0e8333e18f818

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:11 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 1427
etag: W/"5a5ebc04-e2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Yly7tdfbXi58Y-jfGyIi22zoU4J855yYK29ukGevns47r4gMWrt5Kg==
expires: Wed, 23 Mar 2022 01:03:55 GMT

GET
H2 200 logo_new7_vip.svg
www.storm.mg/images/ 14 KB
5 KB 58ms
57ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/logo_new7_vip.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 59a98beecaaa2055592d1fec998eeb157f138e6843ba05b61d068b69338b02e8

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:16 GMT
content-encoding: gzip
last-modified: Sat, 26 Sep 2020 07:18:12 GMT
server: nginx
age: 1592
etag: W/"5f6eeb34-37c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: qZdHXELRA5G5deOukWPG81oWd7_RDCqIh0NGrpiAw2vPVj9osw2RLA==
expires: Wed, 23 Mar 2022 01:01:10 GMT

GET
H2 200 print.css
www.storm.mg/stylesheets/ 2 KB
894 B 86ms
81ms Stylesheet
text/css 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/stylesheets/print.css?v=1.0
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d19d9de9bbafb40238e5d2b02a6ec1546158f7956dbc641a5f292befed381647

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:58:07 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 00:09:57 GMT
server: nginx
age: 1776
etag: W/"605931d5-9c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 484
x-amz-cf-id: ktw6MXqAwGXlzv8WuDOIo65n5VjPB2sAbOUGcMM2ev-CWbiD9GPzMQ==
expires: Wed, 23 Mar 2022 00:58:07 GMT

GET
H2 200 wsj_menu.png
www.storm.mg/images/premium/ 5 KB
5 KB 60ms
60ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/premium/wsj_menu.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 56ed88293bc3b19239d5c0fe26672cfd7b41ed3bad4d974970cab9a373f0be98

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:01 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Fri, 22 Nov 2019 03:37:40 GMT
server: nginx
age: 161
etag: "5dd75804-12c6"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 4806
x-amz-cf-id: P1ocLKGXCpNXp-Ysdh31OaGKTZmD8P5Xevx_BxyMdkaqbabGTc30-Q==

GET
H2 200 wsj_menu_mobile.png
www.storm.mg/images/premium/ 4 KB
5 KB 60ms
60ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/premium/wsj_menu_mobile.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b1ed587eda401e449edfe34318d55e185497ec21a52b907ee05cf6656e961d9f

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:50 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 18 Nov 2019 10:23:56 GMT
server: nginx
age: 113
etag: "5dd2713c-11ec"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 4588
x-amz-cf-id: PURAEkfI27q1rjtSGKrnt7hkud72tDjVCqJ_n2ldImuA7WkewlGo9Q==

GET
H2 200 search_btn.png
www.storm.mg/images/ 24 KB
25 KB 69ms
59ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/search_btn.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: df18f6d97724aedc00931593f05d46795219aba0c1a5c4c5f1e11c210a1f016f

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5a5ebc04-6122"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24866
x-amz-cf-id: UWwOXhNS8Iy4pUfSbdt4i_io_FJDXDOcYqVR-FObjlt7Q3vEWeiI_Q==

GET
H2 200 search_btn_hover.png
www.storm.mg/images/ 24 KB
25 KB 70ms
61ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/search_btn_hover.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 94787763c97e2505befdf1b883d5fde64c1f1df7547ec5d9c44db6aa5158c1c0

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5a5ebc04-6122"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 24866
x-amz-cf-id: UkBfXLx1UtU36n_fPqbAl5zz8-FuCogC6EsPyVnYKQDB7udrEr9U4w==

GET
H2 200 ajax-loader.gif
www.storm.mg/images/ 7 KB
7 KB 73ms
62ms Image
image/gif 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/ajax-loader.gif
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5a5ebc04-1aa4"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 6820
x-amz-cf-id: XOap-i_Hq2umC6_FkQAkGVcpva4Pas9tCmHdiG8JImCpJPaDS9LnOA==

GET
H2 200 account_detail.svg
www.storm.mg/images/svg/ 2 KB
1 KB 71ms
61ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/account_detail.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: cc64a742ead51c8d3c7ab29597287ffcfae6b93ff22d4d35fd646187ab6a4fde

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:17 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 03:52:28 GMT
server: nginx
age: 1458
etag: W/"5a5ec87c-70c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: mnZR3oM9tB2XIYL1rP3VdKIwALznxO5LBjaMr3VGlKdZ3JXXygOCtQ==
expires: Wed, 23 Mar 2022 01:03:25 GMT

GET
H2 200 member.svg
www.storm.mg/images/svg/ 823 B
1 KB 73ms
62ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/member.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 04b53924e054afe428a4482452f988f705775328c10a2e3432dfc95a4fd3a1fa

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 03:52:28 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5a5ec87c-337"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public, no-transform
accept-ranges: bytes
content-length: 823
x-amz-cf-id: Wc5zGzK66BKq8q3AxuUF9-xA2s0togzOOjUaegLluD0LsKxqM1vjZQ==
expires: Wed, 23 Mar 2022 01:25:01 GMT

GET
H2 200 premium_icon.svg
www.storm.mg/images/svg/ 1 KB
1 KB 72ms
62ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/premium_icon.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 11f436a97bc0a6d6f2a7f171b8c1b89872e6af4d857af61db1c43235a5395ec0

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:17 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 964
etag: W/"5fec004d-40f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: M4NEUlNFdqNtVQj0JFwUU2lNIL9egYJBVrhTutXDuxTJwIUb7Nsj4g==
expires: Wed, 23 Mar 2022 01:11:39 GMT

GET
H2 200 present.svg
www.storm.mg/images/svg/ 2 KB
2 KB 70ms
60ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/present.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d98d14669eb4616f42bc62d7af02f1b23925c61929f9a10736bab32fa2b5b87b

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:17 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 1603
etag: W/"5fec004d-889"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: CSQzSPRBD8PTgYK4kIDCJvqWp1OP9nc1Vzji6hafcIPfZD2g2MqjIA==
expires: Wed, 23 Mar 2022 01:01:00 GMT

GET
H2 200 donation.svg
www.storm.mg/images/svg/ 2 KB
1 KB 71ms
61ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/donation.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3bad69264aefa45b3cf2c482d1e9de36e7a234292974a993f2469960d5756d22

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 1602
etag: W/"5fec004d-77a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: ndaufxtY_nWZzXCVcYM9G2IMvJTglqlMVFgmkxztJL_BPnao9jTtRw==
expires: Wed, 23 Mar 2022 01:01:01 GMT

GET
H2 200 donation_list.svg
www.storm.mg/images/svg/ 2 KB
1 KB 86ms
76ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/donation_list.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 034385d3ecf8a345dc53799aa76e9e600a8b321ab3fba473cd40f84cb68e30f8

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:00:59 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 1604
etag: W/"5fec004d-7ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: yNFCySWd8PK2JMivCzOcRLol4kjfs_vop72JvfDqsUrLEuMZ1QszFw==
expires: Wed, 23 Mar 2022 01:00:59 GMT

GET
H2 200 author.svg
www.storm.mg/images/svg/ 751 B
1 KB 89ms
79ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/author.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 14c0cf3877366a725f5b3d7096ac33979dadc47af37e757fb69005a976651e6f

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:17 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 03:52:28 GMT
server: nginx
age: 1455
etag: "5a5ec87c-2ef"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 751
x-amz-cf-id: XFlln8ByS1vubFPKeXXYK172J5z2TSV-ZXZSvslzm9jaJKigqSfKlw==
expires: Wed, 23 Mar 2022 01:03:28 GMT

GET
H2 200 support_us.svg
www.storm.mg/images/svg/ 1 KB
1 KB 89ms
80ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/support_us.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1b8d76df01f625c7664ded13227bc8aa61fa8065164b513ddd251d015bbd514d

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:11:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 964
etag: W/"5fec004d-441"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: fSTUNPnEauSJHnTetbGUlqn8-q8a89p8vymTk3Xy9EEiwiAK1oXGdA==
expires: Wed, 23 Mar 2022 01:11:39 GMT

GET
H2 200 header-member_mobile.svg
www.storm.mg/images/svg/ 849 B
1 KB 86ms
76ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/header-member_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d605f1fb10b5ee49f59328d98df7757e135c1d247fe79392b1ce97afaf6e34ad

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:17 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 964
etag: "5fec004d-351"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 849
x-amz-cf-id: HfENlo3cltXXKzOHCLX_F6AFG7DH84EW372UxHrDMI0eW5tnay1GPA==
expires: Wed, 23 Mar 2022 01:11:39 GMT

GET
H2 200 member_link_mobile.svg
www.storm.mg/images/svg/ 1 KB
1 KB 86ms
76ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/member_link_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0d9f3d845fd24f8a8161da7c3d550ccee30980e52e4cecfacc09449d6731a248

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:11:39 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 21:46:58 GMT
server: nginx
age: 964
etag: W/"60591052-47a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: rgM0mtWR2XdEIncW6F2-EtNsEoTeYheJh8xNwzsfQ6Lp1M-UNMrLxg==
expires: Wed, 23 Mar 2022 01:11:39 GMT

GET
H2 200 present_mobile.svg
www.storm.mg/images/svg/ 2 KB
1 KB 87ms
77ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/present_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 496832b29c05d19987bcc3c825498d6d43edc8874026a9b5d5795ba9ce4bf7d3

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:11:40 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 18:02:22 GMT
server: nginx
age: 963
etag: W/"6058dbae-7c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: pb2L8Czk6ihthkwTd-lR_3pfZ-U72ddXR94xjgtSHtwJcLmb659ENQ==
expires: Wed, 23 Mar 2022 01:11:40 GMT

GET
H2 200 header-coffee_mobile.svg
www.storm.mg/images/svg/ 2 KB
1 KB 90ms
80ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/header-coffee_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9a0d4f663cf14d5417afdc1b49cc230169f2c2b6c0c779ae1c768fb2ee416625

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:11:39 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 964
etag: W/"5fec004d-7a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Ml3OnNV_G0x9DqbVpnh4LA66owxKj2KuU0dd_qQaciq22iNg2YJhgQ==
expires: Wed, 23 Mar 2022 01:11:39 GMT

GET
H2 200 donation_list_mobile.svg
www.storm.mg/images/svg/ 2 KB
1 KB 87ms
77ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/donation_list_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 76064ddd12bf9fe3cb8055771f4790d2a4a391a04e4e961bce6a6f3f89d6235b

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:02 GMT
content-encoding: gzip
last-modified: Wed, 30 Dec 2020 04:21:33 GMT
server: nginx
age: 1600
etag: W/"5fec004d-63b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: NrerRWMN9JfEb3xAY9qUcURJyyRk3heeEnzhtcaAg3bPwm0Fq5Qmrg==
expires: Wed, 23 Mar 2022 01:01:02 GMT

GET
H2 200 wsj_mobile.svg
www.storm.mg/images/svg/ 2 KB
1 KB 87ms
78ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/wsj_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1d938720aaf6d016c860c53d8842628dedd7196dae458d9da48103ec114e1846

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:02 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 00:05:53 GMT
server: nginx
age: 1601
etag: W/"605930e1-646"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: C5ia6WfNE0Zvbnog639bBfbhxgciaavrb77nfsGf3uUwHJvNv1Lj1g==
expires: Wed, 23 Mar 2022 01:01:02 GMT

GET
H2 200 support_us_mobile.svg
www.storm.mg/images/svg/ 1 KB
1 KB 87ms
78ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/svg/support_us_mobile.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: dc46343f4589fedcba61b549d5c3877301846da5b4a40bd836619d0d6fb00df4

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:03:26 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 21:46:58 GMT
server: nginx
age: 1457
etag: W/"60591052-46a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: eVteN9WHKQ7tYdYOpiP6j8kwGmUyV01Er_KF4BY5AIdh3Yf5RBVi3g==
expires: Wed, 23 Mar 2022 01:03:26 GMT

GET
H2 200 cht.png
www.storm.mg/images/ 2 KB
2 KB 91ms
82ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/cht.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4736abc878880e5e13b646bbd5b46e6470c91b2959c616a865af1f265928b621

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Sun, 28 Apr 2019 15:37:23 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5cc5c8b3-8cd"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2253
x-amz-cf-id: EHseBlmDufbQw8Tpm5eRLDnLkTxLLzQ_qB9EdE5DxcDKfr9yF9yMxA==

GET
H2 200 cht_hover.png
www.storm.mg/images/ 2 KB
3 KB 87ms
79ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/cht_hover.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: cd68a6e55fe88aa4ec6dfce4a35ba9c3cd69a6954e5ecb4e3d091d819c4a5375

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:02 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Sun, 28 Apr 2019 15:37:23 GMT
server: nginx
age: 161
etag: "5cc5c8b3-91e"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 2334
x-amz-cf-id: XU7DjFYmGYEOw4NHFrGh7ovsaHfh8Yth3i3x9y30jJzHwOqLFTWOnw==

GET
H2 200 chs.png
www.storm.mg/images/ 1 KB
2 KB 91ms
83ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/chs.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: a8b1d478b7bb9316d230f5be129aa063dee9c920b0151e64d9d8fa3a88ac6569

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Sun, 28 Apr 2019 15:37:12 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5cc5c8a8-5b6"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1462
x-amz-cf-id: WxueyXOWlRw0Op923wfLfLKcY_WqJP1F2wNAdVfui1d9LQVqzTn4gg==

GET
H2 200 chs_hover.png
www.storm.mg/images/ 2 KB
2 KB 88ms
79ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/chs_hover.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7e61f5417431e000124fbcf81b86ae6c08999e6f229f2ebffc748d82c2516ba4

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Sun, 28 Apr 2019 15:37:23 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5cc5c8b3-661"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1633
x-amz-cf-id: NNmSfeuneYwcOLAoPzJjsDg4r8Jho5x_H8K5VlK2qArAXUaNGKfx6w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
62 KB 42ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7234d81a83866451da09545fa3dc6bcd725bd6c0c8029d5b07a4e214345f427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63762
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 90 KB
29 KB 207ms
85ms Script
application/javascript 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eccd1aa5863c88b1cb516307ef5a9c9ddbbe3f9731b16cc9acab24c0cfc39ef1

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1aqEYV4u_d3XIH6JrDAdY.utE5lnp3z8
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: B7B5A6815694FCAC
ETag: "266a79fe0038f1a014ba814f51520b2a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=74965
Date: Tue, 23 Mar 2021 01:27:43 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29535
x-amz-id-2: u7UE9QL+HzrXEIj3fKU9KEF9IkLL74m8wKQxTQoOE6n7kozpfeEccxKgoW2KWppl9sYaDhTFG0o=

GET
H2 200 polyfill.min.js
polyfill.io/v3/ 72 B
174 B 18ms
13ms Other
text/javascript 2a04:4e42:200::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CString.prototype.padStart%2CObject.values%2CPromise%2CElement.prototype.append%2CURLSearchParams

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 928878
detected-user-agent: Chrome/89.0.4389
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Thu, 11 Mar 2021 21:50:30 GMT
date: Tue, 23 Mar 2021 01:27:43 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 20200929-045032_U8719_M642661_c4b0.JPG
image.cache.storm.mg/styles/smg-800x533-fp/s3/media/image/2020/09/29/ 44 KB
45 KB 270ms
90ms Image
image/jpeg 65.9.58.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.cache.storm.mg/styles/smg-800x533-fp/s3/media/image/2020/09/29/20200929-045032_U8719_M642661_c4b0.JPG?itok=opINVHZG
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f46931015fb8a0516ef5ca1d3ecfa0534871744b8ed66d3878928ab236fcf5b

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:10:18 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Tue, 29 Sep 2020 08:52:54 GMT
server: AmazonS3
age: 1046
etag: "ba7035e275060c7b82e157605d1da308"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 45323
x-amz-cf-id: s71zh_UqG8akjxpDeqcf9wvasqV0S-Xf4JO1bHVXqCOKmEEW-iWgXw==

GET
H2 200 default_author_1.png
image.cache.storm.mg/styles/smg-150x150-fp/s3/default_images/ 6 KB
6 KB 244ms
64ms Image
image/png 65.9.58.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.cache.storm.mg/styles/smg-150x150-fp/s3/default_images/default_author_1.png?itok=wlNRUDRB
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20d890382a48f278fce348e066bdba95eff87ecce5dbfe78c984bfd0dce8b14f

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:58:06 GMT
via: 1.1 98997c223299d9efd138e7fb9a08a072.cloudfront.net (CloudFront)
last-modified: Thu, 01 Nov 2018 07:00:23 GMT
server: AmazonS3
age: 3109
etag: "d1d57ce337aa09b2d19c900da6fb0c3a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5802
x-amz-cf-id: KR9KhR9-ywhKwEqa3CK4tO10gMmlAxI62BAADGItQdD9Svr3XSnOSg==

GET
H2 200 stars.png
www.storm.mg/images/ 2 KB
2 KB 87ms
80ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/stars.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fa4f6f67cae8ebdfb32ef792bfc98c325b1282de2db5fe0b59e8d332cd0b29fa

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2020 10:01:32 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e84667c-615"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1557
x-amz-cf-id: GSgLkvg6IpQWjEWj8U_RHmwKmoMlgjJoZ3ct3s3-i2g5kXSA8YFr6Q==

GET
H2 200 app-store.png
www.storm.mg/images/ 3 KB
3 KB 88ms
80ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/app-store.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4cbc4bd9900691ec730e24678b055b3c0768f52f879eeebff707616fe36696df

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 06:12:46 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e40f45e-bea"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3050
x-amz-cf-id: vhJSWIijHzQITZjPLLoLqQpiny1STC-BaI1XhH9KeeZHWlqfTmj26g==

GET
H2 200 google-play.png
www.storm.mg/images/ 3 KB
4 KB 89ms
82ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/google-play.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9c175d534cf98c238750824b23ac92954963b9edcddce8ccfc1e03f66e8dace2

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:12 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Thu, 06 Feb 2020 06:42:26 GMT
server: nginx
age: 151
etag: "5e3bb552-d44"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 3396
x-amz-cf-id: IGhn7fTOctd8OZOomgpPiKE1eaMIZO-EQFR6UoigCf4lxsAuNbywTQ==

GET
H2 200 footer_icon_fb.png
www.storm.mg/images/ 1 KB
2 KB 88ms
81ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/footer_icon_fb.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 5b43311cd3b32f81df683cbe244aa8358d5834e09522946ae7f735ee1b8501e8

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 06:12:46 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e40f45e-54a"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1354
x-amz-cf-id: SWI7wHFon-5niZeKcvEK_dDvBeQzQ69wZUSS5nLOYQe2GU_k2_vHkg==

GET
H2 200 footer_icon_line.png
www.storm.mg/images/ 2 KB
2 KB 91ms
85ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/footer_icon_line.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 957ccf45e2619f36e82c0418e1ef953dc3230da4c8c07dde0ca87f4fbb7152f9

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 06:12:46 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e40f45e-651"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1617
x-amz-cf-id: JVjkfdm8ApUzcy1-pqUPEO2dqxcL2g1T6y0eTSvQ-BM8tWBEpuRS-g==

GET
H2 200 footer_icon_ig.png
www.storm.mg/images/ 2 KB
3 KB 91ms
84ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/footer_icon_ig.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e4c0eec3f0a6bfb56273512939516c1bbf6feec940a74e64097d3df91d7a8c8d

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Mon, 10 Feb 2020 06:12:46 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e40f45e-8f1"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2289
x-amz-cf-id: T-lhdnD6fThY9NiDcf2omR0l53YdUvaM2KeWlGQVle9V0s0Em35JRQ==

GET
H2 200 footer_icon_yt.png
www.storm.mg/images/ 2 KB
2 KB 89ms
83ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/footer_icon_yt.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 880ceba6ed002e0e4cfb47168aaff3735535e987795a13e145adeb9afef68acb

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Thu, 06 Feb 2020 06:42:26 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e3bb552-831"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2097
x-amz-cf-id: jzuPF5KwZzIswIVzPSAI9Ias1BAJmzRwWjbbE_A1LyfjTGpCyLKqEQ==

GET
H2 200 footer_icon_telegram.png
www.storm.mg/images/ 2 KB
2 KB 90ms
83ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/footer_icon_telegram.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ffe1703d6adf284d92bfc1731706618610c977b81ba5f52c556559142648ee7c

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Thu, 12 Mar 2020 02:18:52 GMT
server: nginx
age: 149
etag: "5e699c0c-750"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 1872
x-amz-cf-id: BKfBmPkLuDTNJqsk44yp-1DBL1BLEtEx--3Tw1iyFeQntsDCfpa4Yw==

GET
H2 200 footer_icon_storm.png
www.storm.mg/images/ 1 KB
2 KB 90ms
84ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/footer_icon_storm.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 25cad4f681bb5aa3451c189db0377ada0f1d05a7d415047831bc02f8d53e0d2b

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 01 Apr 2020 10:01:32 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5e84667c-544"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1348
x-amz-cf-id: ADoVKlAMTwNXVcSnVvSpDbrQxylCrs1SUL7gtTsX7SgzRGnt2dI0-g==

GET
H2 200 slogan_ch.svg
www.storm.mg/images/ 5 KB
3 KB 87ms
81ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/slogan_ch.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d4d902f10380ef4cc0107aacc4eddcd7de75ac0fc989aca2faf91f9b2902eb80

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:18 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 961
etag: W/"5a5ebc04-1200"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: oa5ltl7yGh6D0BExccezisQyqTyirrsSaX--ot7MKFGqLq3NYdmuFQ==
expires: Wed, 23 Mar 2022 01:11:42 GMT

GET
H2 200 slogan_en.svg
www.storm.mg/images/ 4 KB
2 KB 89ms
83ms Image
image/svg+xml 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/slogan_en.svg
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4391e76b48e70dcb06afff7c4e2e21722a17e0f840c08e936249943cf637d57e

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:18 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 961
etag: W/"5a5ebc04-10e9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Lz90E2fiMprUXIPqeymEO9Bar96SAgeuUTDnVaBTaj15YX-00wSWPw==
expires: Wed, 23 Mar 2022 01:11:42 GMT

GET
H2 200 bootstrap.min.js Show response
www.storm.mg/js/ 13 KB
4 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/bootstrap.min.js?v=1.0
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: ede6c1a3c585742554555e636acc48d7008124e7726a000abf6bb4b627c62d38

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:02:32 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 19:01:40 GMT
server: nginx
age: 1510
etag: W/"5f2da514-3307"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 3935
x-amz-cf-id: 9L65egVgu4PQfUqRB8FWqFYdScDvEftPrLGZbpBan2pYAlCaePIM5A==
expires: Wed, 23 Mar 2022 01:02:32 GMT

GET
H2 200 jquery.animateNumber.min.js Show response
www.storm.mg/js/ 1 KB
1 KB 57ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/jquery.animateNumber.min.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:02:32 GMT
content-encoding: gzip
last-modified: Fri, 15 Jun 2018 04:01:13 GMT
server: nginx
age: 1510
etag: W/"5b233a09-56f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 738
x-amz-cf-id: Af5o5uPKZnHQYxektTxsHGgXabioIlKPCd1cwEsWGuAjUSwrHaUl8g==
expires: Wed, 23 Mar 2022 01:02:32 GMT

GET
H2 200 jquery.cookie.js Show response
www.storm.mg/js/ 3 KB
2 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/jquery.cookie.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:24:54 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 19:01:40 GMT
server: nginx
age: 167
etag: W/"5f2da514-c44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 1395
x-amz-cf-id: qrYUjUb41-UjinE4ufXmwfaETQNYy2_HEQhDMplFdvoatF1Qd2HYNQ==
expires: Wed, 23 Mar 2022 01:24:54 GMT

GET
H2 200 main.js Show response
www.storm.mg/js/ 26 KB
7 KB 58ms
58ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/main.js?id=c892a4ac1dd341961dc1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: dee1c2d9b5c5a0e93277f92b9c8d9b5f1eea79f501ef644b359ec41dd24d06e7

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 06:55:06 GMT
server: nginx
age: 167
etag: W/"6050564a-674d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 7235
x-amz-cf-id: pbUF3tw9UrKqI17KyusICPZe--PflX7K7DE3KEwSWG9m8Nn99g4GnQ==
expires: Wed, 23 Mar 2022 01:24:55 GMT

GET
H2 200 display.js Show response
www.storm.mg/js/dfp/ 3 KB
2 KB 58ms
58ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/dfp/display.js?id=147d8595caf00e344a63
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2d02440e8d33ed422c8b81b46bcc4f98b8f34fd8bc76e61dec98ab379f5f913b

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:04:25 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 00:06:34 GMT
server: nginx
age: 1397
etag: W/"6059310a-aad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 1129
x-amz-cf-id: 8uL52Uxw2H5FPnmOO3GOHeVTCjB6yC5FdPS5oUWWr7qDX474nIT_lg==
expires: Wed, 23 Mar 2022 01:04:25 GMT

GET
H2 200 donation_message_list.js Show response
www.storm.mg/js/ 10 KB
2 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/donation_message_list.js?v=1.1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 31d52d16834e8b8c42cd19725d19a78de0841213640542e89781512630751beb

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:10 GMT
content-encoding: gzip
last-modified: Sun, 28 Apr 2019 17:32:50 GMT
server: nginx
age: 272
etag: W/"5cc5e3c2-26d1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 1986
x-amz-cf-id: -8Vp7eMEX-HhbZTlLiN-KeolBn4MaX5i7NdJ7MY8wNBmivp-T3ckQQ==
expires: Wed, 23 Mar 2022 01:23:10 GMT

GET
H2 200 tongwen.js Show response
www.storm.mg/js/ 204 KB
78 KB 63ms
63ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/tongwen.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 51757ea0933827a15266d7fd6881a2d82c6c3462bf2927854ecc68c663b25587

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:42 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: W/"5a5ebc04-32ef2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-id: ezMW9BeayxlfvMTR2eshfw8hdXtJBrpEwDVGOf0SmdZx58bUZNhdeA==
expires: Wed, 23 Mar 2022 01:26:57 GMT

GET
H2 200 tongwen_control.js Show response
www.storm.mg/js/ 756 B
823 B 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/tongwen_control.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 32c787bb891e5830f3714a3284daec91cc3b1f229fed34f6378b96aae7099cd9

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:58:05 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 1799
etag: W/"5a5ebc04-2f4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 404
x-amz-cf-id: _nG0z-2L8G_hwh1OdY6jOIF0-WvQVQeQ7YGlMeUlgARyfvwE9nAobg==
expires: Wed, 23 Mar 2022 00:57:43 GMT

GET
H2 200 app_deep_link.js Show response
www.storm.mg/js/ 3 KB
1 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/app_deep_link.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1f2e28d35b7d608a3d098d5ecac6bcd4d892c79eb0f6f9c4684b8adb1dd63191

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:04:25 GMT
content-encoding: gzip
last-modified: Tue, 05 May 2020 02:40:34 GMT
server: nginx
age: 1397
etag: W/"5eb0d222-abe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 888
x-amz-cf-id: lV0FQZ6AQuUOYRfd8TXL0Pl4ODk9UTEmSeHiOKhBTXRzoCOFWHs7bA==
expires: Wed, 23 Mar 2022 01:04:25 GMT

GET
H2 200 article.js Show response
www.storm.mg/js/ 17 KB
6 KB 58ms
58ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/article.js?id=c147659e7017dc7ba09a
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b8deb5e72bfd442887a936f0ef7c4c20db50d78b1b3a4a526cc083ef66de9add

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:58:05 GMT
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 11:19:20 GMT
server: nginx
age: 1799
etag: W/"5fc626b8-4314"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 5430
x-amz-cf-id: BrBX8FQcUvXLsmiBYX7fCpmTna8_COkOvwGy2AXBjo3GVmeFNmI0Yg==
expires: Wed, 23 Mar 2022 00:57:43 GMT

GET
H2 200 clipboard.min.js Show response
www.storm.mg/js/ 11 KB
4 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/clipboard.min.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 167
etag: W/"5a5ebc04-2aa5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 3395
x-amz-cf-id: p62CNcdg3JL4gbhfm1GISd04_vNyVXVc2guqVIGPRKgwAUkmyN3VEQ==
expires: Wed, 23 Mar 2022 01:24:55 GMT

GET
H2 200 show.js Show response
www.storm.mg/js/author/ 3 KB
1 KB 58ms
58ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/author/show.js?id=562303e839182853e6bc
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9e9ac9a4008262b7824e7c6b4668507db4ea3b69ec84f2516b535d4453c4c3cf

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:07:41 GMT
content-encoding: gzip
last-modified: Fri, 07 Aug 2020 19:01:40 GMT
server: nginx
age: 1201
etag: W/"5f2da514-a24"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 898
x-amz-cf-id: _kNb43ueSs8vXSOAcT_mG43aSmCPQ4CRAepDW2Bsg2M7_Bl369gLqw==
expires: Wed, 23 Mar 2022 01:07:41 GMT

GET
H2 200 vote.js Show response
www.storm.mg/js/vue/polls/ 581 KB
177 KB 63ms
62ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/vue/polls/vote.js?id=80815a65349f2b8e1d1f
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 79421a5612f5b1e7c225a816d80b2b85ff9be2456b97a2eb3be4c5d22cfc3e87

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 23:39:58 GMT
server: nginx
age: 44
etag: W/"60592ace-912c3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: wE91JVAqKwcIEe_YvbibWmQSbpqx-oVXSJUWfwa_8B3gy_Ik-NzcrQ==
expires: Wed, 23 Mar 2022 01:26:57 GMT

GET
H2 200 sidebar.js Show response
www.storm.mg/js/vue/sidebar/ 102 KB
37 KB 61ms
61ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/vue/sidebar/sidebar.js?id=302439d6a2dccf89ec91
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 46f1e9fa13d07c840f99873d4972dbfdc88eb39f3988a4cd5b7831c2fdae5ac4

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:57 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 00:09:57 GMT
server: nginx
age: 44
etag: W/"605931d5-198ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Crm9ximRe5Q0mkXGM8qhG_YOX0_Tnf4a1Xb--OzoNJevZzKIJkr8LQ==
expires: Wed, 23 Mar 2022 01:26:57 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.net/npm/vanilla-lazyload@11.0.5/dist/ 5 KB
2 KB 24ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vanilla-lazyload@11.0.5/dist/lazyload.min.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

482f7aadd7dbfec9f7d97f2ecce024dbc5e057c94acba64f2be497ba54c3eddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 3551311
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 2053
etag: W/"1485-rGzSwmUcJwRwTKvOZSESJn6cQYs"
x-served-by: cache-fra19122-FRA, cache-hhn4052-HHN
date: Tue, 23 Mar 2021 01:27:43 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
100 KB 129ms
70ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/ 226 KB
85 KB 61ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86577
x-xss-protection: 0
server: cafe
etag: 9747339956311604466
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H2 200 pb.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 2 KB
524 B 310ms
305ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=06ZX8mppB2eVu8ixDkRZYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 7efe5fbd74b183b583f0c7cf328ff613dbbbf971ccbabbbbe2a8450f619c9e4c

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 smg.js Show response
track.storm.mg/js/core/ 5 KB
2 KB 938ms
307ms Script
application/javascript 54.150.150.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.storm.mg/js/core/smg.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/core/smg.js?_v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.150.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 38865b5a217b514dd4dab8928c80964c0d608b499997609d54966f8a14677eb2

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
etag: W/"15c0-1730db5bd3d"
last-modified: Thu, 02 Jul 2020 04:08:01 GMT
x-powered-by: Express
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: public, max-age=0
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H2 200 unidata.js Show response
track.unidata.ai/js/core/ 5 KB
2 KB 46ms
6ms Script
application/javascript 2600:9000:206f:ca00:1d:68e4:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.unidata.ai/js/core/unidata.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/core/unidata.js?_v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f783e92bc337bf9296313dfab3632ee0c4d2f63e989fd7b8b59b9975a0db9fd

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:18:28 GMT
content-encoding: gzip
last-modified: Mon, 16 Jul 2018 03:46:23 GMT
server: AmazonS3
age: 688
etag: W/"d47fc24b3f4e6cb5127b22a724d33abd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: qwfAPeorJJ81Yd5gfiMKJsUupL3vkJ_rV4ERq12WW2xLkJY1zuxK5A==

GET
H2 200 bwtmOver.js Show response
img.scupio.com/js/ 8 KB
4 KB 218ms
61ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/bwtmOver.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e64cd3d63467a570ac7dcc5dc9925a9d37f846a6bbfa7b11abec507bbc4cc53f

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
last-modified: Mon, 11 May 2020 03:07:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-C1
etag: W/"5eb8c174-2149"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200
x-amz-cf-id: 0RENGD3YdHfPSXvsF_sznSMhZhQAh7W-xouSBEh9B2dGy3ZuOolFEg==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 01:42:56 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/ Frame 1E09 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210318/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210318/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 15:04:23 GMT
expires: Mon, 05 Apr 2021 15:04:23 GMT
content-type: text/html; charset=UTF-8
etag: 14488317231655078900
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4661
x-xss-protection: 0
age: 37400
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ece31fa1e8b682dfec3c92cb9c61b642e14be828768a0510258278015169004e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: U7M6bPZ55+iYLKz7a7uHdw==
cross-origin-resource-policy: cross-origin
expires: Tue, 23 Mar 2021 01:38:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: P4wKGOPxVLRgYmkTqybdf2qI1Ef+Wau+fH8XUC89GqhS5OClUyfxqHI4WS6ZglGzp6/ikwqS/iu7nEd+FBKTVw==
x-fb-trip-id: 917726464
x-fb-content-md5: 25e6d5dff0230b5a02d5f1f0e8ecc0b0
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 01:27:43 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "05e2909723e3aeef64adde2cfd5d0e5e"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 25 KB
25 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 07:47:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
age: 409234
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
expires: Fri, 18 Mar 2022 07:47:09 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 46 KB
46 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 02:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
age: 255197
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
expires: Sun, 20 Mar 2022 02:34:26 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 43 KB
43 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 01:48:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 344366
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
expires: Sat, 19 Mar 2022 01:48:17 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 51 KB
51 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:42:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 305100
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:42:43 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 03:56:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:08:38 GMT
server: sffe
age: 423087
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52792
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:56:16 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:10:01 GMT
server: sffe
age: 366254
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52988
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:29 GMT

GET
H2 200 nhjbmRQVmrw
www.youtube.com/embed/ Frame 8BF1 52 KB
0 166ms
162ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 01:27:43 GMT
strict-transport-security: max-age=31536000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=KKfXBTpJtZU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=VprTHR6FBIA; Domain=.youtube.com; Expires=Sun, 19-Sep-2021 01:27:43 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+601; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sprite.png
www.storm.mg/images/ 91 KB
91 KB 61ms
60ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/sprite.png?v=1.0
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 66289bde64db020d57ccfdf3b595e4bd89c95a1f81865bf8a2e80ec12472408c

Request headers

Referer: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:02 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 11:09:24 GMT
server: nginx
age: 161
etag: "6049fa64-16a91"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 92817
x-amz-cf-id: ABSF4Rh_2LCIAGjqBL8FzsnYUneWJCp-KvUlsdvCO5WFlAAxfGDhPQ==

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 47 KB
47 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff9dd2020328ceb632372acc069ca580300ae28e8a6c338e968c977ee7705adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:44:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:07 GMT
server: sffe
age: 366193
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47960
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:44:30 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.storm.mg/fonts/ 18 KB
18 KB 64ms
63ms Font
application/octet-stream 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/fonts/glyphicons-halflings-regular.woff2
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin: https://www.storm.mg
Referer: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:09:52 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 02:59:16 GMT
server: nginx
age: 1361
etag: "5a5ebc04-466c"
x-cache: Hit from cloudfront
content-type: application/octet-stream
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 18028
x-amz-cf-id: veYUyf3JLqcWQBL5pvCTVykgm1NX93A7fx5fbQ4S6nr6-vDT9PEmfQ==
expires: Wed, 23 Mar 2022 01:05:02 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 25 KB
25 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ae3eb1be0bf3b77b26fde2cf511bb009f7c577c14f8aa606546673b2246b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:20:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:58 GMT
server: sffe
age: 25650
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25600
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:20:13 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 43 KB
43 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff48734d304a507bbb0c11a2664b0a0f45bdbd39f935863a8f357b4b537942bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:18 GMT
server: sffe
age: 366272
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43952
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:11 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 51 KB
51 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c19a43c3cbd95939921f06bdb9fee7cf89eab36ed21f52b71bc344bf7823da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:49:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:59 GMT
server: sffe
age: 437902
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:49:21 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdbe8d58f0533f6d5be3c57ee68f06db56d4e6c8c8178618f08c517e809d4b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:45:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:55 GMT
server: sffe
age: 366117
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53324
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:45:46 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 51 KB
51 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9fdfac0e1db77fc2dac89227102ccba3bbd01604c75a11127fea77f648eec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 00:15:44 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:15:52 GMT
server: sffe
age: 436319
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52224
x-xss-protection: 0
expires: Fri, 18 Mar 2022 00:15:44 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af391daab639e9edca60f1da104865061f97adca1969f92ab786507d58accaef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 05:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:11 GMT
server: sffe
age: 417662
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53340
x-xss-protection: 0
expires: Fri, 18 Mar 2022 05:26:41 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:42:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:06 GMT
server: sffe
age: 366290
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53144
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:42:53 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 51 KB
51 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:04:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 440577
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:04:46 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 55 KB
55 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:59 GMT
server: sffe
age: 449463
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56272
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:40 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ 45 KB
45 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 03:15:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:58 GMT
server: sffe
age: 339109
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46208
x-xss-protection: 0
expires: Sat, 19 Mar 2022 03:15:54 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 53 KB
53 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:02 GMT
server: sffe
age: 449463
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54000
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:40 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 09:32:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 316488
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52844
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:32:55 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 47 KB
48 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:43 GMT
server: sffe
age: 366254
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48552
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:29 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 47 KB
47 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:31:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 305794
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48324
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:31:09 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 57 KB
57 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:13:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:14 GMT
server: sffe
age: 454425
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57968
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:13:58 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 50 KB
50 KB 14ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:08:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 422377
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50784
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:08:06 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 20ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:23:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 554635
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52836
x-xss-protection: 0
expires: Wed, 16 Mar 2022 15:23:48 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ 44 KB
44 KB 13ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:47:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:07 GMT
server: sffe
age: 366019
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44828
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:47:24 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
fonts.gstatic.com/s/notosanstc/v11/ 46 KB
46 KB 23ms
19ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 09:18:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:14:44 GMT
server: sffe
age: 403753
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46808
x-xss-protection: 0
expires: Fri, 18 Mar 2022 09:18:30 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.75.woff2
fonts.gstatic.com/s/notosanstc/v11/ 28 KB
28 KB 21ms
17ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7422e8f025032bbe6f4cf2063b738f19a8c6038b8f4804490d18ee2178e1c12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:26:36 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:23:15 GMT
server: sffe
age: 439267
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28628
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:26:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 197 KB
60 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=a1d677670b4885161d35f3ca757deaac&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

49fa1f2ea2530ea43048ef09d020963a697eb909b220c92601521a92840e3878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.storm.mg
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: HIMbneSvqut3OO/tqUKZPQ==
cross-origin-resource-policy: cross-origin
expires: Wed, 23 Mar 2022 00:57:46 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60882
x-fb-rlafr: 0
x-fb-debug: r/nkvParGML0/ScvEXwWQwkiNIPzWXxXT7PtfqyqwRR0aOlok4mCopXOIgfM01jSgjuY4f2GVG7WCbrDrakTzg==
x-fb-trip-id: 917726464
x-fb-content-md5: f21b9cd46ce4f7734e47c7315ce481dc
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 01:27:43 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "107b28e9b5984f93ac2ab49cddf1b158"
timing-allow-origin: *
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 coffee_plus_A.png
www.storm.mg/images/ 27 KB
27 KB 62ms
61ms Image
image/png 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.storm.mg/images/coffee_plus_A.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4df23d9a8cd6462ea12f1a2dab724715a347066d0e638de411dc69e6f0efc77f

Request headers

Referer: https://www.storm.mg/stylesheets/layout.min.css?id=62f845920a423afbce13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
last-modified: Wed, 17 Jan 2018 03:52:28 GMT
server: nginx
x-amz-cf-pop: FRA56-C2
etag: "5a5ec87c-6a9c"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 27292
x-amz-cf-id: S3uONRbOeo4oyR8vVOjp4Jc-o82WQAFspJZc74DABsCEfMGFRkcb_w==

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 48 KB
48 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce0b837dd2586f5f77a0802fbcce5c9c591c1834131d7d7a9c02e86c5a8efd09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:11:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:23:15 GMT
server: sffe
age: 26186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49124
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:11:17 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.78.woff2
fonts.gstatic.com/s/notosanstc/v11/ 29 KB
30 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.78.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f992a3471511cc92b4d7a8a249c809c31edc7c242ebe26ed274543c98cb7fe3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:31:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:23:54 GMT
server: sffe
age: 24992
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30084
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:31:11 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 25 KB
25 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1817454b4d24a71e5f7d419c298a3bac9c08d832b99900059bd6ab86b648bcc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:19:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:10 GMT
server: sffe
age: 446891
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25756
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:19:32 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 44 KB
44 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dc4b9bf8e422c97cea924a04b673a14ead515cabf0be3da77fea3beb4a90dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 18:38:08 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:10 GMT
server: sffe
age: 456575
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44784
x-xss-protection: 0
expires: Thu, 17 Mar 2022 18:38:08 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb659fdd4ff3fab5e762c667f05841ea8c82b858cfa5942b7e193e8425b4fd37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:00:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:23:20 GMT
server: sffe
age: 455210
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53604
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:00:53 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3b45883391f9bee5d62253976f509d35d0ce09466f09a9e0f036f51fa48a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 03:59:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:15:49 GMT
server: sffe
age: 336506
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53476
x-xss-protection: 0
expires: Sat, 19 Mar 2022 03:59:17 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2db84904c133623cf6c14bbf915c09c4f3bf5b7456f80e6ea61b30a2cc8ede79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 02:34:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:08 GMT
server: sffe
age: 341602
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52916
x-xss-protection: 0
expires: Sat, 19 Mar 2022 02:34:21 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 55 KB
55 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e0498d34b2d12792bac483b39957e41b3b7212b01f8c43fed8865637037b63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:27:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:20 GMT
server: sffe
age: 226818
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56456
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:27:25 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 47 KB
47 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5af4fc508d900876f8a13db0104bfa864c9aa17be11914045813ac9cf3317de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 11:00:23 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:11 GMT
server: sffe
age: 224840
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48404
x-xss-protection: 0
expires: Sun, 20 Mar 2022 11:00:23 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 53 KB
53 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

847240dd4e1c45b3091ed30ce53ba4a8ddd9dbe5babffe1f9b161c8021d9e2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:27:25 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:14 GMT
server: sffe
age: 226818
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54220
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:27:25 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 48 KB
48 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

813e44281bc30d24c69706ba9de28a356111cf651fba494ee024dc655615347c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:46:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:12:56 GMT
server: sffe
age: 366057
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48728
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:46:46 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 50 KB
50 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c088e0a33db26229df70d6fef18c9fa1a7503fa38d265845f3977a97b349de41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:15:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:16 GMT
server: sffe
age: 25928
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51116
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:15:35 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 57 KB
57 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f5da442d9e3c2f3fac68541006605f2d05906cb492847087abdabcc92233b97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:50:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:08 GMT
server: sffe
age: 365861
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58272
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:50:02 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 52 KB
52 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3a6edac4585c512e36c35202b1a96b92743a91ec00d327398ca20580bccee1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:38:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:15:55 GMT
server: sffe
age: 427757
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53268
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:38:26 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.75.woff2
fonts.gstatic.com/s/notosanstc/v11/ 28 KB
28 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.75.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e90eb46b27544e9106c85cd9c10c9e2c6dcc6d1eb49d1d15419e565d960020a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 11:20:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:21:53 GMT
server: sffe
age: 310010
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29000
x-xss-protection: 0
expires: Sat, 19 Mar 2022 11:20:53 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.56.woff2
fonts.gstatic.com/s/notosanstc/v11/ 35 KB
36 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.56.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3906d94b42313b74cd11d1e98a4cd521c2e4d8d9dab72f15e0cb9dae29be044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 11:15:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:14:44 GMT
server: sffe
age: 396723
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36292
x-xss-protection: 0
expires: Fri, 18 Mar 2022 11:15:40 GMT

GET
H2 200 sp.js Show response
track.unidata.ai/js/snowplow/2.9.0/ 74 KB
25 KB 7ms
6ms Script
application/javascript 2600:9000:206f:ca00:1d:68e4:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.unidata.ai/js/snowplow/2.9.0/sp.js
Requested by: Host: track.unidata.ai
URL: https://track.unidata.ai/js/core/unidata.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b17322c9274aeada4df3efd7b68f1ad1ccb677b24f76caaac9f7adcc9f3eb137

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:18:28 GMT
content-encoding: gzip
last-modified: Mon, 16 Jul 2018 03:46:23 GMT
server: AmazonS3
age: 687
etag: W/"9b55c285adb6598050de5d907873455f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Hynr_0ejjjpiavuf3Ka8Bmtzc4_WxRex8PThsM1XqjnrM2VUrdYgQQ==

GET
H2 200 cookiemap.html Show response
track.unidata.ai/ Frame 044D 2 KB
1 KB 6ms
6ms Document
text/html 2600:9000:206f:ca00:1d:68e4:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoic21nX3VpZD0xNjE2NDYyODYzNDE1OTAxOyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTY0NjI4NjM0MTU5MDEiLCJtZW1iZXJJZCI6bnVsbH0=
Requested by: Host: track.unidata.ai
URL: https://track.unidata.ai/js/core/unidata.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fac37d72be5f38ca147c85ba0921206d661cff46d14612d6a0029ffd332a68f3

Request headers

:method: GET
:authority: track.unidata.ai
:scheme: https
:path: /cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoic21nX3VpZD0xNjE2NDYyODYzNDE1OTAxOyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTY0NjI4NjM0MTU5MDEiLCJtZW1iZXJJZCI6bnVsbH0=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html
last-modified: Mon, 16 Jul 2018 03:46:23 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 22 Mar 2021 09:02:56 GMT
etag: W/"bdda7e756f856c0b9fc886ac8753cfd1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Dnng4UPJ_sO60Y5fge7l8mPHRfhGTaWxq9mXTnARdFMN4004_1JsbA==
age: 60376

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
435 B 55ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.storm.mg&callback=_gfp_s_&client=ca-pub-8022331377991686

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210318/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9f9bc7439037dec9c597c303cf0e156fa126d50b35c097e3d88e53d0f379be5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.storm.mg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74D8 54 B
235 B 53ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022331377991686&output=html&adk=2801219079&adf=3163849507&lmt=1616462863&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ea=0&flash=0&pra=5&wgl=1&dt=1616462863061&bpp=376&bdt=1293&idt=689&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4517097838771&frm=20&pv=2&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060031%2C44738185%2C44739387&oid=3&pvsid=4428478098213158&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=721

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-8022331377991686&output=html&adk=2801219079&adf=3163849507&lmt=1616462863&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ea=0&flash=0&pra=5&wgl=1&dt=1616462863061&bpp=376&bdt=1293&idt=689&shv=r20210318&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4517097838771&frm=20&pv=2&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C31060031%2C44738185%2C44739387&oid=3&pvsid=4428478098213158&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=721
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 23 Mar 2021 01:27:43 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 01:42:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 01:27:43 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 50 KB
50 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:12:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 26134
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50856
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:12:09 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.80.woff2
fonts.gstatic.com/s/notosanstc/v11/ 19 KB
19 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.80.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3da81b80483ed6fae88ca49eb33b6b76ee2fb0854e157b9c06a04ddde56a2c22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 10:51:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:16:31 GMT
server: sffe
age: 225346
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18992
x-xss-protection: 0
expires: Sun, 20 Mar 2022 10:51:57 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.23.woff2
fonts.gstatic.com/s/notosanstc/v11/ 37 KB
37 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.23.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7653bc8d0b70e8d10e40a7f99669b31170b5e1b89947983380083b01b9d8fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 00:37:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:01 GMT
server: sffe
age: 435029
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38000
x-xss-protection: 0
expires: Fri, 18 Mar 2022 00:37:14 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 50 KB
50 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed493954dc29f271b07eab86f6c032ddd2f20b8ee39f0cf6ee54498e78dd5fd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:02:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:06 GMT
server: sffe
age: 447929
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51152
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:02:14 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ 46 KB
46 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.102.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df23bea1e7f5aa13de91f14483ff88a9a728722aea9f76bd635f2a25904457cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:41:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:14 GMT
server: sffe
age: 441954
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46772
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:41:49 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.78.woff2
fonts.gstatic.com/s/notosanstc/v11/ 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.78.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6cc84ef340916babc2b71d9c35667ddf38ee35dbb433b65680668b8a42f191f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 05:17:33 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:58 GMT
server: sffe
age: 331810
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30280
x-xss-protection: 0
expires: Sat, 19 Mar 2022 05:17:33 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 172 KB
63 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-03WGSX0KD1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d8e28b9d7fff002671128a402714aae0ff3c0aa601b677027356581b70b0885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:43 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64894
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 7158
date: Mon, 22 Mar 2021 23:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 23 Mar 2021 01:28:25 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:7100:48a::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:48a::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=19200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
2 KB 181ms
59ms Script
text/javascript 13.226.155.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-13.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 06 Jul 2020 14:44:41 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 22416184
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: KJ42SCXj6oBzma7EGoYhKLvFcyERmSoep9dLa_yaWC6hdO2s65-z0w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: EkSAoAte895PBIyNCIrboSqfzSyWq5OLKRFWGijRWh1fza4o/EyynvQxP2J2zvU4pRzsBtk14Xgojqh1zXtYXg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 01:27:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=20419801&ns__t=1616462863882&ns_c=UTF-8&c8=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4...
https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1616462863882&ns_c=UTF-8&c8=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E...

0
528 B

47ms
46ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1616462863882&ns_c=UTF-8&c8=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&c9=&cs_ak_ss=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:44 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1616462863882&ns_c=UTF-8&c8=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:44 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
8 KB 248ms
248ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=4213219624804833&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_T_970250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C336x280%7C300x250%7C1x1&prev_scp=category_name%3D%25E8%25A9%2595%25E8%25AB%2596%2C%25E6%2594%25BF%25E6%25B2%25BB%2C%25E8%25B2%25A1%25E7%25B6%2593%2C%25E9%25A2%25A8%25E8%25A9%2595%2C&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462863&dt=1616462863935&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=200&adks=2004118907&ucis=1&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1150x250&msz=970x250&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=132&ohw=970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0bda73a116b2eb72a94c4328bc8eb3726232b5111a2d94285fed49f68a7b1e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7850
x-xss-protection: 0
google-lineitem-id: 5645398308
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343457540
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 61ms
14ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame ACD9 97 KB
25 KB 76ms
76ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fab1f4d1a5bb1f1154c31b23537e728f3648abb2e4c40fc564c76f9fbeeafc09

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: HYFAzM3C3HxJn4Nq4sJHzg2VgqtTRQkmWc7m/a2Urc8NBmSotGw4iAwCcXjlKkzdBJkp23RmztIGDvVP8HmMNw==
date: Tue, 23 Mar 2021 01:27:44 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ 44 KB
44 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

802fa850549fbc67d45600c105c26b9a422bde2764752e1bd2d999b16f1aff6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 06:03:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:08 GMT
server: sffe
age: 329033
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45332
x-xss-protection: 0
expires: Sat, 19 Mar 2022 06:03:51 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.26.woff2
fonts.gstatic.com/s/notosanstc/v11/ 14 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.26.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b1f95a7046550981861f75a1ccc13bedb6b2b47a59d3263af35ddd181ce23fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 21:31:42 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:16:41 GMT
server: sffe
age: 359762
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14784
x-xss-protection: 0
expires: Fri, 18 Mar 2022 21:31:42 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.26.woff2
fonts.gstatic.com/s/notosanstc/v11/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.26.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

099c4f6fcdeb738f1a34e07cfcd439b7883d9202e1cd274d473e9afae97f6df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 07:36:37 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:32 GMT
server: sffe
age: 323467
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
expires: Sat, 19 Mar 2022 07:36:37 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.55.woff2
fonts.gstatic.com/s/notosanstc/v11/ 35 KB
35 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.55.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1415a971814e2ebcfa9e8eac1f43d3671a5f4ddfc59b6c77a15985775741d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 21:14:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:53 GMT
server: sffe
age: 15186
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35416
x-xss-protection: 0
expires: Tue, 22 Mar 2022 21:14:38 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.55.woff2
fonts.gstatic.com/s/notosanstc/v11/ 35 KB
35 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.55.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86bc1b9c19853f85f239840a9240df7784276a80bc13d301c166f2a4cb099670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:51:32 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:21:40 GMT
server: sffe
age: 452172
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35384
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:51:32 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.53.woff2
fonts.gstatic.com/s/notosanstc/v11/ 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.53.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7496fc4c8d3fb70573e8155918f5514c72e9680a2b69b36dd5c13eb799148e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:30:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:21:45 GMT
server: sffe
age: 25044
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30352
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:30:20 GMT

GET
H3-Q050 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.32.woff2
fonts.gstatic.com/s/notosanstc/v11/ 38 KB
38 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.32.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15387a2ee399c272637a8b8bd41edc4327f69d7129ba328056069bf630f2014c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 20:06:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:16:47 GMT
server: sffe
age: 364850
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38972
x-xss-protection: 0
expires: Fri, 18 Mar 2022 20:06:54 GMT

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/storm.mg/ 603 B
962 B 1330ms
332ms Script
text/javascript 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/storm.mg/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

823e86ef31b2612afb0ae4ef9eb3319a3a0e885014cbe0d44a27719ee435a88e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"25b-SuF2sp0Ti5tpbRdvrz7OLAyxVnU"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 348

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 80 KB
31 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDBVCQ5

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/bwtmOver.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65e89900fbab9303f1f33d8230c67a5e94755d20a3c1567ca8b987bece4759e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31554
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 00:19:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 / Show response
www.storm.mg/api/v1/polls/vote/ 65 B
862 B 557ms
557ms XHR
application/json 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/api/v1/polls/vote/?channel=article
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/vue/polls/vote.js?id=80815a65349f2b8e1d1f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 05c7f3eb439f302c50256d83fd1e4077ba8d340af9da81754f2fe508cff4b434

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.storm.mg/article/3553076
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache, private
x-cache: Miss from cloudfront
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Cookie, Host, Referer, User-Agent
content-length: 81
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
x-amz-cf-id: 9wUdRpUgZSGJkDwEhjMCjWKqA7OhNqzTOsoOfgs7tyC8VOVc-7sPIg==

GET
H2 200 hot-top.0e0234778ebbb416bb5d.js Show response
www.storm.mg/js/vue/sidebar/ 2 KB
1 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/vue/sidebar/hot-top.0e0234778ebbb416bb5d.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/vue/sidebar/sidebar.js?id=302439d6a2dccf89ec91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: efba10b7c8dbd37216f0269338f49892f8c6215cc6f239d98dea601873dd0934

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:58:07 GMT
content-encoding: gzip
last-modified: Tue, 23 Mar 2021 00:06:34 GMT
server: nginx
age: 1776
etag: W/"6059310a-6b6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 748
x-amz-cf-id: TJsMEDtt7OvOv-wR7eXuERiPGpZRmRmDTGvd9qdCYzM_6uyEJUPB5w==
expires: Wed, 23 Mar 2022 00:58:07 GMT

GET
H2 200 sidebar-content.c0b5e9eb60d9f4cbc8ef.js Show response
www.storm.mg/js/vue/sidebar/ 4 KB
2 KB 58ms
57ms Script
application/javascript 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/js/vue/sidebar/sidebar-content.c0b5e9eb60d9f4cbc8ef.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/vue/sidebar/sidebar.js?id=302439d6a2dccf89ec91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: eb1fe724298d5ec0f4963144835c2c6f8c1b67c209ca7574a20d35302a941013

Request headers

Referer: https://www.storm.mg/article/3553076
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:58:07 GMT
content-encoding: gzip
last-modified: Fri, 19 Mar 2021 02:15:21 GMT
server: nginx
age: 1776
etag: W/"60540939-ef9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public, no-transform
x-amz-cf-pop: FRA56-C2
content-length: 1400
x-amz-cf-id: 3WCCWW34oziTSYakgvQ8vQl3BHPVBkFN9wSEfW399jbj6mUr7-J_wQ==
expires: Wed, 23 Mar 2022 00:58:07 GMT

GET
H2 200 finance_data20210323.json Show response
resources.storm.mg/ 1 KB
900 B 1152ms
1001ms XHR
application/json 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.storm.mg/finance_data20210323.json
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16f075565dbec2932bfa4138d407c7867c53869e08c3564671236f899c5a7dbd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 23:10:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"ee1b5411f72bae61341d19059229bb2c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
x-cache: RefreshHit from cloudfront
x-amz-cf-id: lzIPKTVC9pXD1l4GzSgJmcvXWjhlDncEI98ZlmB2hgZdCWPWYHb_Rw==
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)

GET
H2 200 0 Show response
www.storm.mg/api/v1/donate/message/article/3553076/ 80 B
874 B 544ms
543ms XHR
application/json 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/api/v1/donate/message/article/3553076/0
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7c9c150b26aa2c7e8358c40d569d3da67dc5e6e208c7a798d2e4c9574f581979

Request headers

Accept: */*
Referer: https://www.storm.mg/article/3553076
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=1728000, public
x-cache: Miss from cloudfront
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Cookie, Host, Referer, User-Agent
content-length: 88
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
x-amz-cf-id: zZcm-30pVDGdSYNOP6oClMv1suFIsKUypPJL-K1JIytsTDiLWqohZA==

POST
H2 200 / Show response
service-pvapi.storm.mg/pvapi/record_pv/ 6 B
213 B 959ms
315ms XHR
application/json 52.198.167.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-pvapi.storm.mg/pvapi/record_pv/
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.167.159 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-167-159.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 58bf5b5478e5d1fb7441daeff9fd1ed60a4ad5fbfabc64715cd8608f3f59f6da

Request headers

Accept: */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:45 GMT
x-powered-by: Express
etag: W/"6-7bf20b6a"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
content-length: 6
expires: -1

GET nhjbmRQVmrw
www.youtube.com/embed/ Frame F9BA 0
0

GET
H3-Q050 200 nhjbmRQVmrw Show response
www.youtube.com/embed/ Frame EBF9 52 KB
21 KB 179ms
179ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eeac86418bfb5dcc777b921ab61b055a141941acd8b65a939981dc79d328a31d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: YSC=KKfXBTpJtZU; VISITOR_INFO1_LIVE=VprTHR6FBIA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 23 Mar 2021 01:27:44 GMT
strict-transport-security: max-age=31536000
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: CONSENT=PENDING+153; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 443 B
261 B 231ms
230ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=2924555968230990&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_header_logo_R_11660&enc_prev_ius=%2F0%2F1&prev_iu_szs=116x60&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864263&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1034&adys=46&adks=4066611204&ucis=2&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=116x60&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=132&ohw=116

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fda2f0a46e2e32e8ff388e31441bc5c48e1f101aad46597985e58c2e08fe0b8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 251ms
251ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3646026150180863&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_M0_72890&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x100%7C320x100%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864267&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=225&adys=1216&adks=3337164849&ucis=3&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=820x110&msz=820x90&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

259e997e3a4f4bd0996eed99c1cfe51e55b1d0370554b188cd9ee75c74f92649

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2412
x-xss-protection: 0
google-lineitem-id: 5322429028
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305660445
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 494ms
494ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=4410694425947761&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_M_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864269&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=1490&adks=1813256291&ucis=4&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x280&msz=336x250&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=336

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0c7a43ec01aace0dbd0c2d75681f978a5352dc43fb02450907405a6e5f28e79e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
google-lineitem-id: 5444676918
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319435719
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
11 KB 437ms
436ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1790313262192723&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_M5_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864271&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=2084&adks=3852452294&ucis=5&ifi=6&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x280&msz=336x250&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=336

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

87661d55b617c8eca4c4e9d4541650586a80e057e63dd24f3253c3df29299ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11171
x-xss-protection: 0
google-lineitem-id: 5321734707
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343624034
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
11 KB 260ms
260ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3897685109006036&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_M_300250_ppap&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864273&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=2734&adks=3500025007&ucis=6&ifi=7&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x280&msz=336x250&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=336

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

618c89a5b58b064e607d86e2797b5b6d9166527b0a93c13608cefd2c67a2bf06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11216
x-xss-protection: 0
google-lineitem-id: 5321734707
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343624034
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
281 B 79ms
79ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3496140152384537&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_native_ad_bottom_links&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D1%26article_type%3Darticle&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864276&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=3489&adks=3367075738&ucis=7&ifi=8&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x120&msz=700x0&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

572aed79428943b43b75b57bc3e612c09e811c17667b82bfd3de2c9ea5f7e0c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 512 KB
56 KB 139ms
139ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=756523693683318&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_native_ad_bottom_links&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D2%26article_type%3Darticle&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864278&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=3489&adks=3367075737&ucis=8&ifi=9&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x120&msz=700x0&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

0427b3ea4fb3b504707684df4857ddbe1380af73a2b6985873dfd2679b06aa5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57669
x-xss-protection: 0
google-lineitem-id: 5649270867
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344320228
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 512 KB
56 KB 143ms
142ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3543269176397632&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_native_ad_bottom_links&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D3%26article_type%3Darticle&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864280&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=3489&adks=3367075736&ucis=9&ifi=10&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x120&msz=700x0&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

54e153f12ccb83ac6e08c82b3b68f3cd585d19104437ed105b5edf25e94647ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57684
x-xss-protection: 0
google-lineitem-id: 5456322933
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343623368
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 87ms
87ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=2653206364658460&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_FB_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864283&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=287&adys=3928&adks=483309130&ucis=a&ifi=11&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x290&msz=336x280&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=336

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c76450f131e599364cc2a9d87ad033d7c65004e249375ecb2725ce1f4dd35af8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2553
x-xss-protection: 0
google-lineitem-id: 5647881115
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343659846
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 372ms
371ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3203772396716279&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_FB2_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864286&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=647&adys=3928&adks=1746931794&ucis=b&ifi=12&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x290&msz=336x280&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=336

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

479989738fc0e366549ce95ed2b5c8da55a3e52a3e21ccf6de9b0821cb0f6ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3640
x-xss-protection: 0
google-lineitem-id: 5244322756
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138306282163
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 B
270 B 167ms
167ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3803637518123789&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_native_ad_top_select_text&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D3&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864289&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=680&adys=5131&adks=3800283137&ucis=c&ifi=13&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x0&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

dbabe19e414cc5c2a689741c39d996a188cf370e5284023ff4f1e130d926957e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 B
274 B 131ms
131ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3004305877347436&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_native_ad_top_select_text&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D8&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864292&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=680&adys=5404&adks=3800283164&ucis=d&ifi=14&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x0&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=820

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2be0bc8c5d7f8ddafea42e7f8fb8bddea1704a9a0e8a51bd364815c532b945ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 442 B
264 B 203ms
202ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1364036112295850&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_float_button_80120&enc_prev_ius=%2F0%2F1&prev_iu_szs=80x120&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864294&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3738807302&ucis=e&ifi=15&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=80x-1&msz=0x-1&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=644&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

70220866d2a137da98b88db58aa84abe0676ba673c40bba79f68eaf4f5ffd2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 6 KB
3 KB 416ms
416ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3500735034958976&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_sticky_slide_pc_160600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864296&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1440&adys=600&adks=717600276&ucis=f&ifi=16&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=644&ohw=160

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e7dd20e87296817ef69bec061306b833e6e3738b0e810b6e1e97540ce9ff2cf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2943
x-xss-protection: 0
google-lineitem-id: 5244712694
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138297308549
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 459 B
278 B 287ms
287ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1905268378519311&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_sticky_bottom_mb_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C320x50%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864298&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3067777558&ucis=g&ifi=17&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=644&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b7e771a6f487c7afb92afaf819cd2ce75b6658f6425636b8a032326fc6dc0c7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
12 KB 387ms
387ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3843684581372101&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_sticky_bottom_pc_970250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864300&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=4267075666&ucis=h&ifi=18&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=644&ohw=970

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b3969c3f9781bcb3b32ce256adffec5f39b3da0cb97106669102d0a6c8a23250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11426
x-xss-protection: 0
google-lineitem-id: 5622492910
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339948248
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 441 B
269 B 126ms
126ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=622585350603813&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2CScupio_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C320x480&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864302&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1636660090&ucis=i&ifi=19&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=644&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

b285066ba59e5039157ddfcba79f72390903333cac36a54b1d0fd64c43ebc57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
2 KB 246ms
246ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=2952482587763134&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_popup_LB_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1616462864&dt=1616462864304&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3536571536&ucis=j&ifi=20&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=644&ohw=1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5319bd824c5f14475d957733881db31f069bbbcf4a208f46ec787fdf0fc6ff0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2489
x-xss-protection: 0
google-lineitem-id: 5040912841
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339940100
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 i
track.unidata.ai/ 43 B
366 B 6ms
5ms Image
binary/octet-stream 2600:9000:206f:ca00:1d:68e4:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.unidata.ai/i?stm=1616462864340&e=pv&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&page=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&tv=js-2.9.0&tna=fc&aid=5c6e1a&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=ae26998d-2fd6-44aa-9940-0ff410f2e8a7&dtm=1616462864338&vp=1600x1200&ds=1600x12197&vid=1&sid=12b69093-dfec-4353-a5f1-d85816d4cf64&duid=3f4d7a7f-809d-4729-82cd-470ede542f17&fp=99543720&uid=1616462863415901%3B&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%228fba92a6-e59a-40da-ab75-6d35d5311004%22%7D%7D%5D%7D
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 05:00:48 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jul 2018 03:46:23 GMT
server: AmazonS3
age: 73617
etag: "fb02f374b8f73825415db1bccd4bd76d"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: j8kqvXOleeT0rqR-VVYOC8bzBKNlODLsU5bQ-KJrWSNXoZik7W4Thg==

GET
H3-Q050 200 container.html Show response
0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame EA87 6 KB
3 KB 57ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 01:27:43 GMT
expires: Wed, 23 Mar 2022 01:27:43 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bridgeUid Show response
www.storm.mg/unidata/ Frame 044D 5 B
692 B 564ms
564ms XHR
application/json 13.32.21.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.storm.mg/unidata/bridgeUid
Requested by: Host: track.unidata.ai
URL: https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoic21nX3VpZD0xNjE2NDYyODYzNDE1OTAxOyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTY0NjI4NjM0MTU5MDEiLCJtZW1iZXJJZCI6bnVsbH0=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-27.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Referer: https://track.unidata.ai/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://track.unidata.ai
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 25
via: 1.1 28b0f9ae51406f70504a784d296a3a49.cloudfront.net (CloudFront)
x-amz-cf-id: ag5It4MvhBSnDWM63ioaM5g_zagJs1YnXGSsLf0H5AqG2qIkLPQLZg==

GET
H2 200 share_button.php Show response
www.facebook.com/v3.2/plugins/ Frame 737D 36 KB
12 KB 75ms
74ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a1d677670b4885161d35f3ca757deaac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

14cadea523346d662be7f113d8af19ca2f8de6d23ab65739004389046f3eb621

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

x-fb-rlafr: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=15552000; preload
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: REPhwSQVmCL7wBKd3Up5tpScVTOhem5Nu0IVuBvCUdEARi8JepkrczMoQTy94ekXjA8ASSs8SYt4kieIjwqirQ==
date: Tue, 23 Mar 2021 01:27:44 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2

200

feedback.php Show response
www.facebook.com/plugins/ Frame 7964
Redirect Chain

https://www.facebook.com/v3.2/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dw...
https://www.facebook.com/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.st...
https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.st...

103 KB
25 KB

110ms
110ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a1d677670b4885161d35f3ca757deaac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f89f37ed7eff60d8dfc4200a72158aa382318fea2f32e27984ccbcc372acfdb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: TgzuoiPI8442vQguVhgQPLTonf20314GZc4poqb6Rn+GRtejOkKdMVS+yFrVeShEssyVDDPGx8rlTtbfAPcTbg==
date: Tue, 23 Mar 2021 01:27:44 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: MoeQlqwQ38Lds8b01LPbWQbIvmYQMEpO36vB2PKn2VT9wc9soj5+jMn6JZgVGKG4mdlBdWZ2R45krQdtmwU94g==
content-length: 0
date: Tue, 23 Mar 2021 01:27:44 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 like.php Show response
www.facebook.com/v3.2/plugins/ Frame 9648 32 KB
12 KB 62ms
62ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a1d677670b4885161d35f3ca757deaac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22785a0aec47809a443eb9fd98df9a7c696260190f74eb3fb2c12ca7af1d9b58

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: UwenCb7NJRzrF9ys/Q5pwJnzHcdBgVN61UO/xFo8/5MImpZe1KepngVB76JL2qc5cMVEVLH1TrjRevlrxErkZg==
date: Tue, 23 Mar 2021 01:27:44 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 page.php Show response
www.facebook.com/v3.2/plugins/ Frame D41F 59 KB
17 KB 77ms
77ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a1d677670b4885161d35f3ca757deaac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85152866db31641960ff23bf508f6ba9100872370e1de5abf6294ca657d54e5b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: F8l8lTBZFHhKXGb6sC0ZSlyeHr8z7plzR+1ryHBGjJ314T/3qvl9eQajmcrMekitThJhgJkwG9FGphdtqa1gvw==
date: Tue, 23 Mar 2021 01:27:44 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 page.php Show response
www.facebook.com/v3.2/plugins/ Frame 2304 59 KB
17 KB 66ms
66ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a1d677670b4885161d35f3ca757deaac&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4531fdb3fe10bd4f5d847d25b787e37734df5953f771383bff4df984c111ea8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: X0oftXlUqxh/rnxwBJWBh7/N8PMK6x1lmM8yJR1Qa0g4JCNcp6LV87xrlAppy2KCKQm60DiJpsijPZT52PbGyg==
date: Tue, 23 Mar 2021 01:27:44 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2475 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumzMn3YAc3VO75O9iJZC3E3YLCSLiUS_KufyXfPppvVchLceOJ_-b7lxoO9O0PqR40y-wM7WqIYXJ9HOSSXUsLo0aa5bOa6eXKRAPoyZW6Jqa7ZpdT50XbpnD4UYCeE8_jhGf_wIpEDdA4Z5vxBtFK34YKm0luYWtrRzjDgCUprAhhTjp3_qXtXQyfiv3qdGNV-2WEhTB6XB7pMMJc3NXTRo9DgUfE1gBgnHUhuDgycvOv8TH7ONYu_OgSgtNorkYtTdLNhe0RxIFOgCS5lj1YmDZ9-diArdZCDMNNZkWb16pBqjGYesvaNkt4fsY&sig=Cg0ArKJSzPf5KSqA_dzNEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 storm_DFP.js Show response
api.popin.cc/searchbox/ Frame 2475 107 KB
30 KB 204ms
50ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/storm_DFP.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B75) /
Resource Hash: a926c66ab7552018456c121c26019b754a6b5fe8e84e477fd1d5d439f7096c82

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 05:42:45 GMT
server: ECS (amb/6B75)
age: 2546
etag: "226691fea6cb112ae5cf3dba9e487223+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: WHWZDQG7W85SYMR0
content-length: 30687
x-amz-version-id: O.YV4gid5.4an9Yk1_oGS.vHV9ByOpiJ
x-amz-id-2: R6/WIBZJLaOABzDS5zyPTYO5RS1Kvym+ix5jZJyGUqb+a12697q2Pg2N5rR0EpOtPy/Kq/ehQ6U=

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2475 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1616462864582&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2701916%26time%3D1616462864582%26url%3Dhttps%253A%252F%252Fwww.storm.mg%252Fartic...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1616462864582&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&liSync=true

0
79 B

111ms
110ms

Image
application/javascript

2620:119:50e4:101::6cae:b55
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1616462864582&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&liSync=true
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e4:101::6cae:b55 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: 3qnAcGnUbhYA4otAGisAAA==

Redirect headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: ynFkV2nUbhaw9MQMUisAAA==
pragma: no-cache
x-li-pop: afd-prod-lva1
x-msedge-ref: Ref A: 1CCCE61ADC2845F9921211BB9F2BD36A Ref B: FRAEDGE1306 Ref C: 2021-03-23T01:27:45Z
date: Tue, 23 Mar 2021 01:27:44 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1616462864582&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&liSync=true
cache-control: no-cache, no-store
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 86 KB
34 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-TFH5R68&t=smg_tracker&cid=1815605501.1616462864

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d3d809b3a504784d735dc0e1ff8da0ca5c0c8521a54132d983d1ce0545d5560

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34611
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 00:19:16 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 2391556904443355 Show response
connect.facebook.net/signals/config/ 241 KB
70 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2391556904443355?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

259e4a34adc3d7c461105e16bc6f53880d4db3efa276ce8b58f42d76708bc82b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70632
x-fb-rlafr: 0
pragma: public
x-fb-debug: dJONuGLsD2a/uH+e4F8Kj69MxMsQL4WKq1D3QGxfhJg/hR+cFg2UKLSamzKDkbkbbkCmbPATTJci7B4Sp+16cg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 23 Mar 2021 01:27:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
70 B 13ms
13ms Other
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-03WGSX0KD1&gtm=2oe3h0&_p=9115885&sr=1600x1200&_gaz=1&ul=en-us&cid=1815605501.1616462864&_s=1&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sid=1616462863&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03WGSX0KD1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
70 B 15ms
15ms Other
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-03WGSX0KD1&cid=1815605501.1616462864&gtm=2oe3h0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03WGSX0KD1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-03WGSX0KD1&cid=1815605501.1616462864&gtm=2oe3h0&aip=1&z=599534907

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0DBC 0
0 83ms
82ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfnbTs6Fi-IGzCT-LuGh5YNAErG32x0awyXlFRkKH37f3wA4YeihmyJkVoWSxnz_zHZHVzN67e0s3KGgVChN4YbLLjBx4vGF2AU-kZgx2JwZvrJGoLKTwpvcbOui4AvmorTx444RCqxvD3xtzYiJrdL66QZOjJa5jgEjmh8sBTQI-W9Sn6u6UNCG2kOsNStkajLCtspXYaKDxia0V93ViLe-WzFFLj7_QKneflKH0xKD2yLNjsmc4kGsDy0G7lL8iFvfgQYj5pHXL6pPOcNq5tCfD7v8REb4T7INjZO6sj_zGNiZc1h9jo&sig=Cg0ArKJSzIy3wcivHHYWEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 player-storm-desktop.js Show response
tags.viewdeos.com/storm/ Frame 0DBC 12 KB
4 KB 79ms
50ms Script
application/javascript 2a00:f48:2000:1023::3
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.viewdeos.com/storm/player-storm-desktop.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software: BunnyCDN-DE1-481 /
Resource Hash: c1cbcd6a92e442332195ef40b66f2fb869596d5fdd012f3428c4c27082e21af7

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
cdn-edgestorageid: 481
cdn-storageserver: DE-51
cdn-cachedat: 2021-03-20 23:21:47
cdn-pullzone: 105836
last-modified: Thu, 21 Jan 2021 08:44:30 GMT
server: BunnyCDN-DE1-481
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: a2791f1d-070e-4cd3-b198-d0c26d1dc5f1
cache-control: public, max-age=2592000
cdn-requestid: fb00bf90ac0017cba3abcd96d5c4bcd2
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DBC 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C73 0
0 87ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstgwFUx-uQePlCB8SNijPq4TRc0-UgCvkh4I_Pe_cxYWHCj5XZ6hHsefcYXHHQVDfC26S15LV8cZ89dwnyfzKe5eAATIV3FlXI_FH5uhjLnKRF1ik8D_cx9aWcdoLjxcmmTsItXQKLT3GrzvZQlkJ_UPEjo1sKBXrxOXpMAlorkGYA7AsLzAySjp-FWKD9U9WLRQIOCGUMs6KaVDXUvG_vuOKCNXuEoBJhYIkf3JPc7DTF4ttj00mDFW2o8VZ6EAGGSiC8LN3FZGp5eZTSo6kiIbDWPKy-PEnS6TUhD3b-UZAtiEIHP78&sig=Cg0ArKJSzKqNhRMnzhzVEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ Frame 1C73 41 KB
15 KB 67ms
67ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6fe8e683eab18fd17809898839bb7f04fbc99d49e9a4f0a6878a39e73a9a16bd

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:59 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 01:57:34 GMT
server: nginx/1.12.1
age: 255
etag: W/"6057f98e-a495"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Ia3m9XDmSudWdAnHGbu7yXOz3UFK68dEawGmuY_LLDO0aBZZnAo94A==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 01:38:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C73 117 KB
36 KB 58ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A905 0
0 84ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxpgdYuE3rWoKD8b3DmiS-KMj0LaGZa3GgYetyP2XRchvK4fCMFgzQGUhpc1skJa8iuY9UaFvjTxv6-ne9ZtwxxxMj5RBPpajGOMAKTOmH7ovNddszO5tZZ_6dI_-f29wv9LhA8Hi5yLNz9TwSCegpGaiPdqJ5g-Ac-oVBN0pKiXTojHU8qSPOI8uX4D3yQQ6oI2-_Z7623gMPz6fBhBcGNjcdzagfedirmra8tRAdi9oZqR0DSizUhfNryyLiXJbBjRCkljHEemdHLBpAHC-tZGF-hMwYw9tmefubz4d_f_V9GmfstgFGeZPzDXw&sig=Cg0ArKJSzGTKhvaciC_mEAE&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame A905 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:27:15 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A905 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:19:13 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A905 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H3-Q050 200 8911752694665835925
tpc.googlesyndication.com/simgad/ Frame A905 132 KB
132 KB 38ms
22ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8911752694665835925

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69113c12d5529e05d6e2515e38e1e036ec7e26a69d0726809be73964c47c112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:52:25 GMT
x-content-type-options: nosniff
age: 311719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134792
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 07:55:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 10:52:25 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 184ms
59ms Image
image/gif 13.226.155.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&time=1616462864704&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&random_number=2383454664&sess_cookie=2a63f1e71785cb1e13f8ff264f8&sess_cookie_flag=1&user_cookie=2a63f1e71785cb1e13f8ff264f8&user_cookie_flag=1&dynamic=true&domain=storm.mg&account=qQQmk1a0Sn002n&jsv=20130128&user_lang=en-US
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-103.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 03:56:09 GMT
Via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 77496
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: DUS51-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: m-uQEZgwnGr33syhvKUk5o51eACoLn32M9h9g4q1aKYpoe_ZaBrCeg==

GET
H2 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.68.woff2
fonts.gstatic.com/s/notosanstc/v11/ 26 KB
27 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.68.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb7f360bb2dce8675c30cf6b2688b68c05dc7f7ea622c3b885dc67f9bea81787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 08:40:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:35:32 GMT
server: sffe
age: 233209
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27032
x-xss-protection: 0
expires: Sun, 20 Mar 2022 08:40:55 GMT

GET
H2 200 -nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.47.woff2
fonts.gstatic.com/s/notosanstc/v11/ 30 KB
31 KB 10ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.47.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dedd7382bfd428ed2d40a685b5ceb9fc103d74cb46ebf07277f2b415de7465ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.storm.mg
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:23:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:22:31 GMT
server: sffe
age: 554646
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31216
x-xss-protection: 0
expires: Wed, 16 Mar 2022 15:23:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
799 B 47ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
11 KB 385ms
385ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1779113334650259&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RTT_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864769&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=621&adks=228286965&ucis=k&ifi=21&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x265&msz=300x250&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

2c684a062f67427313dc6f962662ea03bc0510bbc4c105231bc02ac4eeb3fd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11141
x-xss-protection: 0
google-lineitem-id: 5575099587
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138335441603
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
11 KB 418ms
417ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1666671909721848&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RT_300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864772&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=1153&adks=1298642933&ucis=l&ifi=22&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x615&msz=300x600&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

db66cb704b06be59fc6922dc7967e7364b868d618e82e4b2a793a588e0f1efe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11162
x-xss-protection: 0
google-lineitem-id: 4781873185
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311039234
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 349 B
570 B 242ms
241ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1724642158084111&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RM_hotnews_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864774&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=2281&adks=4073605895&ucis=m&ifi=23&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1189&msz=300x250&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a99031e634125d4b49c4ead0de32fce1f935b8c13057ebfbc9443a490cb5be67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 334ms
332ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=568309596491663&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RM_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864776&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=3086&adks=1309772606&ucis=n&ifi=24&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x282&msz=300x250&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3f4a80df7e4892e639fa7f7fb4746c9e2d6ed100b9214352bb7f2ad3d1193118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2365
x-xss-protection: 0
google-lineitem-id: 5058549110
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138269464313
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 341 B
410 B 83ms
81ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=2169417091941754&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_native_ad_hotshare&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D2&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864778&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=3495&adks=2231805414&ucis=o&ifi=25&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1189&msz=300x0&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

fe4d3948d30d25ce7309609636dfe6b36cf5e49b30cd8e843756698e18e0e814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 357 B
627 B 272ms
270ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3580953445410975&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RM_hotshare_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864780&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=3864&adks=650721082&ucis=p&ifi=26&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1189&msz=300x250&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a322a466f5deaa8bcd3dcd6f7ab89f71e16c39929028a3180484c44e0f19887e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 362ms
361ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=3955481437627253&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RB_300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864783&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=4614&adks=3416982431&ucis=q&ifi=27&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x265&msz=300x250&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

9037d7a33fcfe84e0a009d57555d0fffb37898e8dc6c8c1b6ad8b2432932d3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2373
x-xss-protection: 0
google-lineitem-id: 5326187272
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138306149819
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
3 KB 364ms
363ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4428478098213158&correlator=1234329270121497&output=ldjh&impl=fifs&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_RBB_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C1x1&eri=1&cust_params=path_name%3D%252Farticle%252F3553076%26category_name%3D%25E8%25A9%2595%25E8%25AB%2596%252C%25E6%2594%25BF%25E6%25B2%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E9%25A2%25A8%25E8%25A9%2595%252C&cookie=ID%3Dd81dd1b5a0237784%3AT%3D1616462864%3AS%3DALNI_MbLJH2qAmSfObcF34tbqQIRqaC6KQ&bc=31&abxe=1&lmt=1616462864&dt=1616462864785&dlt=1616462861768&idt=2129&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=4879&adks=4229238645&ucis=r&ifi=28&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x265&msz=300x250&psts=AGkb-H8w7cxuGMf2s47tBkP-Gu9l5YtSrWxVfSPYFRE1nIXmsKVnN5oLQe8_dPfnc_IMHf_kpY8RynjlTZNQCU5xBv6NKw%2CAGkb-H-amwg0zG2SkSyD45k4TpbMK2vkFaic7wZxTt0Sa4hzvDFgMf5xBcLrap4SLVaMP74xcto52Br3n-A%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8ec0_eN2CZdtpd6k69Thu2G0v0OL7pG58ucLKIxCbvBMrH9RGSKQnN3WPfBj21ZMwV-XzjVOB1hHpD%2CAGkb-H8ARtKOSzRYHFOzqFe5QqtGlyKH3PTPwM6anqwh-mrxf1s9qnmmQia7plsgxoAOICv9-iFUtrpuUUTI%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_deXdhmp7PIwMWivsJCjIXUTGXdh2ffUrOuuXrHwqtL6l5a2CiJxPV08vecTlVpqc-oaAUVQJ_TV8&ga_vid=1815605501.1616462864&ga_sid=1616462864&ga_hid=9115885&ga_fc=false&fws=4&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c535b986e71387a46a93ca7ac007424c3f3e1e3a64bba0beaa5620e7cf48459a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2423
x-xss-protection: 0
google-lineitem-id: 5257518715
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339939473
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZvNSQ6X6spi.css
www.facebook.com/rsrc.php/v3/yh/l/0,cross/ Frame ACD9 29 KB
8 KB 10ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yh/l/0,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f69b06e98c7774bb5ebb2c4b9b5f02e6ec05854a605e3bfb86d1e4f4b15119da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ULaGxlH3Wo/Q8Qr6pfJmKvGcTSbr22hQRgfNwqXaKyJOyhJcfefzsEFCtj9xTjrofuGMQ3odUUy+k6U4uUZxBg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: lpNSdCsIKG1DvC+O6EGdUQ==
date: Mon, 15 Mar 2021 17:28:37 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8478
x-fb-rlafr: 0
expires: Tue, 15 Mar 2022 17:28:37 GMT

GET
H2 200 xnFbs6JXOeq.css
www.facebook.com/rsrc.php/v3/y7/l/0,cross/ Frame ACD9 34 KB
7 KB 11ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y7/l/0,cross/xnFbs6JXOeq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0bb3d6b9b1757754df547aff38edc0d0f839e271ce4b4ffc05c25c1fc1ba847f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 04:57:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 81BwrTehvaTA6sD7mMnfHQ==
cross-origin-resource-policy: cross-origin
content-length: 6554
x-fb-rlafr: 0
x-fb-debug: ORHa8oBXP5Sv1PJlkttPV9I/5sXwaqlxeaEUtmWeHGJqdOLsA2upZj2fLdc8fwRDki5da1lP7Hu8BgnDyg/6PQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 04:57:51 GMT

GET
H2 200 PdwbQu-vcSZ.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame ACD9 268 KB
71 KB 21ms
17ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Fbh/Qe0PM/qC6duxJKeuKvGMpmWzbJNmXPHVO+YT1RfPoHg/5mZS1Z/CVX2wLWJhk3q8O358D47eyA3jHTEO7Q==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: nzVqOlCzvtmsFYlxXLwesg==
date: Thu, 18 Mar 2021 20:22:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72319
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 20:22:29 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame ACD9 65 KB
20 KB 11ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b402c1a7a2efd185a6d15196f7997e3d18f06abac9c47557b7ba3f164f8287ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 17:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0ud0gBJxyt7dbTMSHUAkbQ==
cross-origin-resource-policy: cross-origin
content-length: 20253
x-fb-rlafr: 0
x-fb-debug: XHPreRTilgf7z39IsWxRexTuYp65BXLsgBTSdAenBNiQItr2lczPF8yLhNsK6c6Uy4UO/7wFtUoTq6G6Q0dQ8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 17:32:49 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/ Frame ACD9 122 KB
34 KB 13ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03e9d0d62b70ae8d31478335a324c17109d6e673237bc65bf6c72272c407cf7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 11:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aLql3jS0vbk1V25PSAAHKQ==
cross-origin-resource-policy: cross-origin
content-length: 34739
x-fb-rlafr: 0
x-fb-debug: P6Z1CnAlUCYAVQYuVNGmx7Cr+C2LMMIMYNJJ18uelzZLqGmBjc0sUD0GnxDATEoh6cAs+Lm6GLuP7r3OOnj82w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 11:08:30 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame ACD9 7 KB
2 KB 11ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAMp5DhlJ2pej3twf5dwWw==
cross-origin-resource-policy: cross-origin
content-length: 2304
x-fb-rlafr: 0
x-fb-debug: eVW6d3n2p0DMLiabruQE2ErhwOmtZEw272AleFiDS0d0gppA/BiovexUXFmyDG94LRG1mneDJ0Yc+AAEMIld9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:35 GMT

GET
H2 200 UdS7Amd3aXI.js Show response
www.facebook.com/rsrc.php/v3iLl54/y-/l/en_US/ Frame ACD9 37 KB
10 KB 12ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/y-/l/en_US/UdS7Amd3aXI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55b8883a9f908ffce1d25c10579acbb6a65961ca7240eb6b20ca17bde45761e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 11:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: e1tRV0c6L/HzQA2Ab5r/ug==
cross-origin-resource-policy: cross-origin
content-length: 9886
x-fb-rlafr: 0
x-fb-debug: z9QKptQJBWqcunBuxqOlLuK1NgC+nVSPBcsgE2qXGdG3Z4dUBnwT5hp0KI4rxhrMvitbyDhgPtg2VxhoU0AcqA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 11:48:38 GMT

GET
H2 200 NVaAY8BOn-V.js Show response
www.facebook.com/rsrc.php/v3/yl/r/ Frame ACD9 209 KB
59 KB 16ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yl/r/NVaAY8BOn-V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0aec5645d4703cf2e88a048553dce7f443035e1b72b1f727e81e88430bbbd604

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: g4zGIpb/WUiDAIHNHztHBw==
cross-origin-resource-policy: cross-origin
content-length: 60327
x-fb-rlafr: 0
x-fb-debug: c6/3EvI3/Wp7O20+xc3FCOSarTQwqpCQz844anA/tYtWjUiJz41GLAwwnmDzah0SVP6oL6SttVjrZ+68NkO+6A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 22:08:26 GMT

GET
H2 200 jljN-YN4aVX.js Show response
www.facebook.com/rsrc.php/v3iaOs4/yL/l/en_US/ Frame ACD9 421 KB
101 KB 26ms
23ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iaOs4/yL/l/en_US/jljN-YN4aVX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96cbd55ebd863a4f343f7e529b93b763999702e393bbc4edeecec14e0f188c9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 09:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bh//eXz8/YD5M7LuhxAp4A==
cross-origin-resource-policy: cross-origin
content-length: 102778
x-fb-rlafr: 0
x-fb-debug: UGxrtI/YGGRsbvsGQcaQIViwnKYIT7WKHn5lHhZYG/M5TVfPS8e9opTMfXpSTIy6toQJOXOX9ABSKkZZ/4MJKg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 09:07:07 GMT

GET
H2 200 3x4NEx9Q-Hz.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame ACD9 93 KB
26 KB 16ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/3x4NEx9Q-Hz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cf9c12c2c7d3604898b38b194b9fe47ceda25031806707fb938878a21aec779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 7ncgR9MVShAqc/vvWiqk13zKbIALjDM7AEExjqxlnkBaIdbfqDgEeayzqEnPWn0DarRlWcaKLkSVDVyyVLEpSQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: HPQmOzWWRwxvLMOajE6zEw==
date: Fri, 19 Mar 2021 15:55:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26061
x-fb-rlafr: 0
expires: Sat, 19 Mar 2022 15:55:30 GMT

GET
H2 200 QDRLvcgkKxi.js Show response
www.facebook.com/rsrc.php/v3/yQ/r/ Frame ACD9 22 KB
7 KB 15ms
13ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/r/QDRLvcgkKxi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59e458be5b11f05057b89c2e2bdb4eff59629d359b746abfecfa7a096963d5d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:01:57 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wlBf1xUWxiALCwABtGHkTQ==
cross-origin-resource-policy: cross-origin
content-length: 7135
x-fb-rlafr: 0
x-fb-debug: b398h06mhHYB9A1aNVixxeV05bUg7hCwbfDkKeR43HrVV9te4b2oJzaTzOcjafu45XG1fFPg4unUGTcpL5tbpw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 15:01:57 GMT

GET
H2 200 c1a2Yd1JMBq.js Show response
www.facebook.com/rsrc.php/v3/yw/r/ Frame ACD9 9 KB
4 KB 20ms
17ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yw/r/c1a2Yd1JMBq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f815034f183f3d8b947c77df9e643cb5aefa995dd0e44aacd2e47a953f36aad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:49:09 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KHkwjbyB7OiTLj0dLuKKWQ==
cross-origin-resource-policy: cross-origin
content-length: 3425
x-fb-rlafr: 0
x-fb-debug: Dnb5OU1pYpauCGPDF3IszcuqkXssnsIFaWK+pUMLWzG+n9bZzXVJx4iNuamH5YckL9XqDDhUgkdN8ILmB6xNQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 22:49:09 GMT

GET
H2 200 XEIDZ5h7AFh.js Show response
www.facebook.com/rsrc.php/v3/yC/r/ Frame ACD9 258 KB
58 KB 20ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yC/r/XEIDZ5h7AFh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8c7fd018c4872f9a90abfc0ca641aae5b149539c54b9fa25d2c851aa54db6c64

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 17:32:48 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: hrVBembDwHxybHIOGyHMfQ==
cross-origin-resource-policy: cross-origin
content-length: 59268
x-fb-rlafr: 0
x-fb-debug: M0yNtOiRX+z2M5yjVo/qZxpWu6oVhXufROdepCS0JFOi5LND0+rQgkqrKEugmhRGaa1Dwp0rLOzrwRyywi5cCg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 17:32:48 GMT

GET
H2 200 Y7QEzKDygMk.js Show response
www.facebook.com/rsrc.php/v3ivb84/y7/l/en_US/ Frame ACD9 27 KB
8 KB 20ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3ivb84/y7/l/en_US/Y7QEzKDygMk.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9ab4ee10afd27d95bf4ee1eaf1b309dc134b216be199ee1eb8066753dcc6a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: pPL23L3wgeMdUevtHaFe+t94bq2OB1sF5Ogo6BBcyLydKsMv7Dyg1vwhjf1g4DbGOxPiG3MRV4NdqhrIr60y5g==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 4HuRvYEpNEmFfzodmKG4OQ==
date: Fri, 19 Mar 2021 14:38:52 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7509
x-fb-rlafr: 0
expires: Sat, 19 Mar 2022 14:38:52 GMT

GET
H2 200 qjKzyryd1d8.js Show response
www.facebook.com/rsrc.php/v3/yA/r/ Frame ACD9 23 KB
7 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yA/r/qjKzyryd1d8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41513a8006b54331549ae42a78785b83f9f9c713327f6a8c914b1ec5c2c8b079

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: v1ViLUAVDumNE33+4uRped2irEjZFaLMn0x5Cah9lI2fmvbch5nO459S66qnSM6dQdytnsolMsBFlkZAlBDbRg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mA8lkbzCIU6oekBj32ExZw==
date: Mon, 22 Mar 2021 18:13:45 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7076
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 18:13:45 GMT

GET
H2 200 144757894_3900247060027441_2350115183726293375_o.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p130x130/ Frame ACD9 16 KB
16 KB 8ms
7ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p130x130/144757894_3900247060027441_2350115183726293375_o.jpg?_nc_cat=1&ccb=1-3&_nc_sid=dd9801&_nc_ohc=zNWuRmgcH6YAX-llb4h&_nc_oc=AQkzOUKJhUEjnb12LhNe6owGvPWri15NS44xopgA7A4kCJeCgSVz7EmxnxGTE99zZzCGPk44GpojnZwI6DcHA8Qq&_nc_ht=scontent-frx5-1.xx&tp=6&oh=e12d4a8208c7b0cdd9968d18a22e7a21&oe=6080249B
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 756cc7e6757619252347bd4a00662cfd04ee073070d12da15948e852449608e5

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 916223621
date: Tue, 23 Mar 2021 01:27:45 GMT
x-fb-trip-id: 917726464
last-modified: Wed, 03 Feb 2021 07:11:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 567996740
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 16078

GET
H2 200 1979690_713621685356677_1414653622_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame ACD9 1 KB
1 KB 7ms
7ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/1979690_713621685356677_1414653622_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=dZE5jG8Cn9wAX_scrws&_nc_ht=scontent-frx5-1.xx&tp=27&oh=8346e8c3bf2d2ade7020edf46b9f3364&oe=607CDE03
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0960a5cb00e1f8f1934102cf94b63688f38bd747f7d951c8920f46744ccf8c3c

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3348824450
date: Tue, 23 Mar 2021 01:27:45 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 25 Mar 2014 13:51:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 358196530
x-fb-config-version-olb-prod: 1041
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1281

GET
H2 200 pixel.js Show response
img.scupio.com/js/ 34 KB
13 KB 73ms
61ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/pixel.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e1a532a13a0fddaddf9c92e6855b014907b2716e70934d33c9396c2c67f25919

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:23:09 GMT
content-encoding: gzip
last-modified: Wed, 17 Mar 2021 06:14:47 GMT
server: nginx/1.12.1
age: 350
etag: W/"60519e57-8854"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=1200
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: pU25QLKEAGus0ieBzLvV2bQh3O5ET0rN2_lg10tOeq4l810MkzQvSA==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 01:41:54 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65A9 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrj_xO8kVdYbEI89gA4Mfjq5JCWNBKs7h5CDGOsOPSC2bPiDt8SVVly_744l2_KmVG3ZQ41WfosWiEmvBUftgrbTjGt_gIXGFMf7viPCMu4lGjiF3wDJpx0YiD6ROGykB-0ah_eRGVjxmNWO1By009Sle2WlFk1YJ5tng9NYHhfB-geeiFCdEBZkljW_g9c12BmNUvxUIm8a3hhKUtXXD92Qj4LylYQFCdY6IPlg5F4raIgh2uvQr_1iHqC3LSklVpI0gy2dZn1xFKmdC9As9ga98AzJaJItQLxau2Tj4iyB4r2spY2KwJxzI&sig=Cg0ArKJSzKf3dBoNz0LaEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 ad.js Show response
img.scupio.com/js/ Frame 65A9 41 KB
15 KB 66ms
65ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6fe8e683eab18fd17809898839bb7f04fbc99d49e9a4f0a6878a39e73a9a16bd

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:59 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 01:57:34 GMT
server: nginx/1.12.1
age: 255
etag: W/"6057f98e-a495"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: EhL1An4Yx9lQabwJPhXhoYdelFbgmmLHenzKR2lSfJ6Imu0G-ifnKg==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 01:38:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 65A9 117 KB
36 KB 56ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 200 sp.js Show response
track.storm.mg/js/snowplow/ 75 KB
26 KB 310ms
307ms Script
application/javascript 54.150.150.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.storm.mg/js/snowplow/sp.js
Requested by: Host: track.storm.mg
URL: https://track.storm.mg/js/core/smg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.150.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 715263829d8eab12dcfedf56a208b1e6c958995413a47cddb3ed532d75aca6c8

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
etag: W/"12a57-1730dae042c"
last-modified: Thu, 02 Jul 2020 03:59:34 GMT
x-powered-by: Express
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: public, max-age=0
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H2 200 cookiemap.html Show response
track.storm.mg/ Frame B690 417 B
766 B 568ms
568ms Document
text/html 54.150.150.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
Requested by: Host: track.storm.mg
URL: https://track.storm.mg/js/core/smg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.150.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: d6d753667a59a12cde15e6fee9191e40a3aea40bd36260b139c7026a1470a458

Request headers

:method: GET
:authority: track.storm.mg
:scheme: https
:path: /cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __asc=2a63f1e71785cb1e13f8ff264f8; __auc=2a63f1e71785cb1e13f8ff264f8; __gads=ID=bfbc1b2621806788:T=1616462864:S=ALNI_MYQYd_bM4L1dt-Ct9rruI4sZVxmAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-type: text/html; charset=UTF-8
content-length: 417
x-powered-by: Express
set-cookie: smg_uid=1616462865018620; Domain=storm.mg; Path=/; Expires=Sun, 23 Mar 2121 01:27:45 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Thu, 02 Jul 2020 04:08:01 GMT
etag: W/"1a1-1730db5bd3d"
vary: Accept-Encoding

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D5C 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVUNLKBrxBI-i6Cr2GisuJYPAre13CR9khyPqB3aqecQ8eXZmKeNv5ZgGUxA2qqSotpshOh5YVRB68eKgVGZ_1sFp3EmsOnvVWUDxciojiXuEFsNudrR3HQmkkeULksLyQHHmtMSL0x1KRxZA3Aia75r6wW6aelyOS06PimLuGcTLNL6zZkIQtK_98cYGzCdO7Tw_ElbRIakw-qnP2UO1eKHs0zpGl-b9gMy0HWkO1cQUivdRZsL8PNLu0gdkgT7NH1tHmjLMsHUT6sNHz6a6RM3J24SwXOKXgH2MG9_JvMFn3OqOzQiYnRLOYdMXVZY7yoA38Z8291LRP9_5lgIYy6gPzYFM&sig=Cg0ArKJSzM3ISfM2fgYXEAE&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 3D5C 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 3D5C 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D5C 118 KB
36 KB 56ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3D5C 0
0 14ms
13ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFOvq8QgB47QUgw9eRktxGPtCx87bMO_FQeCfB_UnE3oGKwnK81wumcq5dO3As2wOMwPdzksMKmX-snAlJKHUW1_uQsg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 16525251852271224527
tpc.googlesyndication.com/simgad/ Frame 3D5C 48 KB
48 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16525251852271224527

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ca03bc8cb6fd85905a04f59b6471ce35b0a4d0d12f5f988778bb7cb059e77c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 14:05:48 GMT
x-content-type-options: nosniff
age: 213716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48709
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 07:09:36 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Mar 2022 14:05:48 GMT

GET
DATA 200
OK truncated
/ Frame 2475 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bda620bcf7f6ed95efd80d28de0e5534cf4855a40f42c27755442556642d526

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A983 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEJcnFF4G6gsFIJpw-g6MzRuriligAP9wggtFD_yeiCraJ4SH3c7vUznm2hnGf0qc__Wi62UQCYfEU-Lq0ccl7ffDSS5MZtJE0YyIVeQd_H6WS1B2tsbtmkxf2Wl4U-7yEaHG9prgxiZXaAxLKcB_ZQTuwc0UYA45O1WTm78mAts0fBAwvOSwvmCFS4iQN3_L12coQUUK5NYHX9vA7GZpDsXxwifGQg968cjIxw3eizECs0CK-YeFdnlxDRe2tWsECOG0VhGhx7gUIGlkufgMhCn7LZ8Xq4PBGd3lKrwziVaZA3Sw8ps7taJy2dQVlzF5VctAEEcY&sig=Cg0ArKJSzOscERUZF4KUEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ad.js Show response
img.scupio.com/js/ 41 KB
15 KB 65ms
65ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6fe8e683eab18fd17809898839bb7f04fbc99d49e9a4f0a6878a39e73a9a16bd

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:59 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 01:57:34 GMT
server: nginx/1.12.1
age: 255
etag: W/"6057f98e-a495"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: FFWI_azrFqT7umHTGiNXBwrG1OHCQv0wkzLWjAeo_Pp1BNGg2Ou8xQ==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 01:38:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A983 117 KB
36 KB 57ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A25D 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsthdvxIQ6RFl893cmp98CrCap9u519Sa9MOfXW76vr3Q62L-TXiNDwyL2yUKvmBNIuYe6Gqi2kW4ELiCaOr94syzIN-YT2X7lyXX_HDxBTqTH2O3U-zyAXlrTikXiolSbkHhe5W2W4qkwACStsirsBhusuO0daxzktGyo6JK8UA0HBpeyRYFPDmF85AfWfG68g_O1xUO2-Zfa6HZsrsQqWEsSZ59mxlV3BZB5B3jbwrRhtZ0PIm3vu47q_fh78PJud_cXX3gDlZYgJDmYmJ8HHf6WCSLBtZCwOYZzNH57Kbm-onvWSpPiSccw&sig=Cg0ArKJSzDpoivhRv-AkEAE&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 8911752694665835925
tpc.googlesyndication.com/simgad/ Frame A25D 132 KB
132 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8911752694665835925

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f69113c12d5529e05d6e2515e38e1e036ec7e26a69d0726809be73964c47c112

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:52:25 GMT
x-content-type-options: nosniff
age: 311719
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134792
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 07:55:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 10:52:25 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame A25D 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A25D 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A25D 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D30 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_q6Bkf_HjT9fpYTvgjIExLO9eEb3CGKGl-jt2Tc7xyQFKEJaISNkAn0dzIH0Ee0qSHVPZHekaGBUNCb5z-lB73YKCJixxc6Nf4mudnHj363uZGSVIRybpO5pICEunQZqhS6n-RHSHvrbpzWGEIs_pMxcM_isc7KnhOjct2zZVuLnVtQ_eQ6FoUNkpki4Ap5blWyTnTIkbmDoc46t-DQehmV2cSIRYVvJ-Tlr9jLzEBNuXOebxXP5DzZYmu7Qbfy_-r2CvtX_qlSvDH6ruDBypZLSsy3-GMQ-qPY6NJZV3G6IAqaGpJryv&sig=Cg0ArKJSzOGE83Agk1RCEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3D30 57 KB
19 KB 59ms
58ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f390b2d2721def3434d087ecceaafa0ae5e140120cc870784f7d00f90c3b5c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 347 of 1000 / last-modified: 1616451005"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19725
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D30 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/228f3ac7/ Frame EBF9 339 KB
51 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/228f3ac7/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 00:15:10 GMT
server: sffe
age: 37635
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52118
x-xss-protection: 0
expires: Tue, 22 Mar 2022 15:00:30 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/228f3ac7/www-embed-player.vflset/ Frame EBF9 161 KB
58 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/228f3ac7/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522230d87369e152908c470009f92c72afc02605415954ad414e9594aa148e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 00:15:10 GMT
server: sffe
age: 37635
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59589
x-xss-protection: 0
expires: Tue, 22 Mar 2022 15:00:30 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/ Frame EBF9 2 MB
508 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fedd8db5e24161cb735c50f520e212db37ef50bd94bdeebc05c080f56c22f2e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:00:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 00:15:10 GMT
server: sffe
age: 37623
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519377
x-xss-protection: 0
expires: Tue, 22 Mar 2022 15:00:42 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/228f3ac7/fetch-polyfill.vflset/ Frame EBF9 8 KB
3 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/228f3ac7/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:00:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 00:15:10 GMT
server: sffe
age: 37635
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Tue, 22 Mar 2022 15:00:30 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EBF9 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:41:25 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 366380
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:41:25 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
265 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2391556904443355&ev=PageView&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&rl=&if=false&ts=1616462865106&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1616462865100.2021294883&it=1616462864604&coo=false&rqm=GET

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
DATA 200
OK truncated
/ Frame 0DBC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5d211cbdf6d740f9cdb42e75366974c5d0032be25dae3f16164b1ae6120e2bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A905 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0f3d060a8a27456f3b8537d493f6b05291f61a715e6f681108e68f641d6eb7d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
85 B 13ms
13ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=9115885&t=pageview&_s=1&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAEADQAAAAC~&jid=684731339&gjid=365137538&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&_r=1&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=245455806

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 7ms
5ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=9115885&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Menu%20Bar&ea=impression&el=%E6%96%B0%E6%96%B0%E8%81%9E&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=1543381084

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 15:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37613
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=9115885&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Menu%20Bar&ea=impression&el=%E6%94%AF%E6%8C%81%E6%88%91%E5%80%91&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=2031842465

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 15:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37613
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=9115885&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Menu%20Bar&ea=impression&el=%E5%A5%BD%E5%A5%BD%E9%80%80%E4%BC%91&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=1027995084

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 15:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37613
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=9115885&t=event&ni=0&_s=5&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Menu%20Bar&ea=impression&el=%E9%A3%9B%E8%B6%8A%E7%96%AB%E6%83%85&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=1977529875

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 15:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37613
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 9ms
8ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=9115885&t=event&ni=0&_s=6&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E7%8F%BE%E6%AD%A3%E7%86%B1%E6%98%A0&ea=impression&el=nhjbmRQVmrw&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=1521240346

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 15:00:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37613
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 8ms
7ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=9115885&t=event&ni=0&_s=7&dl=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ul=en-us&de=UTF-8&dt=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ads&ea=impression&el=dablewidget_y74wWAoV&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1815605501.1616462864&tid=UA-58197782-1&_gid=1022997964.1616462865&gtm=2wg3h0MRQJ4NV&cg1=%E8%A9%95%E8%AB%96%EF%BD%9C%E6%94%BF%E6%B2%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E9%A2%A8%E8%A9%95&cg2=&z=484124556

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 11:41:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49584
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame EA87 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame EA87 24 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43807
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:17:38 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA87 117 KB
36 KB 58ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A905 0
0 157ms
99ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssE4E8t6S7QyW1GlImFfTwpbRParkhBZQ99RiEDfaRyDazfAw52APkqL8quH78cNbLNRjkmheHCGMZq1-7BATlX2XzyTDqwRQXv51qPJHskKOr8lW0cMeVZnVNmgjsG9maLxU8BigQu_qP6k98Cw7aZQeo8qaawVJ-Luh0owBsymF5FHfbWGfYY1wccIF1Owc7Mhouso3nWUM1ZDZOHi4o96dZqdR5hi_pDhl4dd0YLuV3ftMViTzTdC4IWmOjVUTFoGI5p9i4bDm6mHgoBgQH73o5nZkwfYwFGmjDwdeONfG_WKua5dNEabhd_aoXUoA&sig=Cg0ArKJSzA_uoKwWy2Y2EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H2 200 ps3LEjFUMch.png
www.facebook.com/rsrc.php/v3/y4/r/ Frame 737D 441 B
657 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y4/r/ps3LEjFUMch.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: W7fdsBZrjSp9GHfQOsPeS8GlzUiTLPn6sw0O9ccu1FsB2mQA5EwY3cX4Nn4FV0iuxYPCFricomrUqj6mXOCSng==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: bIdClDVUx2JypSkH1jl0jQ==
date: Thu, 11 Mar 2021 20:39:14 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 441
x-fb-rlafr: 0
expires: Fri, 11 Mar 2022 20:39:14 GMT

GET
H2 200 xkpBcCEj_ql.js Show response
www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/ Frame 737D 479 KB
124 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/xkpBcCEj_ql.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h8DxR9O1MzfkhHf+DTmeug==
cross-origin-resource-policy: cross-origin
content-length: 126476
x-fb-rlafr: 0
x-fb-debug: bhVg4gSIBsTW64n6NpX+6T8xqrnkq4pvyCTD9Brh0SU3PQRyKJkFBGDpxf2Nv2HdC9Q+VkfgqRg4qirDS3oIAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Mar 2022 00:18:29 GMT

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 9648 400 B
551 B 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: sc8nAOzYUe6pKjz6MkoJcgXisEu8EVzYAxQtGVFxDiHL53V7KtnD14oJnAPCk6WboYrVFI/COJIKxBGGdEwawA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 16 Mar 2021 19:44:31 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 19:44:31 GMT

GET
H2 200 xkpBcCEj_ql.js Show response
www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/ Frame 9648 479 KB
124 KB 7ms
6ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/xkpBcCEj_ql.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h8DxR9O1MzfkhHf+DTmeug==
cross-origin-resource-policy: cross-origin
content-length: 126476
x-fb-rlafr: 0
x-fb-debug: bhVg4gSIBsTW64n6NpX+6T8xqrnkq4pvyCTD9Brh0SU3PQRyKJkFBGDpxf2Nv2HdC9Q+VkfgqRg4qirDS3oIAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Mar 2022 00:18:29 GMT

GET
H2 200 ZvNSQ6X6spi.css
www.facebook.com/rsrc.php/v3/yj/l/1,cross/ Frame 2304 29 KB
8 KB 8ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yj/l/1,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e15eda4c5d3b6afcfcbbc57867c0367f587c146f57326b244aa9fbcdb47c4f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: pJLXTpFXi+owj+usSg2KMqNImuffBEXP10tw3ujc09Osizo/cGuirJ8XKJdM/XIF2F3IKG/eFNc2G2KiiJyjpg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: w/YZgHz9Qt7qDpgwR+CabQ==
date: Mon, 22 Mar 2021 18:44:16 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8479
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 18:44:16 GMT

GET
H2 200 PjIZd6gpY19.css
www.facebook.com/rsrc.php/v3/yJ/l/1,cross/ Frame 2304 6 KB
1 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yJ/l/1,cross/PjIZd6gpY19.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

922a79196f73794faec9a3fd24221d4bff52b4a502834773d1d8974d55a8945b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: zNlh8IdaBPuFxDfj6MMvoB1D5dUvcftBAGgibksi2s2+J1HZP20MDAz0dVOBxLVA33rDZWuX9b/n3/7sWzvbjg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VDU6MZCE2DVAu7Bffa/9jw==
date: Mon, 22 Mar 2021 19:13:06 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 938
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 19:13:06 GMT

GET
H2 200 PdwbQu-vcSZ.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 2304 268 KB
71 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Fbh/Qe0PM/qC6duxJKeuKvGMpmWzbJNmXPHVO+YT1RfPoHg/5mZS1Z/CVX2wLWJhk3q8O358D47eyA3jHTEO7Q==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: nzVqOlCzvtmsFYlxXLwesg==
date: Thu, 18 Mar 2021 20:22:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72319
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 20:22:29 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame 2304 65 KB
20 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b402c1a7a2efd185a6d15196f7997e3d18f06abac9c47557b7ba3f164f8287ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 17:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0ud0gBJxyt7dbTMSHUAkbQ==
cross-origin-resource-policy: cross-origin
content-length: 20253
x-fb-rlafr: 0
x-fb-debug: XHPreRTilgf7z39IsWxRexTuYp65BXLsgBTSdAenBNiQItr2lczPF8yLhNsK6c6Uy4UO/7wFtUoTq6G6Q0dQ8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 17:32:49 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3iUNC4/y0/l/zh_TW/ Frame 2304 122 KB
34 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/y0/l/zh_TW/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99ab33392b1024585c85bede1ddc2d1ce44316d4dc44d8ba6b4e029acdb31cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2ngozfTB4Npk3lHeO3Zx4w==
cross-origin-resource-policy: cross-origin
content-length: 34898
x-fb-rlafr: 0
x-fb-debug: HPGYwV+34ZuRvhM73h07RC1GNgtxT5csINFJFExEZtJLS65t31FSDWJu3nNRq9paJIdcU+MX8wVzHNfXSHuCoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 16:06:14 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame 2304 7 KB
2 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAMp5DhlJ2pej3twf5dwWw==
cross-origin-resource-policy: cross-origin
content-length: 2304
x-fb-rlafr: 0
x-fb-debug: eVW6d3n2p0DMLiabruQE2ErhwOmtZEw272AleFiDS0d0gppA/BiovexUXFmyDG94LRG1mneDJ0Yc+AAEMIld9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:35 GMT

GET
H2 200 47112787_2256948617915446_152849515173380096_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p118x118/ Frame 2304 60 KB
60 KB 8ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p118x118/47112787_2256948617915446_152849515173380096_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dd9801&_nc_ohc=QrILzN4AHDQAX_Q6cWE&_nc_ht=scontent-frx5-1.xx&_nc_tp=30&oh=540da40d7d82b8d20a198ac09e88b399&oe=607F8A35
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 49282e4672536552c839b406378a8b8da80232a7d9956b90d9127e8a2450c1ee

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 960170531
date: Tue, 23 Mar 2021 01:27:46 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 04 Dec 2018 03:42:40 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 546223820
x-fb-config-version-olb-prod: 1041
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 61646

GET
H2 200 20882039_1963079643969013_6034038728191404835_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame 2304 4 KB
4 KB 6ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/20882039_1963079643969013_6034038728191404835_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=E8HAyjTmbbUAX-ew21j&_nc_ht=scontent-frx5-1.xx&_nc_tp=30&oh=da8e6970a5da8ac840a1c379edf434ed&oe=607E1331
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f4e8ffc4bdcad011c3805dc13286b0abd4c57dbf9cbaa158eaab796add830723

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 3404797434
date: Tue, 23 Mar 2021 01:27:46 GMT
x-fb-trip-id: 917726464
last-modified: Wed, 16 Aug 2017 10:38:21 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3195962953
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 4028

GET
H2 200 ZvNSQ6X6spi.css
www.facebook.com/rsrc.php/v3/yj/l/1,cross/ Frame D41F 29 KB
8 KB 11ms
5ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yj/l/1,cross/ZvNSQ6X6spi.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e15eda4c5d3b6afcfcbbc57867c0367f587c146f57326b244aa9fbcdb47c4f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: pJLXTpFXi+owj+usSg2KMqNImuffBEXP10tw3ujc09Osizo/cGuirJ8XKJdM/XIF2F3IKG/eFNc2G2KiiJyjpg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: w/YZgHz9Qt7qDpgwR+CabQ==
date: Mon, 22 Mar 2021 18:44:16 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8479
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 18:44:16 GMT

GET
H2 200 PjIZd6gpY19.css
www.facebook.com/rsrc.php/v3/yJ/l/1,cross/ Frame D41F 6 KB
1 KB 11ms
3ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yJ/l/1,cross/PjIZd6gpY19.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

922a79196f73794faec9a3fd24221d4bff52b4a502834773d1d8974d55a8945b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: zNlh8IdaBPuFxDfj6MMvoB1D5dUvcftBAGgibksi2s2+J1HZP20MDAz0dVOBxLVA33rDZWuX9b/n3/7sWzvbjg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: VDU6MZCE2DVAu7Bffa/9jw==
date: Mon, 22 Mar 2021 19:13:06 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 938
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 19:13:06 GMT

GET
H2 200 PdwbQu-vcSZ.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame D41F 268 KB
71 KB 12ms
3ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Fbh/Qe0PM/qC6duxJKeuKvGMpmWzbJNmXPHVO+YT1RfPoHg/5mZS1Z/CVX2wLWJhk3q8O358D47eyA3jHTEO7Q==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: nzVqOlCzvtmsFYlxXLwesg==
date: Thu, 18 Mar 2021 20:22:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72319
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 20:22:29 GMT

GET
H2 200 5uWXDBbj7dh.js Show response
www.facebook.com/rsrc.php/v3/yp/r/ Frame D41F 65 KB
20 KB 12ms
4ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/r/5uWXDBbj7dh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b402c1a7a2efd185a6d15196f7997e3d18f06abac9c47557b7ba3f164f8287ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 17:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0ud0gBJxyt7dbTMSHUAkbQ==
cross-origin-resource-policy: cross-origin
content-length: 20253
x-fb-rlafr: 0
x-fb-debug: XHPreRTilgf7z39IsWxRexTuYp65BXLsgBTSdAenBNiQItr2lczPF8yLhNsK6c6Uy4UO/7wFtUoTq6G6Q0dQ8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 22 Mar 2022 17:32:49 GMT

GET
H2 200 uqaYG-2xXaf.js Show response
www.facebook.com/rsrc.php/v3iUNC4/y0/l/zh_TW/ Frame D41F 122 KB
34 KB 13ms
4ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/y0/l/zh_TW/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99ab33392b1024585c85bede1ddc2d1ce44316d4dc44d8ba6b4e029acdb31cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 16:06:14 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2ngozfTB4Npk3lHeO3Zx4w==
cross-origin-resource-policy: cross-origin
content-length: 34898
x-fb-rlafr: 0
x-fb-debug: HPGYwV+34ZuRvhM73h07RC1GNgtxT5csINFJFExEZtJLS65t31FSDWJu3nNRq9paJIdcU+MX8wVzHNfXSHuCoA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 16:06:14 GMT

GET
H2 200 nLyZ6bYhSNu.js Show response
www.facebook.com/rsrc.php/v3/yW/r/ Frame D41F 7 KB
2 KB 13ms
5ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yW/r/nLyZ6bYhSNu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 15:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sAMp5DhlJ2pej3twf5dwWw==
cross-origin-resource-policy: cross-origin
content-length: 2304
x-fb-rlafr: 0
x-fb-debug: eVW6d3n2p0DMLiabruQE2ErhwOmtZEw272AleFiDS0d0gppA/BiovexUXFmyDG94LRG1mneDJ0Yc+AAEMIld9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 15 Mar 2022 15:38:35 GMT

GET
H2 200 47400383_1159214187593623_8007626142938824704_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p118x118/ Frame D41F 26 KB
26 KB 7ms
6ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-0/p118x118/47400383_1159214187593623_8007626142938824704_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dd9801&_nc_ohc=tjzgg2gWNqgAX81Q8ls&_nc_ht=scontent-frx5-1.xx&_nc_tp=30&oh=aece088fb4e76515abd09921c830bd17&oe=6080CB42
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4c185134ba8a22adff5bdd45aa2b29a0f5e2c723606287eb2eb74770c83a9601

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 910081480
date: Tue, 23 Mar 2021 01:27:46 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 04 Dec 2018 03:41:14 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1608425491
x-fb-config-version-olb-prod: 1041
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 26292

GET
H2 200 20914413_832614776920234_6806561011632614961_n.png
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/ Frame D41F 2 KB
2 KB 8ms
7ms Image
image/png 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/p50x50/20914413_832614776920234_6806561011632614961_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=o-EI6ZsVM80AX8thMIc&_nc_ht=scontent-frx5-1.xx&_nc_tp=30&oh=f6922c4f35e47bddb0a8ed9086bcb103&oe=608020DB
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9f38dbe5285453b6587970dd8c601d3b854b5b3bd67a40e4587d080008a38156

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1832086584
date: Tue, 23 Mar 2021 01:27:46 GMT
x-fb-trip-id: 917726464
last-modified: Tue, 15 Aug 2017 08:21:04 GMT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3065724428
x-fb-config-version-olb-prod: 1040
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2105

GET
H2 200 i
track.unidata.ai/unidata/ Frame 044D 43 B
375 B 12ms
6ms Image
binary/octet-stream 2600:9000:206f:ca00:1d:68e4:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.unidata.ai/unidata/i?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoic21nX3VpZD0xNjE2NDYyODYzNDE1OTAxOyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTY0NjI4NjM0MTU5MDEiLCJtZW1iZXJJZCI6bnVsbH0=
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ca00:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoic21nX3VpZD0xNjE2NDYyODYzNDE1OTAxOyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTY0NjI4NjM0MTU5MDEiLCJtZW1iZXJJZCI6bnVsbH0=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:14:23 GMT
via: 1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jul 2018 03:46:23 GMT
server: AmazonS3
age: 1010
etag: "fb02f374b8f73825415db1bccd4bd76d"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43
x-amz-cf-id: gjWxfUVC8bDxJIIY3jZUzD-QdSFykO8LEX3c7t_ZZzn2lytX3U1Gzg==

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC3C 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-GtYQkQiGFX0XjnMtaBGPBC4FJ1zp9kZP__97pjZ46n75XMi-uCGIGtGYez8DuratuYrLwh-73TpCLtSB5DvUSL426lUfutbZKQmd_NucUFZzRdsmK7bqoOwe20_LJApHj56S7dQFf-K27o9J8m6qpzPxLgDUpBJ7yKeNSEKvCOxf37oTmmlNzylz9hZZSp0lbe2A_DnSSBWsB5K4E23tL9iddjo0oYK_N6ZBZ8fvPT2HHxYlfGNp8YBzfMJ4_fE45BLgl9YEkXoFAQxSuW5A-7lza1AEoWepGCHtT5cUdpyuyPun6Eyymw&sig=Cg0ArKJSzDhxl3yPoXQAEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CC3C 57 KB
19 KB 59ms
58ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e996784cacd24396160deff0366e192d503bab24c17c28b9692b087e2fb7ce5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 864 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19748
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CC3C 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
DATA 200
OK truncated
/ Frame 65A9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3191e006c168f1119f156a3eff84cfc787b8b30a8ba57477a8b5287672d6d9f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3D5C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa5006bcbd76adcdb2a6d6b72cc3324379e50d7f644e9013f4b4c424270341f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8175 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvno1qKL7DtHrH6WQYavVPENs9jUnfkdK6f5aUUZtQAxycR-hPJ-gwi4ctOAUzzS2cJhTQvyb1nIgdddz2iNT5Tq0uK0nunUgrE5MUfRNyvezG3f4KUUyIivGLiRntqRba3EQXxhmToBpCTsdjgqATNvJF_P0lfcPg3MjzRWpDJIqQG3IoWt1O63h70xB-D8SZxgEFGWOx5o6zXAgpKWcV5pTITipCdbOyH9oqNqblSvl3xkEqHQKHpLPeEZ5dCaU1C2uEA37LEqKrr3iFLMBtTkIxxw7SoW0MhyT5yhrS0OVhPA_KVMMPC2Q&sig=Cg0ArKJSzO_VzQO3bPfeEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8175 57 KB
19 KB 61ms
61ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

6058cb9f9dbc7304725382cabe8dde30b79fc0818bdde92cb97555799bf0037b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 48 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19743
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8175 117 KB
36 KB 57ms
57ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EE2 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunUCR_ptrrMladkZbJpcdtD_XQo1atWq9WCXNYb30vVnob4dmwhKkY4kmzNUnb6mVyHHHbwD2yJg55-CMBZsWbyElUvF7vdejTe1Efq3_fWAj75MsQRpA-DBd3Nkng0SWnY0QNHt9W81o8M6Arb0-NpiZ-kBNe-Jnjlf2JSW6ZBJiXIn7EkD-IcmoZjchItJW5Cvsy1o6WOgGoWtjhP067SnykpCJpm36j3Z-WhwwrXyb6WLfz0bv1P7yQX9JGA4XHImvOAoJWs2twLLw-ZwIFvoCCtrhXpQam8wbG1XjZamDUM5tEV3xnn8I&sig=Cg0ArKJSzGUg7om0XxjnEAE&urlfix=1&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 ad.js Show response
img.scupio.com/js/ Frame 9EE2 41 KB
15 KB 65ms
65ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/ad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6fe8e683eab18fd17809898839bb7f04fbc99d49e9a4f0a6878a39e73a9a16bd

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:59 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 01:57:34 GMT
server: nginx/1.12.1
age: 256
etag: W/"6057f98e-a495"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: ntR0urRdUi5mx2CInP8ka0AfHTfq_QotD39MWV8Z-AFrQYMy9nlhtg==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 01:38:29 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9EE2 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H/1.1 200
OK player.js Show response
player.viewdeos.com/script/6.1/ 24 KB
10 KB 31ms
7ms Script
application/javascript 2a02:26f0:10::214:b4a1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.viewdeos.com/script/6.1/player.js
Requested by: Host: tags.viewdeos.com
URL: https://tags.viewdeos.com/storm/player-storm-desktop.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:b4a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 26aab0e75aa845381e68809fe57a4dee5fe1894d258f62e11a28ce5e509ba6d3

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:45 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-UziIkkKUn9XkpTn9wmD-WqMOWiqRgiWFXnul_Ir5Qbac-96iyQq6nVIAXQFvJKMTgSoJqPjMzLR1yFJSRiwVXPqAnfxlA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 9028
Last-Modified: Tue, 16 Mar 2021 07:30:59 GMT
Server: UploadServer
ETag: "c04ee9a292e530c523ff72e8abc636e8"
Vary: Accept-Encoding
x-goog-hash: crc32c=jXIsqQ==, md5=wE7popLlMMUj/3Loq8Y26A==
Content-Language: en
Access-Control-Allow-Origin: *
x-goog-generation: 1615879859596843
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=300
x-goog-stored-content-length: 9028
Accept-Ranges: bytes
Content-Type: application/javascript
Expires: Tue, 23 Mar 2021 01:32:45 GMT

GET
H2 200 track
track1.viewdeos.com/ Frame 0DBC 0
71 B 421ms
138ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.viewdeos.com/track?pid=5e60bfad28a0610ba100c7c4&cid=5e60c75028a06115d47ebd9b&e=playerLoaded&cb=1616462865503
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 023C 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstAkV9jxyx71baqVZTF22X4WAeKI3_XV4dcBF02t2i__bd8mmATgQQtv1es7aI_LT0rIwXr3hKF_zlSxJ7JDuxq2K_jR89on67rg8xWfCo3ZjDPuCIjnFPg-edLGTf00CAK1t8Iqy_bksaQDX7EChxXs2_4Rk37ECl1B2rM_4vBcWKA_uapUJh3SfFs8EFF-qpJuDQd-GWlu3dCJvnGHVz8Oim9J2_xl7M6ZCVdXDq720EXAtGLDROHNLGXFe4QjdKbjCS_xE4VcA9Lf6y7__-f5fPNzdwofGzZNg0243O24g9xPQEnIt0u3xg&sig=Cg0ArKJSzGL5KONL1CUDEAE&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 023C 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 023C 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 023C 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 023C 0
0 15ms
13ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRny3BKYXq3pF9IWX0etPN-VAvEUH0GFBmCDK7iDdCuR5TR0HlGB7wKwu7fMiAvJUI80bnyXOEoeE-44QmSsnsYituArg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 7509102444931667035
tpc.googlesyndication.com/simgad/ Frame 023C 195 KB
195 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7509102444931667035

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733201312f56e42181c43c357f8025240548ac9b4945c0691069324e8f695551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:18:45 GMT
x-content-type-options: nosniff
age: 432540
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199693
x-xss-protection: 0
last-modified: Tue, 29 Dec 2020 07:42:22 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:18:45 GMT

GET
H2 200 3553076 Show response
service-pvapi.storm.mg/pvapi/get_pv/ 20 B
227 B 319ms
314ms XHR
application/json 52.198.167.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://service-pvapi.storm.mg/pvapi/get_pv/3553076?tid=1616462866
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.198.167.159 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-167-159.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 45efaf8d0edf78de5fe175b963e4689dad500f240693f6328ba7271616548195

Request headers

Accept: */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:45 GMT
x-powered-by: Express
etag: W/"14-3667f0ee"
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
content-length: 20
expires: -1

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B463 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ7pTugytN88O38k0ebzGYp9U4f--Yjw1mtnHYvc1uhJQz3X8y7QUCSKfZked1rMtk-InFyeDq2xig5j3pfToDv-PEvVA4YAaKBSOvlKozXWDJCGaa2CGuykSjW_fehSF5SOHUElOg0grpNymmR2oLloxkPvLEbne-Y2XCRzbGV4m30NG2pUCMGO1Ka5Z-mPclfSOmYCeSdjP_SWBu0i_5rRVUfL0ahlPvC11XgTn00DbKwd6D3SQp0wSBv7wnUqmFJA_NUmuAkBLLPxlo5QDvaME2l-ZdOwpU1R1dNJibe9B3r8H1MM0hVQ&sig=Cg0ArKJSzBNvQhi5GqQtEAE&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame B463 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame B463 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B463 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:45 GMT

GET
H3-Q050 200 11668427489052013722
tpc.googlesyndication.com/simgad/ Frame B463 74 KB
74 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11668427489052013722

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d794625b678a8c160730301011f833dd7759fba70300edc2f780c9d93aa17954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 09:16:44 GMT
x-content-type-options: nosniff
age: 576661
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75866
x-xss-protection: 0
last-modified: Fri, 08 May 2020 09:15:39 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 09:16:44 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A983 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNIOaZoFDsD-718yv2Ce17uSgXPMytBwxCKPuFiLTE4hOFU_2r45TbFqUfy_OMKBgtodr-cOI0EcwwTSwSO9l4u0QiyBDY3L2EGM5lXzWHgeM2mygy8n-2DC4H0VWRViN2MvOQOGFY2i2cbuob_J7zxZfGuTWFoYmiBCdl5yQR9vsJqV0tV7HRMySM0_5Irn_SjoOMOB-9yp7I7GQu_9q4SAhi-x47PYRSJRZEBvyeMsxDl0Mdx23piOdK5Z-BOASDGPSh0c6JulPgItPGEYSgaKOTdsv8a57Xm2W5f0GogqEshhakN5QGJt0gVE595Ee9TWPmtPl-uA&sig=Cg0ArKJSzM3q8Ig2GJVtEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:45 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
422 B 89ms
16ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-58197782-1&cid=1815605501.1616462864&jid=684731339&gjid=365137538&_gid=1022997964.1616462865&_u=aChAAEACQAAAAC~&z=1667723196

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 23 Mar 2021 01:27:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 td_js_sdk_171.js Show response
api.popin.cc/ Frame 2475 34 KB
13 KB 51ms
51ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/storm_DFP.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAD) /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2018 09:42:51 GMT
server: ECS (amb/6BAD)
age: 1287
etag: "17b2e8b253e693d224f7d8407e28e1ea+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: WVGQ5NWP55NEFJ65
content-length: 12707
x-amz-version-id: null
x-amz-id-2: 28vzuW44ho3iiJe1m6cGWCqtptL9MwcC0NjKc9GY9OU2oELy7PD92B2PCP72Xj7R09tiUmj7hbA=

GET
H/1.1 200 recommend Show response
tw.popin.cc/popin_discovery/ Frame 2475 46 KB
14 KB 1535ms
609ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&&device=pc&media=www.storm.mg_DFP&extra=windows&agency=nissin_tw&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=7e7711254f6522e03a91616459265592&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMzM2eDI4MCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiIiLCJ1c2VyX3RkX3BhdGgiOiIvYXJ0aWNsZS8zNTUzMDc2IiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwidXNlcl90ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInVzZXJfdGRfaG9zdCI6Ind3dy5zdG9ybS5tZyIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2MTY0NjI4NjU1OTQsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&callback=_p6_9304357d59a4
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/storm_DFP.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 4624cc1a14b12ba0fbe128e2507cb3c35ef08bc43c2950dca2bfddb07d645c9f

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:46 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.13.5
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8

GET
H2 200 popin_discovery5-min.js Show response
api.popin.cc/ Frame 2475 159 KB
44 KB 51ms
50ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/storm_DFP.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 41de6ebbe9653813f28709c8ad60193f319a568c04c71198b8dd9ddd4ca125ba

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:45 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 05:08:45 GMT
server: ECS (amb/6B90)
age: 329
etag: "519666be22320db83e2d65ab657dbd85+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: XHM2TEWRND12JFV0
content-length: 44501
x-amz-version-id: mugy5YgUsdFYsiM1SV6weW.2JXi0Ar1I
x-amz-id-2: eNAs8tplK45MVjzP4R0BCBwUefIVq0dcoyrLpik46K1yBmLpF+KYxbsP75tV800WR92LLqUln0Y=

GET
DATA 200
OK truncated
/ Frame A25D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efcb136b50cdb865511e3f483bca65c94900f0e2d0f1ac1bbbbcd29ad170a8cf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Zdi7CpzFYFW.js Show response
www.facebook.com/rsrc.php/v3/yD/r/ Frame ACD9 142 KB
31 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yD/r/Zdi7CpzFYFW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f81b8ad14422ad8f41f69b8cb3fbb92008af8642325af05a8db81b0d18ba3e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: XtpXETufNIMCdqV2NTiqrVCxPZDurdEYOd1a6HbwhaKQV7sFNfmKkhPbkiuwJJd4m8SoHx8bnnE9l7JQTs+hzg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: iyTHrp08j85E+lfUieNf6Q==
date: Sat, 20 Mar 2021 10:07:12 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31767
x-fb-rlafr: 0
expires: Sun, 20 Mar 2022 10:07:12 GMT

GET
H2 200 SlhjuTlUlGy.js Show response
www.facebook.com/rsrc.php/v3/yb/r/ Frame ACD9 1 KB
793 B 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yb/r/SlhjuTlUlGy.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f88f04d2039412abf17f3587560563d8497854523fd5608fb90cc15085c0779

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: D7MAVfpquaWiqwN/yLtJYrqBSVXvsu9K0DaHX5NCSZsxTbD2cuXEY5tIPJTsHEji/zESP6gL9ywPS14ymmO4TQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: xv5A5OQ4ko58inkdkPJ6qQ==
date: Mon, 22 Mar 2021 18:13:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 571
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 18:13:46 GMT

GET
H2 200 I5iZGxAJwEB.js Show response
www.facebook.com/rsrc.php/v3/yR/r/ Frame ACD9 14 KB
6 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yR/r/I5iZGxAJwEB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c609232e4c218c81785beae599c9568353f2c2743388bc6f11dc61a06d0ae540

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 4AyGfqEP5RW8Cc95M2JG5AfcuaK7AO6MHuejCyA9YAYKIfB/dgPKl3xefz5386XD5MamYhLHOK9+2Ctxm/aUnw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: OOz5shTYnFOhD309xPaayg==
date: Mon, 22 Mar 2021 20:54:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5643
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 20:54:39 GMT

GET
H2 200 mMFHlEXQIHF.js Show response
www.facebook.com/rsrc.php/v3/yk/r/ Frame ACD9 32 KB
10 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yk/r/mMFHlEXQIHF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

edb4e27665aeb697692cddfbeb739cafb2dc606c1adfe3c7101815d49e5f4605

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: eG2W1MGanFEb5pPCND/8ZkAGr9gZs9dzZv+6477qtYKjYZtXxoIbaecy40jx/LSm6tAFmF2c5ZzJAe/i/RFSig==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: ga9VtS9X9zD01qHbamPZjA==
date: Mon, 22 Mar 2021 20:54:39 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9743
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 20:54:39 GMT

GET
DATA 200
OK truncated
/ Frame 3D30 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ea48f70035f7723886fd9d504ec7f7676bcf1bc47bc3e0243b7f8125c139c92

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 39ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=4428478098213158&vrg=2021031601&nw_id=225677396&nslots=29&eid=31060321%2C31060367%2C44733567%2C676982961%2C44739387&pub_url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&qid=CI38ybahxe8CFZIz4AodLpoBhQ&iu=%2F225677396%2Fstorm_content_sticky_bottom_pc_970250&e=0&ret=970x250&req=970x250%7C970x90%7C1x1&bm=0&efh=1&stk=1&ifi=28

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 0DB1 1 KB
1 KB 58ms
57ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html?mid=0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html?mid=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 00:32:25 GMT
expires: Mon, 29 Mar 2021 23:42:37 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5dDVT0AlcgwSQlBH4Pn3CIPcILxz7EIl9J9YFsZSv2cjVK4CWay5eg==
age: 6308

POST
H2 200 event Show response
pixel-api.scupio.com/v0/ 159 B
498 B 1551ms
608ms XHR
application/json 210.59.219.31
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-api.scupio.com/v0/event?cb=0.03320004801463816
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.59.219.31 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx/1.15.2 /
Resource Hash: 473d6cbef21a937d77c2079ce0b78fa7541a806999be0138930060716aecef61

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
server: nginx/1.15.2
access-control-allow-methods: POST
p3p: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

POST
H2 200 event Show response
pixel-api.scupio.com/v0/ 159 B
498 B 1550ms
609ms XHR
application/json 210.59.219.31
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-api.scupio.com/v0/event?cb=0.42062193608527054
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 210.59.219.31 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: nginx/1.15.2 /
Resource Hash: 473d6cbef21a937d77c2079ce0b78fa7541a806999be0138930060716aecef61

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
server: nginx/1.15.2
access-control-allow-methods: POST
p3p: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

GET
H2 200 container.html Show response
0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 08F4 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 01:27:43 GMT
expires: Wed, 23 Mar 2022 01:27:43 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html Show response
0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 7BF6 6 KB
3 KB 9ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 01:27:43 GMT
expires: Wed, 23 Mar 2022 01:27:43 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 17781.json Show response
img.scupio.com/js/config/ Frame 65A9 552 B
940 B 796ms
672ms XHR
application/json 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17781.json?v=1.0.3797
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 6f23e209272fff2b49d26918d269cc831047bc51e277b859684e3f68553e6531

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 06:31:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-C1
etag: "604867c4-228"
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 552
x-amz-cf-id: eJwRS79qfthxU7bxUrzYJrbv1N1C2ipNEw5-cRD3hCMMCRzvpdMSLQ==
expires: Tue, 23 Mar 2021 04:27:46 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 3B9A 35 KB
14 KB 65ms
65ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.54
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 476d55eb073ca18e550dbfce4a84051f4759ebac1f1941abe30fec66ff9228d5

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Thu, 18 Mar 2021 09:04:23 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 00:52:40 GMT
expires: Tue, 23 Mar 2021 06:25:21 GMT
cache-control: max-age=21600
etag: W/"60531797-8c89"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Xmtc-DQMV9w0L62bRNH9xl64P2CwVyc6ChYdqX_sLWBrmlpedWSfYA==
age: 3744

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D5C 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoul27a_jCHtPw-koZlA11zHJEBoh0-uRE6I6rxWaHuOzQJVQ7i28kGzQLidr_q9yjXcbRYfau-TsfJw21r1MrMsizpdEniLUTjUJMWT38oX6HCsP198k87ECxIhhivfIEcriO5sRUBbDVDM3gc6gaD2f43yOf3k-BLGBHqjpFkAzrU6rFAnq3rVAY-OgiAUq1XqXOUQzJQN3f-E5dqXch1MYAiUrZ8-eStDfITXreP3KmYC9Ua5IKW2juin_XeBC6FHncscEQHs04KeKSW_ME0nQ1xrqbyCSzXWRFUkziZI8jdw5Q-GqQOkPvYYIjv6VHgiunFo9PtUs&sig=Cg0ArKJSzCwV2udKoxYwEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A25D 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwc7QEdHDAb2SAliwY5JytaTGO0hoRC9mbyrAPWgg-DvXHygZz0ZzNwcOCBYFMU_t022tuM6Y9hRfCkSVYqvo6gioMLF_YRo4E3fAqD8292jPUJXLJ8pb3uGe-6Tz_CZOZ6zYVDzJuP0_wTS5DsVC7CFTxprunXmfYTFfOFmTa2_XVacM5BDx6__pLkLnrNMt5iOKDAjdYb8YJrk90E09Y1Ut1A7knfYWE9OviFvtE5Pnp-77OnEGjxntige5F8mMUfxUZ22MliWhYgeNETtVDxp-uKpAh8VGf4b6iP8CKsQ9IUH9jVIsCoInu&sig=Cg0ArKJSzPUKNV7Bo3R9EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C73 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssX0gg29sLWvg-_MOfsapHN6_Qy1SPkgMkIvlKsqzB_BFheX5MZ8csAJyGS8ugkoA200dw5G3EqiBaiXj_NQ1kY3cqJCB6moZaXuDiXY_2p4qbjpqmtVf9V13AWbHQcpoPnJ9vq2_PM-W9vpgSA3Bu1qTtiBBUtZOcEcowooW7JCYCW8nq7KqlVuiqtRzY262G5RDvmWEmn70Yg3Ul28YFH0GhpknRrnFbLjLK6sDiGDvRSGa9xp1wVGo9e9lKcfjswpWdZ6ycmnA0G2OLJN0i9DlxiSkK1Xqd28u6fyx16a4agUp6i3nGJdg&sig=Cg0ArKJSzLaLPVmHL1_hEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H2 200 1mTWWCOleuD.css
www.facebook.com/rsrc.php/v3/yK/l/1,cross/ Frame 7964 224 KB
55 KB 11ms
10ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yK/l/1,cross/1mTWWCOleuD.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fec5ef03a71ae0ebcca09e3f8ec2441b8293465dcd9bd08971449f6866fc249e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: h+208CmZEER6lrr+UGYE9VKrmJG3iMs7mRfIkFhi/rMNDCtQQ2hnVXbeU3sKQFtcPBDBcvCDsFV1V8s8GI+9uQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 3mdrGzhMzHr0PfFbVQ3qQQ==
date: Mon, 22 Mar 2021 18:44:46 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 55955
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 18:44:46 GMT

GET
H2 200 oVAcAegKflF.css
www.facebook.com/rsrc.php/v3/yr/l/1,cross/ Frame 7964 128 KB
21 KB 8ms
6ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yr/l/1,cross/oVAcAegKflF.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d3a74cb2d2cba175141e0a6540c2d50a023c9c86a2376baa79e1945c2af73d9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 18:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0iEsT7mGDCXOodrZEDS80A==
cross-origin-resource-policy: cross-origin
content-length: 20865
x-fb-rlafr: 0
x-fb-debug: TuRNV3Y7+LGPoayqdFM3njBa98LsAQhXKcaMZQh75sVqWUqpDo05E980Up9e4jAemYKy1sYJK2dnSY4BB8aX7A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 20 Mar 2022 18:34:02 GMT

GET
H2 200 PdwbQu-vcSZ.js Show response
www.facebook.com/rsrc.php/v3/yH/r/ Frame 7964 268 KB
71 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Fbh/Qe0PM/qC6duxJKeuKvGMpmWzbJNmXPHVO+YT1RfPoHg/5mZS1Z/CVX2wLWJhk3q8O358D47eyA3jHTEO7Q==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: nzVqOlCzvtmsFYlxXLwesg==
date: Thu, 18 Mar 2021 20:22:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72319
x-fb-rlafr: 0
expires: Fri, 18 Mar 2022 20:22:29 GMT

GET
H2 200 FBJGIgt_yWB.js Show response
www.facebook.com/rsrc.php/v3i63m4/y0/l/zh_TW/ Frame 7964 165 KB
46 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i63m4/y0/l/zh_TW/FBJGIgt_yWB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e946b85433f80e6a0847a25b0e1939f9b8b0b35c46a80b8cb8531614232073ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YsXLwk9gDqw7yMdhSE6dpA==
cross-origin-resource-policy: cross-origin
content-length: 46892
x-fb-rlafr: 0
x-fb-debug: 3niUpBEJcw9cYd/nADE7Rnpc9T1NMBb/pzOU3CReZ6fuN1NSyFeWdZP1QYKFiWJViBojPUJxfpeNJxEJqAwRfg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 15:27:17 GMT

GET
H2 200 YUWLdNvkOQJ.js Show response
www.facebook.com/rsrc.php/v3i2n64/yc/l/zh_TW/ Frame 7964 1 MB
347 KB 15ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i2n64/yc/l/zh_TW/YUWLdNvkOQJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e5012125c13d807e7a419983db8cef1e12cf9a7cae340a7f8ae0cb94cdf79a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: TYFvtMyX7BC81jgGdzmaldR+6gCG9c5P0De/NNIlXxZaIAL04QGKFC2rEbJ/V+7vTndy76CtuhZsU0VD7VkCyw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 69QLscX+HlAnyowlNPO63Q==
date: Mon, 22 Mar 2021 21:00:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354717
x-fb-rlafr: 0
expires: Tue, 22 Mar 2022 21:00:34 GMT

GET
H2 200 5VR2dH_XHWT.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame 7964 26 KB
8 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/5VR2dH_XHWT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

38f5937523d6a01df73c307939a810cc2dee7c037c31b06905aba300e665e93b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 14:39:02 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ifoKVpMyyCJns8acz+z81Q==
cross-origin-resource-policy: cross-origin
content-length: 8296
x-fb-rlafr: 0
x-fb-debug: C+gvoUbYhL2aKt+RgtftD1q9PUOzglT5SeCgXkMs+P93jxUYHWPP26SP73900Z7cxVY6z+Qugy+OanQo8degvg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 19 Mar 2022 14:39:02 GMT

GET
H2 200 bo32ttEqF3C.js Show response
www.facebook.com/rsrc.php/v3/yu/r/ Frame 7964 4 KB
2 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yu/r/bo32ttEqF3C.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f64aea633d0f8d08bda7000c1ea8dfdc4db4d156eef91c1063426a57f93f7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: IarcZ60SZVuP61wuOFeomtJTPWOvqIe1IpeoLaKlgK095OBzuuNC7NRmt0SCUuUx0aZlblml2TbC8D/FPiDWog==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: txEKGSxUV6PpinFTWUfJXA==
date: Sun, 21 Mar 2021 12:16:13 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2027
x-fb-rlafr: 0
expires: Mon, 21 Mar 2022 12:16:13 GMT

GET
H2 200 17780.json Show response
img.scupio.com/js/config/ 503 B
893 B 702ms
641ms XHR
application/json 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/17780.json?v=1.0.3797
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 1821d1a770f27dea043b6a0fb99d6b31c9310eb2cb5d08a2ae319da8c10ccac4

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 06:31:32 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-C1
etag: "604867c4-1f7"
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 503
x-amz-cf-id: NdkxyuzfVPRleXBBP3s8ILAsbkUzPi6r2vpRxm2lN8URYK7_VBMU5g==
expires: Tue, 23 Mar 2021 04:27:46 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame F3C4 35 KB
14 KB 65ms
65ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.54
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 476d55eb073ca18e550dbfce4a84051f4759ebac1f1941abe30fec66ff9228d5

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Thu, 18 Mar 2021 09:04:23 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 00:52:40 GMT
expires: Tue, 23 Mar 2021 06:25:21 GMT
cache-control: max-age=21600
etag: W/"60531797-8c89"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: bS8yhBl30I6DWfkFcoQOzGmyBm3x7P1tCOx6tvvK00dx92rgwAKbzQ==
age: 3745

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjqPBE7Yvtv3z4pGR

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 23 Mar 2021 01:27:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 xkpBcCEj_ql.js Show response
www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/ Frame 9648 479 KB
124 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iUNC4/yr/l/zh_TW/xkpBcCEj_ql.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 00:18:29 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: h8DxR9O1MzfkhHf+DTmeug==
cross-origin-resource-policy: cross-origin
content-length: 126476
x-fb-rlafr: 0
x-fb-debug: bhVg4gSIBsTW64n6NpX+6T8xqrnkq4pvyCTD9Brh0SU3PQRyKJkFBGDpxf2Nv2HdC9Q+VkfgqRg4qirDS3oIAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 23 Mar 2022 00:18:29 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-58197782-1&cid=1815605501.1616462864&jid=684731339&_u=aChAAEACQAAAAC~&z=605078949

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 16ms
16ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-58197782-1&cid=1815605501.1616462864&jid=684731339&_u=aChAAEACQAAAAC~&z=605078949

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021031801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3D30 286 KB
100 KB 53ms
53ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102478
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CC3C 285 KB
100 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H3-Q050 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8175 285 KB
100 KB 58ms
58ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
DATA 200
OK truncated
/ Frame 9EE2 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6a5728ba63f31c5a48cb0f825c8ca0ce939e0255f385f9b645514c34855f071

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 023C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0058900a2ef8836f22935c4a90f3f430771447e782bf87946e86cba2ffb3c3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 023C 0
0 88ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh8C1o24-15uGfzza7YA_fTGmjzApttUrQqmOgdygUAod_KR5dtQZqcOYXmxhXyqxsWHzgw_d_elxjedC1ig60SkyPn9qcZqK7djUA280xCcWdr803RBCHNtUIL4lw5I1ee-SMhMsGtiM33sAUv5mXU6ctpuP9KN_ZEpjOniI3ZMeqhKhJv549cnmKQ9eTJREHh029IDmXhK133X_tG2CnNzcKmDFUR5I89qJTZqyqcdfhu-llLjbcFtuyKC6fzqvT0n69Doy5__VI_89D7bwupHbDWA8sIQ4lLXs3POu7gsPxip3aequy9eDRcQ&sig=Cg0ArKJSzBE3oTXPUsqxEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
DATA 200
OK truncated
/ Frame B463 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad184a33a34d25298d12ead99fa419e47a49201e75a5d22b00f09cfcbf01c03b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B463 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvR5p6DkCwWXAxFmE1Gejs2_mW3-rkzteHmP10bN0gRX5QF4Smt7hzWQWK1S8buKEinWfnjHYRmCrKAILazShmYqT9clydi78ZwJkyioxpU57yDpji9cYeKwsVdZynjLurerrKIIEfBVBXe2nuJcY_8KP5zNKr3DH2qiz8jvqRWNaQ9FQv4V5aDvuo0LP7yHlX4-bHC87fB0cNggxXKlDTL9RlcG5FL2IFfqoc-G0GG_pkPLUQKwp865ehlBeE3wYBawQf3d4c2mdDCPd6SV5dQiC2NZzCA8AAUOf8zIMeYujfxSqDiU9piNLJM&sig=Cg0ArKJSzADYLNYhn-QaEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H/1.1 200
OK view Show response
api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/ 54 B
285 B 335ms
334ms Script
text/javascript 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/view?url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&lang=en-US&items%5B0%5D%5Bid%5D=3553076&items%5B0%5D%5Bc1%5D=%E8%A9%95%E8%AB%96&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&cid=51548444.1616462865197&z=86497&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK 51548444.1616462865197 Show response
api.dable.io/widgets/id/y74wWAoV/users/ Frame 4B03 19 KB
5 KB 812ms
509ms Document
text/html 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f2bc4c51d2489de1ba8b8636b9b40ba08a979cdf79789ff02da378904c1a4a1c

Request headers

Host: api.dable.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Mar 2021 01:27:47 GMT
Server: nginx
Content-Length: 4964
Connection: keep-alive

GET
H/1.1 200
OK 51548444.1616462865197 Show response
api.dable.io/widgets/id/1oVpxdlP/users/ Frame 9329 19 KB
5 KB 1070ms
426ms Document
text/html 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2181bf2d0c090462a7deeed66278a1ff394dc7cb66dde16d60a01f0168899601

Request headers

Host: api.dable.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Mar 2021 01:27:47 GMT
Server: nginx
Content-Length: 5129
Connection: keep-alive

GET
H/1.1 200
OK 51548444.1616462865197 Show response
api.dable.io/widgets/id/KoEeAWoB/users/ Frame F8AC 71 KB
11 KB 1172ms
528ms Document
text/html 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: c8976f18096e56336e5cd4438ac3df8cb49452de3842f17a3321b2bf3f01dbd1

Request headers

Host: api.dable.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 23 Mar 2021 01:27:47 GMT
Server: nginx
Content-Length: 11187
Connection: keep-alive

GET
H/1.1 200
OK sendid
ace-sync.toast.com/ 43 B
650 B 1086ms
268ms Image
image/gif 115.88.123.125
NHN-AS-KR NHN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ace-sync.toast.com/sendid?sid=dable&uid=51548444.1616462865197
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 115.88.123.125 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:47 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: image/gif
Access-Control-Allow-Headers: Content-Type,Accept
Content-Length: 43
Expires: Tue, 01 Jan 1980 09:00:00 GMT

GET
H/1.1 200
OK match
analytics.ad.daum.net/ 0
571 B 1757ms
309ms Image
image/avif 211.231.100.211
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.ad.daum.net/match?d=111&uid=51548444.1616462865197
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 211.231.100.211 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: analytics /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:47 GMT
Server: analytics
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Type: image/avif;charset=UTF-8
Content-Length: 0
X-Application-Context: analytics
Expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc=
https://adx.dable.io/pixel/google?google_gid=CAESELqM2m9n5Dc72C0hTmIxnwc&google_cver=1

35 B
195 B

984ms
328ms

Image
image/gif

3.35.111.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESELqM2m9n5Dc72C0hTmIxnwc&google_cver=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.111.161 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-111-161.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:46 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESELqM2m9n5Dc72C0hTmIxnwc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3gKIw20zpPx.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame 2304 18 KB
6 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZGlNkFkUDW5P9HLZTKO2ZSAhMKfRvjibt1s4yo4hZurNS2LVMaDX05dGe+Luls69hispsIzjtN9xbYvfWhsI+A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: JxklXWIUFJ/V53r1B155cg==
date: Tue, 16 Mar 2021 18:12:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5952
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 18:12:19 GMT

GET
H2 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame 2304 7 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df24a47146d60d68%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5up4vljqPxCK64I7yatplFgZ0b5xm2pQzmnqoMsNWFcvmSm9wR1IL6rsoUX8IeC25pekdBdoxD9WwmdoTGKdIA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
date: Sat, 20 Mar 2021 17:53:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2270
x-fb-rlafr: 0
expires: Sun, 20 Mar 2022 17:53:53 GMT

GET
H2 200 3gKIw20zpPx.js Show response
www.facebook.com/rsrc.php/v3/yc/r/ Frame D41F 18 KB
6 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: ZGlNkFkUDW5P9HLZTKO2ZSAhMKfRvjibt1s4yo4hZurNS2LVMaDX05dGe+Luls69hispsIzjtN9xbYvfWhsI+A==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: JxklXWIUFJ/V53r1B155cg==
date: Tue, 16 Mar 2021 18:12:19 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5952
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 18:12:19 GMT

GET
H2 200 JopZtdti8dq.js Show response
www.facebook.com/rsrc.php/v3/y_/r/ Frame D41F 7 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1d1bc1fa7d2a84%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5up4vljqPxCK64I7yatplFgZ0b5xm2pQzmnqoMsNWFcvmSm9wR1IL6rsoUX8IeC25pekdBdoxD9WwmdoTGKdIA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: mTMNw9OoY8KLmzHcqJmeVA==
date: Sat, 20 Mar 2021 17:53:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2270
x-fb-rlafr: 0
expires: Sun, 20 Mar 2022 17:53:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0DBC 0
0 87ms
87ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGFIfEuQA4wL4i2aY67taHcrrjY_Txuu66rF6K8QIf_cCwH-PR_y5WDEn_VaMplfbVsYCQMWppS9USDD9P8AjOJ_kTzb0wSW15Rrz3OlEDJU8_8Og7bnpYldpHATtoEEmvJV_KMuJWpaGz-sbSgZFZzxnz3xuDsXA-1VfbbqsB6Bw5SzBE9ShkrpBXuS9Ho2B1egc6BH14piM_i-8J8koM816wzirU1Z9tD19t0A7TAY8zOD0mcp2o-JLGD3iK_j6LxKhJd6_xgVQbw2noQjgIOkkz0zEfwMiA0tD_xVL9vCD6Z08j3071Log&sig=Cg0ArKJSzNBusliOfTerEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:46 GMT

GET
H2 200 i
track.storm.mg/ 1 KB
1 KB 307ms
307ms Image
image/gif 54.150.150.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.storm.mg/i?stm=1616462866552&e=pv&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&page=%E9%A2%A8%E8%A9%95%EF%BC%9A%E6%8E%89%E6%BC%86%EF%BC%8C%E5%88%A5%E5%86%8D%E6%83%B3%E5%9C%8B%E5%AE%B6%E9%9A%8A%E4%BA%86-%E9%A2%A8%E5%82%B3%E5%AA%92&tv=js-2.9.2&tna=cf&aid=5c6e1a&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=51908324-93c5-435e-a6b6-6dd8a8a39d79&dtm=1616462866551&vp=1600x1200&ds=1600x12184&vid=1&sid=689df3e9-4e3b-4ef8-9d35-603b36fec18d&duid=fc3a29a1-90d9-4a85-a85e-49fad11cccc0&fp=99543720&uid=1616462863415901%3B&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22d9be22fe-35dd-4326-bde0-e04491e71f59%22%7D%7D%5D%7D
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.150.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: df4e4a1ced817cdf2b03316c0c3d3ae51bd50c25fd97fdb576bb88a89c55cd10

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-type: image/gif
x-powered-by: Express
etag: W/"44d-Ar25dwNve0lQPcl2jzuhbJ/fiEA"
content-length: 1101
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame 34D0 332 KB
94 KB 47ms
27ms Script
application/javascript 2a02:26f0:7100:484::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Requested by: Host: player.viewdeos.com
URL: https://player.viewdeos.com/script/6.1/player.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 26352e7aa0979f5e5a13c11ee8955a5babfd0f93870eb68f41b93be02f30339e

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UxPFixa-IdkwPdbfSEAHAA20D9KVSl53bEfs6ZLHT-Yfe4EcOlCj1iRdcBlz-R2-AA_UmPb-UK-iaivOUjYq0zwesp6dw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 95852
last-modified: Tue, 16 Mar 2021 07:30:21 GMT
server: UploadServer
etag: "723ce3d7f7640dfa2df80899dc537a63"
vary: Accept-Encoding
x-goog-hash: crc32c=64OWOg==, md5=cjzj1/dkDfot+AiZ3FN6Yw==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1615879821497594
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 95852
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 23 Mar 2021 01:32:46 GMT

GET
H2 200 13867.json Show response
img.scupio.com/js/config/ Frame 9EE2 593 B
983 B 68ms
68ms XHR
application/json 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/13867.json?v=1.0.3797
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 7b55264fe4dfcde67da04b3134f76cee471515b9e0160375fc70c6f7e6589c2d

Request headers

Accept: application/json, text/javascript, */*
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 23 Mar 2021 01:22:52 GMT
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 06:31:32 GMT
server: nginx/1.12.1
age: 294
etag: "604867c4-251"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 593
x-amz-cf-id: r-dsAeAsYCinBdHI702YavS0NUWvmruL9WXlr84_Gz85BNy0o82hOw==
expires: Tue, 23 Mar 2021 04:22:52 GMT

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame 7672 35 KB
14 KB 67ms
66ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.54
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 476d55eb073ca18e550dbfce4a84051f4759ebac1f1941abe30fec66ff9228d5

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ad.html?v=1.0.54
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Thu, 18 Mar 2021 09:04:23 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 00:52:40 GMT
expires: Tue, 23 Mar 2021 06:25:21 GMT
cache-control: max-age=21600
etag: W/"60531797-8c89"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: cb0VG1M2UUP-6SLFXx2-E2P3yHT9DCdyCTDHFgS9Al__Zk8bRvPelQ==
age: 3745

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame EA87 109 KB
38 KB 58ms
12ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46074
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:39:52 GMT

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame EBF9 113 B
448 B 39ms
38ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9820fbc9b653901418ed7c2bd0b52b7e0b961fd8cd61112465a11f6faccd057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame EBF9 29 B
90 B 11ms
9ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:26:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 102
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:41:04 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 737D 67 B
204 B 54ms
53ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1616462865303&t_start=1616462865303&t_domcontent=1616462866082&t_layout=1616462866787&t_onload=1616462866787&t_paint=1616462866787&t_creport=1616462866787&t_tti=1616462866082&lid=6942655137843054662-0

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df260a0248610944%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: nFfqxqHfbdFtlWtGE2zyR/uHSG/4IUifp81aZomcutKyRrudNs7TM8iu60jIzDmbJ22oVN87uct0e2XHOuH3gw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Mar 2021 01:27:46 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3D5C 42 B
108 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-oRwZxHNZThT1DI0OlBNG1ReFAbh6U5hqukcIZ1EFpw317RWVR9dhHWX5lxoJxWQDmBh_oceHARBOCf6M60v7HI2brSwATwJyINaU_bA&sig=Cg0ArKJSzDezxdYnMPw4EAE&id=osdim&mcvt=1304&p=950,315,1200,1285&mtos=1304,1304,1304,1304,1304&tos=1304,0,0,0,0&v=20210322&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4267075666&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame ACD9 1 KB
962 B 46ms
46ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1502574629794708&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yZ/l/en_US/uqaYG-2xXaf.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

665921c0c34325316b332d150a9531f1bc4019cc48748006c5174840c8d6a7f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: tABSsiQgJEMYZ7MUfNC8/nGduFXaSePVMf5sQmbF/Szr59aTWp8rYPJMp7L87VIj1Xb8i2BMI6MPQOnqIKi8yw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 23 Mar 2021 01:27:46 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
vary: Origin, Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
access-control-expose-headers: X-FB-Debug, X-Loader-Length

GET
H2 200 tracking.js Show response
track.storm.mg/js/core/ Frame B690 790 B
1 KB 308ms
307ms Script
application/javascript 54.150.150.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.storm.mg/js/core/tracking.js?v=1593662881057
Requested by: Host: track.storm.mg
URL: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.150.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: 1389babfb36c9e1ac183cae31e9969e934a85a548e569629927577874798fded

Request headers

Referer: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
last-modified: Thu, 02 Jul 2020 04:08:01 GMT
x-powered-by: Express
etag: W/"316-1730db5bd3d"
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control: public, max-age=0
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8
content-length: 790

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame CC3C 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CC3C 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame CC3C 40 KB
10 KB 352ms
352ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1297403516770945&correlator=592278873955139&output=ldjh&impl=fif&eid=31060469%2C21064365%2C31060367%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=7682122%2CSF_storm_content_RM_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&cdm=storm.mg&bc=31&abxe=1&lmt=1616462866&dt=1616462866907&dlt=1616462865399&idt=1497&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1075&adys=3187&adks=2840708511&ucis=egpx9fx887dw&ifi=1&ifk=2674980915&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&top=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=205761848.1616462867&ga_sid=1616462867&ga_hid=1019151821&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e2ddf8f53c500dd4f7b5b6cf5d99a520fa6c64b07ee5cf830a3de44663e13d1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10464
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3f64db6d4324d99215cee6a288db42e5.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CC3C 0
0 27ms
13ms Other
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3f64db6d4324d99215cee6a288db42e5.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame CC3C 0
0 6ms
6ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CC3C 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d155ba42b20312ebff7388d008028af184133a06a03679d6fc7d8ed539e171a5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 8175 107 B
777 B 64ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8175 107 B
531 B 46ms
29ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8175 46 KB
12 KB 317ms
316ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3791733844364843&correlator=1847637789385834&output=ldjh&impl=fif&eid=31060469%2C31060526%2C31060010%2C31060344%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-38&ecs=20210323&iu_parts=7682122%2CSF_storm_content_RB_300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie_enabled=1&cdm=storm.mg&bc=31&abxe=1&lmt=1616462866&dt=1616462866964&dlt=1616462865479&idt=1476&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1075&adys=4466&adks=2885504511&ucis=9otokfwdmzpn&ifi=1&ifk=3318907107&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&top=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=1211063833.1616462867&ga_sid=1616462867&ga_hid=781709669&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

74f67f85dc2c3543ef481f30ba5ee9bfa5f452005486b9a2f67b0bede47ac9cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11745
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b941f13208caded1abc44d9c50878d7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8175 0
0 48ms
13ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b941f13208caded1abc44d9c50878d7a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 8175 0
0 7ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 8175 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc57ad3da1bc1921137bf4c7532a9c049cf16a527834ff367aa3f2c25e268df9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 remote.js Show response
www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/ Frame EBF9 97 KB
32 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2c559d63d55073af212151c1659ab41fe869df350868a5ad1c1d6daba0836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:00:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 00:15:10 GMT
server: sffe
age: 37624
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32708
x-xss-protection: 0
expires: Tue, 22 Mar 2022 15:00:43 GMT

GET
H2 200 3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js Show response
www.google.com/js/th/ Frame EBF9 33 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/3eYrsmSQBEQu88LBPmoKpV_BHftGk26qyGDx_h5vt1k.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 18:59:37 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 08 Mar 2021 18:00:00 GMT
server: sffe
age: 455290
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12653
x-xss-protection: 0
expires: Thu, 17 Mar 2022 18:59:37 GMT

GET
H3-Q050 200 embed.js Show response
www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/ Frame EBF9 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/base.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb04746af0386a3d16cd49bc967e1b860dc6b54ce1ff33ecad5288af0832596f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 15:02:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 00:15:10 GMT
server: sffe
age: 37512
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7467
x-xss-protection: 0
expires: Tue, 22 Mar 2022 15:02:35 GMT

GET
DATA 200
OK truncated
/ Frame EBF9 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AAUvwnjyoHkuc_dfYGYsjsv7okuGMCmt2wzm2Mjq71v4nA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame EBF9 2 KB
2 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AAUvwnjyoHkuc_dfYGYsjsv7okuGMCmt2wzm2Mjq71v4nA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

804eb873c8b828218c0ce74770f5ebcfc3e2bb5cd8e279168e69e5b3e0ca9b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:49:17 GMT
x-content-type-options: nosniff
age: 9510
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1949
x-xss-protection: 0
server: fife
etag: "v1df"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 20 Mar 2021 10:32:44 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/nhjbmRQVmrw/ Frame EBF9 52 KB
52 KB 16ms
15ms Image
image/webp 2a00:1450:4001:827::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/nhjbmRQVmrw/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ee49b56c363611c87785b7af8cb7340f77d78c7321a6ca8eabe82f759852df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
x-content-type-options: nosniff
server: sffe
age: 0
etag: "1616394352"
vary: Origin
content-type: image/webp
cache-control: public, max-age=300
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53328
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:32:47 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 9648 67 B
227 B 35ms
34ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1616462865323&t_start=1616462865324&t_domcontent=1616462865660&t_layout=1616462867135&t_onload=1616462867135&t_paint=1616462867135&t_creport=1616462867135&t_tti=1616462865660&lid=6942655136224138731-0

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31e4ebc03604b%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: NM1bIdBqAqLt6lb/0YySddgc+ZyOyGMfLYPHQ9l2iJoymDajP7BfgJiiWpxpB/no6dM9N77wQS4642DWUMEohQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 23 Mar 2021 01:27:47 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 notosanstc.css
fonts.googleapis.com/earlyaccess/ Frame 08F4 691 KB
196 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notosanstc.css

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 23:48:16 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 08F4 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43809
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:17:38 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 08F4 20 KB
2 KB 64ms
49ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700|Roboto:300,400,400italic,500,700&lang=en

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c87f3b4d92afe0fe065579482fcddd868d690f84d716451533ac9a9c15c72c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:27:47 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08F4 117 KB
36 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H/1.1 200
OK initid.aspx Show response
bw.scupio.com/ssp/ Frame 0DB1 37 B
627 B 1358ms
339ms Script
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.6632997633670765&mid=0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ls.html?mid=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f005c98cdd99a099b2d8fd66faa51c7a15fbd1b5bb4e633f8b649a58bee6072b

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: application/javascript; charset=utf-8
Content-Length: 159

GET
H3-Q050 200 notosanstc.css
fonts.googleapis.com/earlyaccess/ Frame 7BF6 691 KB
196 KB 51ms
50ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notosanstc.css

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 23:50:57 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 7BF6 24 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:17:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43809
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7485
x-xss-protection: 0
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:17:38 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 7BF6 20 KB
1 KB 34ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700|Roboto:300,400,400italic,500,700&lang=en

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c87f3b4d92afe0fe065579482fcddd868d690f84d716451533ac9a9c15c72c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 01:27:47 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BF6 117 KB
36 KB 56ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 3D30 107 B
123 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3D30 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3D30 18 KB
9 KB 347ms
346ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3955627612180477&correlator=1303553005604026&output=ldjh&impl=fif&eid=31060496%2C31060522%2C21068030%2C31060367%2C31060494%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=7682122%2CSF_storm_content_M_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&cookie_enabled=1&cdm=storm.mg&bc=31&abxe=1&lmt=1616462867&dt=1616462867260&dlt=1616462865023&idt=2212&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=285&adys=1419&adks=3961833623&ucis=cxintwvpt59r&ifi=1&ifk=2871505466&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&top=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=336x0&ga_vid=146204686.1616462867&ga_sid=1616462867&ga_hid=876723489&ga_fc=false&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5b8115054b070d534b4bc58a19487528aaf82f342415a65202ce9fce1d537c36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8855
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3D30 0
0 48ms
13ms Other
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 3D30 0
0 7ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 10S8fVwNKKA.png
www.facebook.com/rsrc.php/v3/yI/r/ Frame 7964 52 KB
52 KB 6ms
6ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yI/r/10S8fVwNKKA.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yr/l/1,cross/oVAcAegKflF.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f21cc4285df8ecb724605ce4a6928b89404fc611db75b2ff881f57ef92964afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yr/l/1,cross/oVAcAegKflF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: 5/Z66LDqs7ML1IFsgnztd62eyAnM/f8W1gayM2fVlkrdsw0PPGs0F9632RkXTOTJyFVHeMF4Rjzakx5ddL62sQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: V5SyOHpIwnhDdkJPL2vc+A==
date: Wed, 17 Mar 2021 14:13:24 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 53301
x-fb-rlafr: 0
expires: Thu, 17 Mar 2022 14:13:24 GMT

GET
H2 200 odA9sNLrE86.jpg
www.facebook.com/rsrc.php/v1/yi/r/ Frame 7964 1 KB
1 KB 6ms
6ms Image
image/jpeg 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v1/yi/r/odA9sNLrE86.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: IKdTm6L0rzAm8kZXmRdTOvTmbfbOzxRwHoSiBBJErl/rVJhz6oCbdFg2o7BVQ92mN6aniJq1Qo6u4D8pj+YxYA==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 8E8V7SJfv5OQxsrCIaL7hQ==
date: Tue, 16 Mar 2021 21:10:27 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
priority: u=3,i
timing-allow-origin: *
content-length: 1131
x-fb-rlafr: 0
expires: Wed, 16 Mar 2022 21:10:27 GMT

GET
H2 200 563422_10151257537803085_1677698706_n.jpg
scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/c282.83.518.517a/s48x48/ Frame 7964 1 KB
1 KB 7ms
6ms Image
image/jpeg 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-frx5-1.xx.fbcdn.net/v/t1.0-1/cp0/c282.83.518.517a/s48x48/563422_10151257537803085_1677698706_n.jpg?_nc_cat=111&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=CEn90RNhV_IAX-VXFbu&_nc_ht=scontent-frx5-1.xx&tp=28&oh=5c737a299455648e43de7f0a06d12aae&oe=607F587F
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5e35eaf06d2c0fec83daea235852bbc7990653ea9ca2ef93dc62899de1b2a014

Request headers

Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum: 1742363684
date: Tue, 23 Mar 2021 01:27:47 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 04 Feb 2013 07:08:25 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3521072281
x-fb-config-version-olb-prod: 1046
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1408

GET
H2 200 UsNrl8Qr1jX.js Show response
www.facebook.com/rsrc.php/v3iAHa4/yK/l/zh_TW/ Frame 7964 29 KB
9 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAHa4/yK/l/zh_TW/UsNrl8Qr1jX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/r/PdwbQu-vcSZ.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd16b9afd96a30d9ae811bd0176d96bb682864165229bc7986aee2d08c247571

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df6650a6cceebd8%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff2a9e8b5076b77%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 20:48:20 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: v/J64rFyvDmqGiYD61hI2w==
cross-origin-resource-policy: cross-origin
content-length: 8545
x-fb-rlafr: 0
x-fb-debug: S9ENHvJpe4sh3vMTvTmgYhHyLdccRrwFo3srF/wZ9q7xqpj1H9c47kEW3g+p9laTCkuIAGJocQU0w9ZqODFf8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Mar 2022 20:48:20 GMT

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 3B9A 95 KB
33 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43370
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:24:57 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 3B9A 228 KB
82 KB 71ms
70ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 07:10:35 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-C1
etag: W/"604870eb-38e7e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-id: mdhnywxYDVnk4oaOiHBcYESQ_5PLe0efufqlbKO25B0ifbjJayVptQ==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 07:26:15 GMT

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame F3C4 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43370
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:24:57 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame F3C4 228 KB
82 KB 78ms
78ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 07:10:35 GMT
server: nginx/1.12.1
age: 0
etag: W/"604870eb-38e7e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: lAMw7RjQ6navwlmjHzdbqKN-H9ErdFtNTxhT4ZpzQFx8PClzL8xzIw==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 07:26:15 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 492C 185 KB
53 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 492C 12 KB
5 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 492C 87 KB
27 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 492C 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 492C 40 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
DATA 200
OK truncated
/ Frame 492C 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 965053e67af4148e0fdbf448a1e907385df001a74fb52c5ac6cba5b8a950f926

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 7062518980815257226
tpc.googlesyndication.com/simgad/ Frame 492C 21 KB
21 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7062518980815257226?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnWzTKGz3sICTjS-d9V2z9CLAzONA

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bed0c39164661e57ee6e1a9b124b490fbe89f9edc6159f73c47a2472ade8287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:18:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 10:38:00 GMT
server: sffe
age: 25738
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21482
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:18:49 GMT

GET
H3-Q050 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 492C 3 KB
4 KB 11ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:07:17 GMT
x-content-type-options: nosniff
server: cafe
age: 58830
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:07:17 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 492C 344 B
465 B 10ms
9ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58945
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:05:22 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 492C 0
0 85ms
85ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CeHRpEkRZYNDUOpWpx_APk_OK0Ab79JnFYJiM3_2iDb_hHhABILCN73pg6eTJhdgaoAG1hr6hAsgBAqkCY4OEKPVxkT7gAgCoAwHIAwiqBOUBT9DzIMto3E5oJ0GTgisQ9dqJh8vOd8ytHiXbkpUIfxfthcFLBKFQ6mVMmFehY8dgbaXbZw9Bjr76pe8bTOrw4As9oNGPKlJUzHtsGUgzTalZ_CRex8oOSyXrTP-tfgbf_o0h6et11qUqm0SgWSmK1vEaxvHXGMm4jHN7dX2wH3d9ejlyS8igjth5ZMvGbRSt7V2m13fVCJoYsh6BGamX1BQE6NPeg-BjOP96IEBiM1RQPIMKICgGV5QkMoKualN93uhz-6yl233NjI9NPpmXCTUaTPI2Zfign6myCCsFPdoKLlvR-8AEhYX_o68D4AQBkgUECAQYAZIFBAgFGASgBgKAB7P5wd4BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEPqZAtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODYwNjYxMzI3NzY4NDg5NoAKA8gLAdgTDbIXGgoYCAASFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=fO7B92iMgIg&tpd=AGWhJmslc8BM-G7P_wInWYBO-t3WTpyyisctgkjULauai1OcuQ
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 853C 185 KB
53 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 853C 12 KB
4 KB 51ms
31ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 853C 87 KB
27 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 853C 3 KB
1 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 853C 40 KB
13 KB 46ms
26ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43866
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 853C 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:07:17 GMT
x-content-type-options: nosniff
server: cafe
age: 58830
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:07:17 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 853C 344 B
369 B 8ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58945
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:05:22 GMT

GET
DATA 200
OK truncated
/ Frame 853C 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a5712681acafa08e27671d5267b717d78ea82bdb9f87871471542e89b1e0c90

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 11696361962806312828
tpc.googlesyndication.com/simgad/ Frame 853C 41 KB
41 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11696361962806312828?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrU56DTy3ky4BJnfsZdMI6CjHPw

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b898e855beda5cb89fe9c28b2d595c78bc9c0817cfbb298b227ddc5c2bec8ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 00:23:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Oct 2020 16:35:08 GMT
server: sffe
age: 176683
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42312
x-xss-protection: 0
expires: Mon, 21 Mar 2022 00:23:04 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 853C 0
0 87ms
86ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYzhME0RZYKiLAdSB7gP_m5aIBY2XjLxh7Pv1uvYNqJPMtt4JEAEgsI3vemDp5MmF2BqgAfCNhOYCyAECqQKUh1aNTkO3PuACAKgDAcgDCKoE3wFP0E3srjGbz0-k5MqHguOb8D9JaaDzbVtz84y5fXdLZqAWZntvWytRqdH9bNE1yeNGHuf4RzeXNVKWfW9Av0hmqScwni-K8Bz21N-6jxoa985MlNaPeVbnGYFrfk-WIgfIT3N1apEvoloPM8bhuhq5lA56D9XcIF_WSEInQUwGYGetRWyvPQQf4Z1tf00OQqOlwAkMLpQcT4RVg9Wzx3u41pzdO9BewygBHWaVK76TzbGXZ-eUrF3Ic0zZIMRErdzdEXJXz8uOMnVYDMfzLX5W92t1v6vwPCZl3DMzd9r0wATf5ZbHuAPgBAGSBQQIBBgBkgUECAUYBKAGAoAH-PH7mQGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQiW_SCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg2MDY2MTMyNzc2ODQ4OTaACgPICwHYEwyyFxoKGAgAEhRwdWItODM3MTc0OTI2NzE5MTcyOQ&sigh=JRQp-y419ko&tpd=AGWhJmvNZ8Hdhsy4AnknFPjUbQnlxJBtRAGo68zy-exMnb9U0w
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 023C 42 B
479 B 88ms
72ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstc1E5fwPo8-dZMoWbzwaSR-TqJaW-q_kZknNxNg15LZeTv25kIN5Ksx47sh8fP3AgRPV-yhUjjzxna8Xg-zxBBVvy-UHtAz7B8vACmMSQ&sig=Cg0ArKJSzNPZMz482wmaEAE&id=osdim&mcvt=1128&p=621,1075,1221,1375&mtos=0,1128,1128,1128,1128&tos=0,1128,0,0,0&v=20210319&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=3&adk=228286965&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 412ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=www.storm.mg&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=1&apppkg=&fv=3&proto=https&pid=5e60bfad28a0610ba100c7c4&cid=5e60c75028a06115d47ebd9b&e=inventory&vi=0&cb=1616462867585
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-Q050 200 %E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 10 KB
3 KB 33ms
20ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da95c0c9d09839aaaff02edc4753f2b902b69a3bdc95db3131ffc8feec1c8d17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 3008
date: Mon, 22 Mar 2021 15:09:54 GMT
expires: Tue, 23 Mar 2021 15:09:54 GMT
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 37073
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA87 0
27 B 85ms
85ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCXZYmkt2AwodXEJYwHNjL2GLv4EsTUf93PmV6l0zI0BqkNvg7pvb1Gzkc8G5s0ovH8OOAS7o6Z8I_IRcrFFj9OE0U2du45o0WptqEXDRu-7VvAzkNULGvkqHUysmYTgcxrhNnNI65t-5kGQ6eSbH601XOcX6Stw9ce-JXtPaFyt4hCKr9s20wtQ3D4ZjJ2kQ2noVWXkau57EoH988bcrloZvHIs6-rhQazlrTQxChGyiBEgXwg-s13zamBGhGmloDRkqeCRSjrSdyCQKBeqzE8TWTO5Do1D9pW52e34LmBA2iXwT3vMrh&sig=Cg0ArKJSzDoYcQpeC1I0EAE&urlfix=1&adurl=

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 i
track.storm.mg/storm/ Frame B690 1 KB
1 KB 308ms
308ms Image
image/gif 54.150.150.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.storm.mg/storm/i?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
Requested by: Host: track.storm.mg
URL: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.150.150.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-150-150-172.ap-northeast-1.compute.amazonaws.com
Software: / Express
Resource Hash: df4e4a1ced817cdf2b03316c0c3d3ae51bd50c25fd97fdb576bb88a89c55cd10

Request headers

Referer: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hi3poqjlgrPlqpIiLCJwYWdlVVJMIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwiY29va2llIjoiX19hc2M9MmE2M2YxZTcxNzg1Y2IxZTEzZjhmZjI2NGY4OyBfX2F1Yz0yYTYzZjFlNzE3ODVjYjFlMTNmOGZmMjY0Zjg7IF9fZ2Fkcz1JRD1iZmJjMWIyNjIxODA2Nzg4OlQ9MTYxNjQ2Mjg2NDpTPUFMTklfTVlRWWRfYk00TDFkdC1DdDlycnVJNHNaVnhtQUEiLCJyZWZlcnJlciI6IiIsImNvb2tpZUlkIjoiMTYxNjQ2Mjg2MzQxNTkwMSIsIm1lbWJlcklkIjpudWxsfQ==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-type: image/gif
x-powered-by: Express
etag: W/"44d-Ar25dwNve0lQPcl2jzuhbJ/fiEA"
content-length: 1101
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 7672 95 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43370
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:24:57 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame 7672 228 KB
82 KB 57ms
57ms Script
application/javascript 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Mar 2021 07:10:35 GMT
server: nginx/1.12.1
age: 0
etag: W/"604870eb-38e7e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=21600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Z3GTY9hJY5QXrQI9wklnOh77TFlJCifChXYwO0bfRf8yNofgbH3MHg==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Tue, 23 Mar 2021 07:26:15 GMT

GET
DATA 200
OK truncated
/ 480 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 709 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03b57ed1f944d098554c9de5c7ee93e167e0564d4a3b74233b53939ccc58d99d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 331 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 740 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 384 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 782 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 395 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 577 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/1/ 41 KB
5 KB 615ms
332ms XHR
application/json 52.206.107.130
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/1/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&AV_CHANNELID=5e60c75028a06115d47ebd9b&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=1&pce=1&npx=1&AV_DNT=0&AV_DETDOMAIN=www.storm.mg&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=867585&AV_WIDTH=640&AV_HEIGHT=360&cb=1616462867703
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.107.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-107-130.compute-1.amazonaws.com
Software: /
Resource Hash: f86fe0b4219ad84a269f08c28b8424ab0c8965cae0b5ed4cf0b50f56698a4529

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache
access-control-allow-credentials: true
expires: Thu, 11 Mar 2021 11:41:08 GMT

GET
DATA 200
OK truncated
/ 581 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ Frame 2475 89 B
515 B 545ms
136ms Script
application/javascript 52.206.105.201
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1616462867731&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3LnN0b3JtLm1nX0RGUCIsInVybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsImxvZ2lkIjoiNWUyNzI0YjYtYzIwNy00NTQ4LTk3MTgtMGUwMDEwYjJlOWY2IiwidWlkIjoiN2U3NzExMjU0ZjY1MjJlMDNhOTE2MTY0NTkyNjU1OTIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMzNngyODAiLCJ0ZF90aXRsZSI6IumiqOiple%2B8muaOiea8hu%2B8jOWIpeWGjeaDs%2BWci%2BWutumaiuS6hiIsInRkX3VybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cuc3Rvcm0ubWciLCJ0ZF9wYXRoIjoiL2FydGljbGUvMzU1MzA3NiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiZGMyM2YwZDAtZjFiOC00YzUxLWE2M2UtZDM5NDJmNGNiOWUwIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IumiqOiplSIsImFidGVzdCI6IjR4MV8ybGluZSIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-206-105-201.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Tue, 23 Mar 2021 01:27:48 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ Frame 2475 66 B
303 B 937ms
313ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjEwLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3LnN0b3JtLm1nX0RGUCIsInVybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsImxvZ2lkIjoiNWUyNzI0YjYtYzIwNy00NTQ4LTk3MTgtMGUwMDEwYjJlOWY2IiwidWlkIjoiN2U3NzExMjU0ZjY1MjJlMDNhOTE2MTY0NTkyNjU1OTIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMzNngyODAiLCJ0ZF90aXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hiIsInRkX3VybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cuc3Rvcm0ubWciLCJ0ZF9wYXRoIjoiL2FydGljbGUvMzU1MzA3NiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi6aKo6KmVIiwiYWJ0ZXN0IjoiNHgxXzJsaW5lIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1616462867733
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ Frame 2475 35 B
264 B 1203ms
297ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&uid=7e7711254f6522e03a91616459265592&type=pc_pv&nid=pc&media=www.storm.mg_DFP&r5=ca_%E9%A2%A8%E8%A9%95|ab_4x1_2line&t=1616462867733&tz=tw
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Last-Modified: Wed, 04 Sep 2019 04:26:19 GMT
Server: nginx
ETag: "5d6f3ceb-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ Frame 2475 66 B
303 B 1190ms
293ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3LnN0b3JtLm1nX0RGUCIsInVybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsImxvZ2lkIjoiNWUyNzI0YjYtYzIwNy00NTQ4LTk3MTgtMGUwMDEwYjJlOWY2IiwidWlkIjoiN2U3NzExMjU0ZjY1MjJlMDNhOTE2MTY0NTkyNjU1OTIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMzNngyODAiLCJ0ZF90aXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hiIsInRkX3VybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cuc3Rvcm0ubWciLCJ0ZF9wYXRoIjoiL2FydGljbGUvMzU1MzA3NiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi6aKo6KmVIiwiYWJ0ZXN0IjoiNHgxXzJsaW5lIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1616462867733
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ Frame 2475 0
101 B 1005ms
335ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMzNngyODAiLCJ0ZF90aXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hiIsInRkX3VybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cuc3Rvcm0ubWciLCJ0ZF9wYXRoIjoiL2FydGljbGUvMzU1MzA3NiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIxOTQuOTkuMTA1Ljk5IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJkaXNoX2NvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwia2V5Ijoia2V5MTYxNjQ2Mjg2NTU5NCIsIm5vdyI6MTYxNjQ2Mjg2NzczMywiY2xpZW50X2lkIjoiZGMyM2YwZDAtZjFiOC00YzUxLWE2M2UtZDM5NDJmNGNiOWUwIiwidXJsIjoiaHR0cHM6Ly93d3cuc3Rvcm0ubWcvYXJ0aWNsZS8zNTUzMDc2IiwidWlkIjoiN2U3NzExMjU0ZjY1MjJlMDNhOTE2MTY0NTkyNjU1OTIiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Ind3dy5zdG9ybS5tZ19ERlAiLCJkaXNoX2NhdGVnb3J5Ijoi6aKo6KmVIiwiZGlzaF9kb21haW4iOiJ3d3cuc3Rvcm0ubWciLCJ2X2Rpc2hfbGFiZWxzIjoi57SZ566xLOe8uuiyqCzlj6Pnvaks54ax6ZaA6Kmx6aGMLOeUn+WRveWuieWFqCzmraPnlbbmgKcs5pS/5bqcLOalreiAhSznibnlpKflnoss55+t5pmC6ZaTLOWdpueZveiqqizlt6Xmpa3lsYAs57aT5r+f6YOoLOS4reWwj+WeiyzkuIrljYrlubQs55ar5oOFLOS4jeaHiSzogIPmha4s5bu66K2wLOS4iua8sizlg7nmoLws5qmf5ZmoLOaOp+WItizntYTnuZQs6LaF6YGOLOWkp+WeiyznnIvnnIss55+l6YGTLOekvuacgyzmiJDnq4ss5LiN6IO9LOWci+WutizkuI3lj68s5aKe5YqgLOi/keaXpSzoqqrms5Us54uA5rOBLOW4uOeUqCzomZXmlrws6aCQ5LywLOW9semfvyzlh7rpnaIs55m855SfLOeQhueUsSzphY3nlKgs5ouJ6ZW3LOaQrOWutizmiYvmjows5bCH5L6GLOS4u+aEjyzlhazmnIMs57ST6KejLOS4jeipsizku7/mlYgs5pSv5oyBLOeUoumHjyzorbDmoYgs6Zec5YiHLOetieWQjCzlh7rnj74s5ZWP6aGMLOaZgumWkyzlr6blnKgs5Lqk6LKoLOmhnuavlCzkurrlipss6YqA6KGMLOaKleWFpSzoirHpjKIs5LiN5YiwIiwidl9kaXNoX3RsYWJlbHMiOiLlnIvlrrbpmooiLCJsb2dpZCI6IjVlMjcyNGI2LWMyMDctNDU0OC05NzE4LTBlMDAxMGIyZTlmNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJ3d3cuc3Rvcm0ubWciLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK s.gif
r.popin.cc/ Frame 2475 35 B
264 B 1217ms
305ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&uid=&type=pc_channel_pv&nid=pc&media=www.storm.mg_DFP&r5=ca_%E9%A2%A8%E8%A9%95|ab_4x1_2line|ch_4x1_2line-pc&t=1616462867738&tz=tw
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ Frame 2475 66 B
303 B 1210ms
298ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiI0eDFfMmxpbmUtcGMiLCJleHBlY3RlZF9hZCI6NCwicmVuZGVyZWRfYWQiOjQsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoid3d3LnN0b3JtLm1nX0RGUCIsInVybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsImxvZ2lkIjoiNWUyNzI0YjYtYzIwNy00NTQ4LTk3MTgtMGUwMDEwYjJlOWY2IiwidWlkIjoiN2U3NzExMjU0ZjY1MjJlMDNhOTE2MTY0NTkyNjU1OTIiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMzNngyODAiLCJ0ZF90aXRsZSI6IumiqOiple+8muaOiea8hu+8jOWIpeWGjeaDs+Wci+WutumaiuS6hiIsInRkX3VybCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2FydGljbGUvMzU1MzA3NiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJ3d3cuc3Rvcm0ubWciLCJ0ZF9wYXRoIjoiL2FydGljbGUvMzU1MzA3NiIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijg5LjAuNDM4OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJkYzIzZjBkMC1mMWI4LTRjNTEtYTYzZS1kMzk0MmY0Y2I5ZTAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi6aKo6KmVIiwiYWJ0ZXN0IjoiNHgxXzJsaW5lIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1616462867738
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK log.gif
r.popin.cc/ Frame 2475 35 B
264 B 1182ms
294ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=7e7711254f6522e03a91616459265592&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&t=1616462867738
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:49 GMT
Last-Modified: Tue, 10 Sep 2019 07:46:01 GMT
Server: nginx
ETag: "5d7754b9-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 logo.png
api.popin.cc/images/ Frame 2475 2 KB
2 KB 51ms
50ms Image
image/png 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
last-modified: Tue, 02 Apr 2019 12:00:56 GMT
server: ECS (amb/6B9D)
age: 519184
etag: "b10c5c3579ba2dba39fd2804188dc3f1"
x-cache: HIT
content-type: image/png
x-amz-request-id: 2FQCDD4278ARFHWV
x-amz-version-id: null
accept-ranges: bytes
content-length: 2316
x-amz-id-2: T67ttYJdwpcZINFdwJIiL7orqgx8bdb1NfKJE+oPgbDVhbx+w/iOK7Mtvo4fKBX6q4qgDaoUMvc=

GET
H3-Q050 200 container.html Show response
3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame CFC0 6 KB
3 KB 54ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Tue, 23 Mar 2021 01:27:47 GMT
expires: Wed, 23 Mar 2022 01:27:47 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3D30 73 KB
28 KB 56ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H2 206 82_Economics.mp4
cdn.viewdeos.com/videos/publishers/storm/live/ 192 KB
0 193ms
75ms Media
video/mp4 185.59.220.198
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.viewdeos.com/videos/publishers/storm/live/82_Economics.mp4
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-185-59-220-198.datapacket.com
Software: BunnyCDN-DE1-723 /
Resource Hash

Request headers

Referer: https://www.storm.mg/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
last-modified: Mon, 13 Jul 2020 07:31:46 GMT
server: BunnyCDN-DE1-723
cdn-storageserver: DE-51
cdn-edgestorageid: 601
content-type: video/mp4
Content-Range: bytes 0-2672835/2672836
cdn-uid: a2791f1d-070e-4cd3-b198-d0c26d1dc5f1
cache-control: public, max-age=2592000
cdn-pullzone: 93433
cdn-cachedat: 2020-09-17 17:19:06
cdn-requestid: d3f6c648ded4b851db2f4762a1bda035
cdn-requestcountrycode: PL
cdn-cache: HIT
Content-Length: 2672836

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame EBF9 4 KB
2 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 4B03 830 B
807 B 58ms
57ms Stylesheet
text/css 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: FKCW1W7P3ZBGEMBT
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Date: Tue, 23 Mar 2021 01:27:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: nAptNfmsBzyz5rX2vjvxsw/OSAPVYtqzKEea9rJXhgab/paid0NVzY3FQWXiooUNa9Jx8EqeMzI=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame 4B03 72 KB
10 KB 120ms
61ms Stylesheet
text/css 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?202102281237
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 06a82e7390460586a6a8c8f1693df3ffdf641d15b03c7e1793a370237c66e7d4

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9GiwIBJFv8LJBmMh.ymRmUDfuyh6y7Lt
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 161EB90DDC1A5E31
ETag: "4198336b465c38a4bd23da779d301e20"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 23 Mar 2021 01:27:47 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9958
x-amz-id-2: iv7JE9J6pP+izR1MgTyPE01xqD5O45bhDtiJqYWO/mH41vl21XUbgkz3apzBLAW2uWdE0MXbM+E=

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame 4B03 83 B
611 B 168ms
56ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 4B03 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43370
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:24:57 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 4B03 54 KB
17 KB 191ms
87ms Script
application/javascript 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?202101191623
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 61c9090ddc45ead2e35e781336f1c40348ecb0020c24afccac9d0a0ba7bd40af

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1I9UASMV2fx4AGhRVohE.0MDlV9ZiZqi
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 07:50:27 GMT
Server: Apache
x-amz-request-id: 914BQH8FRVV47S01
ETag: "d7f813641bdd30290594f0d636404f1d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16774
x-amz-id-2: TkF5f/TVTIu4JsRMl2aPqdhah6xUbxTXH9ZRWWchD1Qpd90bl38KwZjWmYb878+ZB6UmU/NXx2s=

GET
H3-Q050 200 css2
fonts.googleapis.com/ Frame 4B03 117 KB
33 KB 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 00:37:10 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:47 GMT

GET
H2 200 hqdefault.jpg
i1.ytimg.com/vi/nhjbmRQVmrw/ Frame EBF9 46 KB
46 KB 39ms
15ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/nhjbmRQVmrw/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea556e4bd9e34f1a4eac0d4fb439a13ebe61ea9dd1a95f4d33bba61f2ceaa8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:47 GMT
x-content-type-options: nosniff
server: sffe
etag: "1616394352"
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47032
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:32:47 GMT

GET
H3-Q050 204 generate_204
www.youtube.com/ Frame EBF9 0
36 B 6ms
5ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?IJ2pAg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CC3C 0
0 87ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszYNckPwv-luu7izYbkbNDLaZ9pNHI5a4ZWeu-J5pD1vZJ9mGSiqdYqVNs3wkfaJvxUMiM3Dygy1zar060d2vu_nuYhNZHEVN-l7b6xIgbj0PYieWI5bSxb3EJ-1D3LTssZK-yB78Km0UJd9KVcf9cL5fIX8MBYyhpBoI4O0cKRHygS4x2ehgPkgw-LLZ3D6oIVPQWnz4vYazkfSQhbTdlAA6smFxSL3ctzhm3eNPorBfz1LxhK60JNaTummAo7nKc-TrbXWEbVEUBbg1pPTjZ2xiNVDnag4SIOJy4BoyB-0HiFtyOiTL_OVgM&sig=Cg0ArKJSzGNoHLRDERJFEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CC3C 8 KB
7 KB 17ms
16ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4fb7214dd83ac5d36eee5c9c99e56be0268d41d4123c399ac43fa1f92aecd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6549
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 492C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 65A9 0
0 84ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXcLoXKvmSN5flgW6Yw_-sgKq3MCTJhPYlxQVb_VdXMAONRXMJ00OiZ4LXWL75CuMPCCEZ_gvh6fGLNWJen1_GwBSOln_GgHkETZC05Sq4E6kmi4StU6E4pWUmJBTYDH_drrEmlRwUg1IeSe7f90cP4JmlYNcO_qO0sg-0ezXLVKthWhNF5nLt0wbsxbtHysu3i7_cDf_VFEoolxPfCsmqVtB7Wk_NErDO8Xslky-yZjUrDigvuqmoYhdXyGduhBZ_2NZIciRuYW-rCOG5vga-kU2qs65OGKb3H7INAW-87c1YJIOn__6b1kGd0g&sig=Cg0ArKJSzLasbaqi2iuHEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 9329 830 B
807 B 55ms
54ms Stylesheet
text/css 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: FKCW1W7P3ZBGEMBT
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: nAptNfmsBzyz5rX2vjvxsw/OSAPVYtqzKEea9rJXhgab/paid0NVzY3FQWXiooUNa9Jx8EqeMzI=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame 9329 72 KB
10 KB 60ms
59ms Stylesheet
text/css 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?202102281237
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 06a82e7390460586a6a8c8f1693df3ffdf641d15b03c7e1793a370237c66e7d4

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9GiwIBJFv8LJBmMh.ymRmUDfuyh6y7Lt
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 161EB90DDC1A5E31
ETag: "4198336b465c38a4bd23da779d301e20"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9958
x-amz-id-2: iv7JE9J6pP+izR1MgTyPE01xqD5O45bhDtiJqYWO/mH41vl21XUbgkz3apzBLAW2uWdE0MXbM+E=

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9329 117 KB
33 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 00:56:26 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9329 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43371
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:24:57 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame 9329 54 KB
17 KB 65ms
64ms Script
application/javascript 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?202101191623
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 61c9090ddc45ead2e35e781336f1c40348ecb0020c24afccac9d0a0ba7bd40af

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1I9UASMV2fx4AGhRVohE.0MDlV9ZiZqi
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 07:50:27 GMT
Server: Apache
x-amz-request-id: 914BQH8FRVV47S01
ETag: "d7f813641bdd30290594f0d636404f1d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16774
x-amz-id-2: TkF5f/TVTIu4JsRMl2aPqdhah6xUbxTXH9ZRWWchD1Qpd90bl38KwZjWmYb878+ZB6UmU/NXx2s=

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8175 0
0 84ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYmvXbVQ4VGbZH8Ih-QjAX3l_YWdH12f6zyZEbFj_Jp_ATv6izna90DLWG0P2IOwBRLfR2tZU6SFQJsVUgDo50gp_74V9c_r_Zl9TdUPvoc5xlnQxI1HOuxDSazIuGxvt6Xexl_88_oltGhTFh3IWIbYzVEgtYph21KLSqH4uozRoCH0OcQaOvo-OrujbPsiI41ckvtQXro84gBM6XYzQQ4knuZHjRjWntxBitPJFUrR46clRPCB_i5kjR0b54zjtXeHunx2o9Yosy3xy7_eQAK1B0CoSQvMfZQEXlGO6MJVJ3HyR2phkfj-sD&sig=Cg0ArKJSzKt1z-nlqsAFEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8175 8 KB
6 KB 18ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5468351c8c8e3383fc534a18b52f7d6a00f675928adc712f447c206f60a685b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6506
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 853C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

16ms
15ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 7062518980815257226
tpc.googlesyndication.com/simgad/ Frame 492C 21 KB
21 KB 8ms
6ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7062518980815257226?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnWzTKGz3sICTjS-d9V2z9CLAzONA

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bed0c39164661e57ee6e1a9b124b490fbe89f9edc6159f73c47a2472ade8287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:18:49 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 10:38:00 GMT
server: sffe
age: 25739
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21482
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:18:49 GMT

GET
H3-Q050 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 492C 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:07:17 GMT
x-content-type-options: nosniff
server: cafe
age: 58831
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:07:17 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 492C 344 B
374 B 12ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58946
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:05:22 GMT

GET
H3-Q050 200 11696361962806312828
tpc.googlesyndication.com/simgad/ Frame 853C 41 KB
41 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11696361962806312828?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmSrU56DTy3ky4BJnfsZdMI6CjHPw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b898e855beda5cb89fe9c28b2d595c78bc9c0817cfbb298b227ddc5c2bec8ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 00:23:04 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Oct 2020 16:35:08 GMT
server: sffe
age: 176684
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42312
x-xss-protection: 0
expires: Mon, 21 Mar 2022 00:23:04 GMT

GET
H3-Q050 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 853C 3 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:07:17 GMT
x-content-type-options: nosniff
server: cafe
age: 58831
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:07:17 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 853C 344 B
369 B 12ms
11ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 09:05:22 GMT
x-content-type-options: nosniff
server: cafe
age: 58946
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:05:22 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 79ms
19ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1448
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 3B9A 108 B
489 B 57ms
57ms XHR
application/json 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 13cba20f9221b946e3c5e2265a4b6668213e20d621be12a944c92d24417c98da

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 01:24:34 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 19:15:05 GMT
server: nginx/1.12.1
age: 201
etag: "6058ecb9-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: b0QdtCx1w6w0yKoFlouBkypb2M_nQDwtUgwmyxOhtWBEBKt0Hvwj7w==
expires: Tue, 23 Mar 2021 04:24:27 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3B9A
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=X6VhMXxiR3I0SFlCNWVKazdlUGhmN1QzS2JPNDRoVE1tODdGNUxDMkdDM20xbzJ5V251OTNSZG5uUmkrYXk2TmN3c3A1VjhXV2NialJWYkVJZXRSQmZZTnhJYm9RSUw4bzNScU9kSHZjeUk0TUdnWlk2ekV4ZmN5VVhDTW...

342 B
627 B

197ms
67ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=X6VhMXxiR3I0SFlCNWVKazdlUGhmN1QzS2JPNDRoVE1tODdGNUxDMkdDM20xbzJ5V251OTNSZG5uUmkrYXk2TmN3c3A1VjhXV2NialJWYkVJZXRSQmZZTnhJYm9RSUw4bzNScU9kSHZjeUk0TUdnWlk2ekV4ZmN5VVhDTWR2ZlJ5ZEpmSlJRdFRtU0s0M01ndW8vNDY5MkRvRE1XWWdGcVNVYURQVWc2b0tzYk9sb1JkOVZsOFYrZ3dXQk41bXR5azQ2R1hnZFZCS3duSHVIcHpkQUpyUW9RbFQ5UEFka1lIdHdsNy9Vd1d6QXQ1RHJjPXw&cppv=2

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e40c90ca9666deae58c03b5ca7c21733d3d1b24a2821e21e6a32a7cf38e5fac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 23 Mar 2021 01:27:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3763
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 23 Mar 2021 01:27:47 GMT
location: https://mug.criteo.com/sid?cpp=X6VhMXxiR3I0SFlCNWVKazdlUGhmN1QzS2JPNDRoVE1tODdGNUxDMkdDM20xbzJ5V251OTNSZG5uUmkrYXk2TmN3c3A1VjhXV2NialJWYkVJZXRSQmZZTnhJYm9RSUw4bzNScU9kSHZjeUk0TUdnWlk2ekV4ZmN5VVhDTWR2ZlJ5ZEpmSlJRdFRtU0s0M01ndW8vNDY5MkRvRE1XWWdGcVNVYURQVWc2b0tzYk9sb1JkOVZsOFYrZ3dXQk41bXR5azQ2R1hnZFZCS3duSHVIcHpkQUpyUW9RbFQ5UEFka1lIdHdsNy9Vd1d6QXQ1RHJjPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1748
content-length: 482
expires: 0

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 3B9A 3 KB
1 KB 1068ms
415ms XHR
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1616462867870&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 63fb017b3d2b4304a5d509d13f1ced991419b38a7445884ce0e60241668a3aed

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:49 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 3B9A 0
0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3B9A 0
176 B 588ms
197ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3B9A 0
144 B 192ms
64ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=74790190081
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:47 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 3B9A 0
323 B 632ms
205ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-62723BAEE27B738E1228B894272B3EB&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=1d0e0df3-536d-4cba-bd7c-1c59071a883c&w=336&h=280
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Tue, 23 Mar 2021 01:27:48 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3B9A 240 B
2 KB 274ms
93ms XHR
application/json 213.19.162.31
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=16&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=a0abf8c6-6142-4f06-a5ce-0d28b7e36890&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7647653692470027
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 1f42e74f5c5a5df9e1bfd1251da805b7e6a4cd21f27fd3566ca70f3e2d904a52

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST prebid.aspx
prebid.scupio.com/recweb/ Frame 3B9A 0
0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CC3C 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H3-Q050 200 gwdpage_style.css
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 55 B
140 B 11ms
6ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
age: 59610
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdpagedeck_style.css
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 731 B
264 B 11ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdgooglead_style.css
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 24 B
74 B 16ms
11ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 01:13:47 GMT
server: sffe
age: 59610
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24
x-xss-protection: 0
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdimage_style.css
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 281 B
188 B 16ms
12ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdvideo_style.css
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 388 B
209 B 11ms
7ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdvideo_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdtaparea_style.css
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 157 B
144 B 16ms
12ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdtaparea_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 21 KB
6 KB 19ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6266
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 googbase_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 400 B
305 B 18ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 275
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdpage_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 3 KB
1 KB 17ms
12ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdpagedeck_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 8 KB
3 KB 16ms
12ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3125
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame F2D8 128 KB
43 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e85dd3fbfd058e5a132a056f129863c9a25086b8104f41889b4ba18219831d66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:19:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 526
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44337
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 01:22:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:34:02 GMT

GET
H3-Q050 200 gwdgooglead_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 13 KB
4 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4408
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwd-events-support.1.0.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 2 KB
717 B 18ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwd-events-support.1.0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 687
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdimage_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 5 KB
2 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2001
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdvideo_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 9 KB
3 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdvideo_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f94ab680d6a6d6a9f2793b8ad326a91399e93b1da660dec1656bd3ea96716319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3118
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

GET
H3-Q050 200 gwdtaparea_min.js Show response
s0.2mdn.net/dfp/354556/4906259910/1616030027317/ Frame F2D8 4 KB
2 KB 20ms
16ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/gwdtaparea_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59610
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1814
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 01:13:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 23 Mar 2021 08:54:18 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 22ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1402
date: Tue, 23 Mar 2021 01:27:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame F3C4 108 B
488 B 69ms
55ms XHR
application/json 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 13cba20f9221b946e3c5e2265a4b6668213e20d621be12a944c92d24417c98da

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 01:24:34 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 19:15:05 GMT
server: nginx/1.12.1
age: 201
etag: "6058ecb9-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: T0ADnj-jIND-skevDHobd3IE2bn4O7cF6Oa2Hoxk9hiqn5fKGZ9s9w==
expires: Tue, 23 Mar 2021 04:24:27 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F3C4
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=loNHe3w4WUhBS1VTY2t1UkloWXp3SFpxbkRHRHZnQmVKL3F4dk9yd1g3ajRycXdYS2ZuTVU0bS9lRklOQkQvaEZYNEFHdlpoZTV3Rlk1T09MRW1IWFBlWjRndGZ0UWl0bmx0ZzNuRXJjUFJPN2RRa2lrandrZ1FVTVR5S3...

355 B
634 B

196ms
66ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=loNHe3w4WUhBS1VTY2t1UkloWXp3SFpxbkRHRHZnQmVKL3F4dk9yd1g3ajRycXdYS2ZuTVU0bS9lRklOQkQvaEZYNEFHdlpoZTV3Rlk1T09MRW1IWFBlWjRndGZ0UWl0bmx0ZzNuRXJjUFJPN2RRa2lrandrZ1FVTVR5S3VYZmlpcVhKeFVmZFdySUYxSUcvN3IxL1lkT2d1dXU1aUFqMnJxZk83dXFoS3FNejFWL3RENVFwV09mdjdzaUlOY05pWHhrZTVUTnRFUHBib1ZybXdDdUNwWmhPMHRsWGl2RmhvUFdnM015MEhtRWlzRkxjPXw&cppv=2

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

dd77e1ddf80fb6d4be22be84c88555cc22612ce02def8b82bf94b87f605fdba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 23 Mar 2021 01:27:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2293
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 23 Mar 2021 01:27:48 GMT
location: https://mug.criteo.com/sid?cpp=loNHe3w4WUhBS1VTY2t1UkloWXp3SFpxbkRHRHZnQmVKL3F4dk9yd1g3ajRycXdYS2ZuTVU0bS9lRklOQkQvaEZYNEFHdlpoZTV3Rlk1T09MRW1IWFBlWjRndGZ0UWl0bmx0ZzNuRXJjUFJPN2RRa2lrandrZ1FVTVR5S3VYZmlpcVhKeFVmZFdySUYxSUcvN3IxL1lkT2d1dXU1aUFqMnJxZk83dXFoS3FNejFWL3RENVFwV09mdjdzaUlOY05pWHhrZTVUTnRFUHBib1ZybXdDdUNwWmhPMHRsWGl2RmhvUFdnM015MEhtRWlzRkxjPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1593
content-length: 482
expires: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame F3C4 0
323 B 630ms
200ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7E923BDBB9ADAD177EAB449A48EA7B&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=efae251c-73f5-4953-a149-eb9ab93b0e1d&w=160&h=600
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Tue, 23 Mar 2021 01:27:48 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST prebid.aspx
prebid.scupio.com/recweb/ Frame F3C4 0
0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame F3C4 0
176 B 533ms
203ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame F3C4 239 B
2 KB 235ms
66ms XHR
application/json 213.19.162.31
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=9&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg%2F&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=21e33ecc-fd90-463c-ba3a-e9826e03ad12&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.7419799879036455
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f8039a306f8d0b637a4e84a6ac01087f8ecd0e86193b0007d0e1abb495d85021

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame F3C4 3 KB
1 KB 929ms
339ms XHR
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1616462867890&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d1fb043900349bdce92c43c72b32fde51f85ef8f8d6b2f9fb5e49c5a1737c68c

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:49 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F3C4 0
144 B 132ms
65ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=57965683502
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:48 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame F8AC 830 B
807 B 58ms
57ms Stylesheet
text/css 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding: gzip
Last-Modified: Tue, 05 Jan 2021 04:12:45 GMT
Server: Apache
x-amz-request-id: FKCW1W7P3ZBGEMBT
ETag: "7570769c6f4af63877b73ce88e833efe"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: nAptNfmsBzyz5rX2vjvxsw/OSAPVYtqzKEea9rJXhgab/paid0NVzY3FQWXiooUNa9Jx8EqeMzI=

GET
H/1.1 200
OK widget.min.css
static.dable.io/dist/ Frame F8AC 72 KB
10 KB 63ms
62ms Stylesheet
text/css 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.css?202102281237
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 06a82e7390460586a6a8c8f1693df3ffdf641d15b03c7e1793a370237c66e7d4

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9GiwIBJFv8LJBmMh.ymRmUDfuyh6y7Lt
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 161EB90DDC1A5E31
ETag: "4198336b465c38a4bd23da779d301e20"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9958
x-amz-id-2: iv7JE9J6pP+izR1MgTyPE01xqD5O45bhDtiJqYWO/mH41vl21XUbgkz3apzBLAW2uWdE0MXbM+E=

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame F8AC 117 KB
33 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 23 Mar 2021 00:56:21 GMT
server: ESF
date: Tue, 23 Mar 2021 01:27:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H/1.1 200
OK f6f6f6.png
static.dable.io/static/i/ Frame F8AC 83 B
611 B 53ms
53ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.dable.io/static/i/f6f6f6.png
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding: gzip
Last-Modified: Tue, 02 Mar 2021 06:35:50 GMT
Server: Apache
x-amz-request-id: 448BD5D7E9F8B243
ETag: "c684e92ff40cdf977c18be6a031e6e54"
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: public, max-age=864000
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96
x-amz-id-2: UflmDDoCoj5+6HP9Nzvdn7T7+jkvam8rZmOI0/rJ6bgdNGN4QRZR6EdzVPF+L1YB6r9V9QrLNCU=

GET
H3-Q050 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame F8AC 95 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:24:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43371
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:24:57 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame F8AC 54 KB
17 KB 87ms
86ms Script
application/javascript 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?202101191623
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 61c9090ddc45ead2e35e781336f1c40348ecb0020c24afccac9d0a0ba7bd40af

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 1I9UASMV2fx4AGhRVohE.0MDlV9ZiZqi
Content-Encoding: gzip
Last-Modified: Wed, 10 Mar 2021 07:50:27 GMT
Server: Apache
x-amz-request-id: 914BQH8FRVV47S01
ETag: "d7f813641bdd30290594f0d636404f1d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Date: Tue, 23 Mar 2021 01:27:48 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16774
x-amz-id-2: TkF5f/TVTIu4JsRMl2aPqdhah6xUbxTXH9ZRWWchD1Qpd90bl38KwZjWmYb878+ZB6UmU/NXx2s=

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8175 17 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 4B03 661 B
1 KB 176ms
59ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202102281237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 52BE244A95119091
Connection: keep-alive
Content-Length: 661
x-amz-id-2: ddzH4x80PczY70htU2NaqE2ktBJe1/NjynlaucpW8YrFqL2pHSqL9WozXhXeF0K4kWOGM3T6G+0=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Tue, 23 Mar 2021 01:27:48 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9EE2 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIXjIe24OmH-xgZL2XSOVLMS5AVGak9YCydQRmgP110LqKG5Q_L3ixxAB5oX7lY0faRimbR7ixrc7WfnPNqM_F1YlBThSjAvvueqVhSHlQNpoK_ydNGH2zMdrkrtKE267N7T2cG_IgoCj1v3sGxuH1b3tkGA3SH6orMNSTTCEKaVDRmF_MRD3iUF5WI_aRm-zn0ZDCyZyqYCPY6ts0DRS-r8mYqzh9TZ1X2ceIUgZAPeA-cjcJQrQDqU9mLsVpNu1OEoEVzWf8cP21cPrOsixcgOrkvTtTVmL4-CSBFEg9GTNk3XJcZIlE9J6_Sg&sig=Cg0ArKJSzCtb7X2QHuQdEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 25 KB
25 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 07:47:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
age: 409239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
expires: Fri, 18 Mar 2022 07:47:09 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 43 KB
43 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 22:33:15 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 528873
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
expires: Wed, 16 Mar 2022 22:33:15 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 46 KB
46 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:02:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
age: 296745
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
expires: Sat, 19 Mar 2022 15:02:03 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 51 KB
51 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:09:59 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 548269
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Wed, 16 Mar 2022 17:09:59 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 52 KB
52 KB 11ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:37:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:08:38 GMT
server: sffe
age: 420597
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52792
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:37:51 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 52 KB
52 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 17:13:49 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:06 GMT
server: sffe
age: 375239
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53144
x-xss-protection: 0
expires: Fri, 18 Mar 2022 17:13:49 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 53 KB
53 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 07:38:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:02 GMT
server: sffe
age: 409749
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54000
x-xss-protection: 0
expires: Fri, 18 Mar 2022 07:38:39 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 51 KB
51 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 08:15:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 321118
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
expires: Sat, 19 Mar 2022 08:15:50 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 52 KB
52 KB 15ms
12ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 10:20:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 313667
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52844
x-xss-protection: 0
expires: Sat, 19 Mar 2022 10:20:01 GMT

GET
H2 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 50 KB
50 KB 24ms
18ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 17:21:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 547563
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50784
x-xss-protection: 0
expires: Wed, 16 Mar 2022 17:21:45 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 57 KB
57 KB 11ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:13:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:14 GMT
server: sffe
age: 454430
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57968
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:13:58 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 47 KB
48 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:43 GMT
server: sffe
age: 366259
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48552
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:29 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 50 KB
50 KB 15ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:12:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 26139
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50856
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:12:09 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 55 KB
55 KB 21ms
16ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:59 GMT
server: sffe
age: 449468
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56272
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:40 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 4B03 52 KB
52 KB 29ms
22ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:23:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 554640
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52836
x-xss-protection: 0
expires: Wed, 16 Mar 2022 15:23:48 GMT

GET
H2 204 services
sync.technoratimedia.com/ Frame AA35 0
0 465ms
146ms Document
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1616462868053-915114750161-022002-010-003685&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D3%26key%3D%5BUSER_ID%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: sync.technoratimedia.com
:scheme: https
:path: /services?srv=cs&pid=70&uid=1616462868053-915114750161-022002-010-003685&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D3%26key%3D%5BUSER_ID%5D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

server: nginx
date: Tue, 23 Mar 2021 01:27:48 GMT
set-cookie: tads_uid=GDPR; Max-Age=157680000; Expires=Sun, 22 Mar 2026 01:27:48 GMT; Path=/; Domain=.technoratimedia.com; Secure; SameSite=None
access-control-allow-origin: https://www.storm.mg/
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 1023102638
age: 0
via: 1.1 varnish

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 5C2A
Redirect Chain

https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D22%26key%3D%7BPUB_USE...
https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D22%26key%3D%7BP...
https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=22&key=12576007-c9f7-426f-95c4-8257ba53c9fc

0
350 B

429ms
134ms

Document
text/plain

52.3.103.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=22&key=12576007-c9f7-426f-95c4-8257ba53c9fc
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.103.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=22&key=12576007-c9f7-426f-95c4-8257ba53c9fc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

date: Tue, 23 Mar 2021 01:27:49 GMT
content-length: 0
set-cookie: aniC=1616462868053-915114750161-022002-010-003685; Path=/; Domain=aniview.com; Expires=Tue, 30 Mar 2021 01:27:49 GMT; Secure; SameSite=None 2_C_22=12576007-c9f7-426f-95c4-8257ba53c9fc; Path=/; Domain=aniview.com; Expires=Tue, 30 Mar 2021 01:27:49 GMT; Secure; SameSite=None 2_C_22=12576007-c9f7-426f-95c4-8257ba53c9fc; Path=/; Expires=Tue, 30 Mar 2021 01:27:49 GMT; Secure; SameSite=None

Redirect headers

date: Tue, 23 Mar 2021 01:27:48 GMT
content-type: text/plain
content-length: 0
location: https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=22&key=12576007-c9f7-426f-95c4-8257ba53c9fc
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 204 sync
pixel.advertising.com/ups/58246/ Frame 4686 0
0 68ms
59ms Document
text/plain 18.197.47.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: pixel.advertising.com
:scheme: https
:path: /ups/58246/sync?&gdpr=1&gdpr_consent=&redir=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame DABD 2 KB
818 B 167ms
54ms Document
text/html 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 , France, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=57e618150c70d90&gdpr=1&gdpr_consent=&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK Cookie set us Show response
sync.go.sonobi.com/ Frame C3E2 0
478 B 230ms
64ms Document
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D60%26key%3D%5BUID%5D

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Content-Type: text/plain; charset=utf8
Content-Length: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YFlEF; path=/; domain=.go.sonobi.com

GET
H/1.1 404
Not Found Cookie set uc.html Show response
sync.go.sonobi.com/ Frame FB4F 555 B
411 B 239ms
57ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.go.sonobi.com/uc.html?pubid=
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: ams-1-sync.go.sonobi.com
Software: sonobi-go /
Resource Hash: 1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3

Request headers

Host: sync.go.sonobi.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Content-Encoding: gzip
Server: sonobi-go
Set-Cookie: HAPLB5S=s57129|YFlEF; path=/; domain=.go.sonobi.com

GET
H/1.1 200
OK user_sync Show response
rtb.gamoshi.io/ Frame 6F04 42 B
321 B 468ms
152ms Document
image/gif 13.58.174.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.gamoshi.io/user_sync?bidder=16245&rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D71%26pid%3D5ef33c8abcf1750da1720e91%26key%3D%5Bgusr%5D
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.58.174.102 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Host: rtb.gamoshi.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
x-gcontroller-pod: gcontroller-stable-77db6bd586-z699w
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
content-encoding: identity

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame 84A8
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1616462868053-915114750161-022002-010-003685%26biddername%3D56%26pid%3D5b59760c073ef46a2e6b8f13%26key%...
https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=725a5d49-8672-4287-b412-46e9a14f39d8

0
350 B

368ms
134ms

Document
text/plain

52.3.103.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=725a5d49-8672-4287-b412-46e9a14f39d8
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.3.103.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: sync.aniview.com
:scheme: https
:path: /cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=725a5d49-8672-4287-b412-46e9a14f39d8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

date: Tue, 23 Mar 2021 01:27:49 GMT
content-length: 0
set-cookie: aniC=1616462868053-915114750161-022002-010-003685; Path=/; Domain=aniview.com; Expires=Tue, 30 Mar 2021 01:27:49 GMT; Secure; SameSite=None 2_C_56=725a5d49-8672-4287-b412-46e9a14f39d8; Path=/; Domain=aniview.com; Expires=Tue, 30 Mar 2021 01:27:49 GMT; Secure; SameSite=None 2_C_56=725a5d49-8672-4287-b412-46e9a14f39d8; Path=/; Expires=Tue, 30 Mar 2021 01:27:49 GMT; Secure; SameSite=None

Redirect headers

set-cookie: viewer_token=725a5d49-8672-4287-b412-46e9a14f39d8; path=/; domain=csync.loopme.me; Expires=Fri, 23-Apr-2021 01:27:48 GMT
location: https://sync.aniview.com/cookiesyncendpoint?auid=1616462868053-915114750161-022002-010-003685&biddername=56&pid=5b59760c073ef46a2e6b8f13&key=725a5d49-8672-4287-b412-46e9a14f39d8
content-length: 0
date: Tue, 23 Mar 2021 01:27:48 GMT
server: _

GET
H/1.1 200
OK 9s574l4Tysi3EN4NTS7vlWONC9u+XmDv051OgZPjfUMxqbVHx5lQLA== Show response
ads.adaptv.advertising.com/a/h/ 249 B
542 B 328ms
79ms XHR
text/xml 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/9s574l4Tysi3EN4NTS7vlWONC9u+XmDv051OgZPjfUMxqbVHx5lQLA==?cb=6462868580&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H/1.1 200
OK 9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD Show response
ads.adaptv.advertising.com/a/h/ 249 B
542 B 328ms
79ms XHR
text/xml 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462868582&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
239 B 60ms
59ms XHR
application/xml 52.59.121.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22250380&w=16&h=9&minduration=1&maxduration=120&player_width=640&player_height=360&referrer=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viewdeos.com,5e60bfad28a0610ba100c7c4,1,,Storm%20Media,!aniview.com,57173f460757bb6c428b465b,1,,Viewdeos,viewdeos.com&us_privacy=1---&GDPR=&cbb=6462868582
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.121.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-121-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:27:48 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 avpb3.js Show response
player.aniview.com/script/6.1/ Frame 34D0 264 KB
84 KB 7ms
6ms Script
application/javascript 2a02:26f0:7100:484::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/avpb3.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:484::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9d57f50fd3260899ab36ce3d61ded63f87dcb0579353baa49e786c93c640cc6c

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UygFrPzuZnFE4kF2Cy0aQtz2Y2z3VPZi2JaM4p8hGRfREKFI_85iyehYDuglGXLShUqlkcy-ULMEPyP8roc8ZrZKqE0UA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 85282
last-modified: Tue, 16 Mar 2021 07:29:55 GMT
server: UploadServer
etag: "59970b9104656633e132e6f6b2d57415"
vary: Accept-Encoding
x-goog-hash: crc32c=ehkP2A==, md5=WZcLkQRlZjPhMub2stV0FQ==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1615879795278687
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 85282
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 23 Mar 2021 01:32:48 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 136ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1616462868586&asid=5e7b1ed1c4933477bd298304%2C5e7b352d1565c6447b6a2628%2C5e7b346a41db963e5530bdd4&ofpr=4.5%2C4.5%2C&fpo=%2C%2C
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&copid=57173f460757bb6c428b465b&nid=59c9148628a0612da3689288&cocid=5e7b1f3a1565c6447b6a2624&ncid=5bc32475073ef4123906ff46&coasid=5be1502628a0614a8f0ee919&e=request&cb=1616462868586&asid=5f14695351648d6526709b45%2C5eef7527d30acd461e47f63d%2C5f0ddff6ad013c77401671f5%2C5f2fa40b5a9282012073f5e7%2C60116da081b49b7ea9147795%2C5e98d0cfcea40216d9470ff5%2C5bf15ba628a06170a83106ca%2C5e7b6f63a0d1ec4dd8042bc6&ofpr=7.5%2C5.5%2C6%2C8.5%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 23ms
23ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1608
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame 7672 108 B
488 B 60ms
59ms XHR
application/json 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 13cba20f9221b946e3c5e2265a4b6668213e20d621be12a944c92d24417c98da

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.54
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 01:24:34 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 19:15:05 GMT
server: nginx/1.12.1
age: 201
etag: "6058ecb9-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: 3D0fxOyCy0i-MU0tBN9AV6pUg1kTI4SlNsKJ2yi-rdhKrdcd0RvrLQ==
expires: Tue, 23 Mar 2021 04:24:27 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7672
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
https://mug.criteo.com/sid?cpp=FF_Rynw3d1R4Tk44Y3JTV2tHZWkvL3BKSThwRC9jdm1GTjhhd1kwZjVCaVg3VUNJOU5vRHE1U2trQ2xCVjhDOFNVQW14NHZJcFpNZG1MQVVRRkxua3NLa2oxcUdJbGtrL1pGakpkaUdBRS8zb2JXL1dOYXZBbm1kOXdNTz...

347 B
632 B

70ms
70ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=FF_Rynw3d1R4Tk44Y3JTV2tHZWkvL3BKSThwRC9jdm1GTjhhd1kwZjVCaVg3VUNJOU5vRHE1U2trQ2xCVjhDOFNVQW14NHZJcFpNZG1MQVVRRkxua3NLa2oxcUdJbGtrL1pGakpkaUdBRS8zb2JXL1dOYXZBbm1kOXdNTzJ1RVFSR1NSSEJ5YjNUekpqdzRxSkorY1owMEhPRklON0p5M01HYmZEbkczZjJqcjNxekhmMG1CWE9IYTFjQUoxaDNVN1VrSno4cVp0cW5jZ0lYL2oxRWpFK3Z6RFhMcGdSWkgyeHkyTnByRzhpUUdkRVk0PXw&cppv=2

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

39e0155bef8ac065b68f5b9ca3fa285eb75548504921e2b61ea5dd6455e1cc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 23 Mar 2021 01:27:49 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4928
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 23 Mar 2021 01:27:47 GMT
location: https://mug.criteo.com/sid?cpp=FF_Rynw3d1R4Tk44Y3JTV2tHZWkvL3BKSThwRC9jdm1GTjhhd1kwZjVCaVg3VUNJOU5vRHE1U2trQ2xCVjhDOFNVQW14NHZJcFpNZG1MQVVRRkxua3NLa2oxcUdJbGtrL1pGakpkaUdBRS8zb2JXL1dOYXZBbm1kOXdNTzJ1RVFSR1NSSEJ5YjNUekpqdzRxSkorY1owMEhPRklON0p5M01HYmZEbkczZjJqcjNxekhmMG1CWE9IYTFjQUoxaDNVN1VrSno4cVp0cW5jZ0lYL2oxRWpFK3Z6RFhMcGdSWkgyeHkyTnByRzhpUUdkRVk0PXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3416
content-length: 482
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7672 240 B
1 KB 67ms
65ms XHR
application/json 213.19.162.31
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=15&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=f9f09eb1-8429-4bf1-86ad-3f3cd57bb840&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8345894904615634
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.31 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: ddd7c2d1c584601519db86d2155181ec9b3ef59677db0372de43e477cfb746c5

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 7672 0
144 B 62ms
61ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=90789720002
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:48 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame 7672 3 KB
1 KB 555ms
348ms XHR
text/html 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1616462868195&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 384a277d27daf55d585ec4a866104412a3a91f8db4493c82ccc37e12f197d7ad

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:49 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 7672 0
323 B 484ms
201ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2BB74E8972A4B931E876EBEE3693A6&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=3086e7dc-69f4-4ad2-bd66-b5dc8c6cb8a3&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Tue, 23 Mar 2021 01:27:49 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 7672 0
176 B 196ms
196ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Tue, 23 Mar 2021 01:27:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 7672 0
27 B 1252ms
645ms XHR
text/html 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.6442698953371364
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 7672 0
0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 234ms
50ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 981
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 231ms
51ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 2142
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 43 KB
43 KB 13ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 01:48:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 344371
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
expires: Sat, 19 Mar 2022 01:48:17 GMT

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 9329 661 B
1 KB 60ms
57ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202102281237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 52BE244A95119091
Connection: keep-alive
Content-Length: 661
x-amz-id-2: ddzH4x80PczY70htU2NaqE2ktBJe1/NjynlaucpW8YrFqL2pHSqL9WozXhXeF0K4kWOGM3T6G+0=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Tue, 23 Mar 2021 01:27:48 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 25 KB
25 KB 72ms
70ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:51:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
age: 430552
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
expires: Fri, 18 Mar 2022 01:51:56 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 46 KB
46 KB 12ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 02:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
age: 255202
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
expires: Sun, 20 Mar 2022 02:34:26 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 51 KB
51 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:42:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 305105
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:42:43 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 52 KB
52 KB 28ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 03:56:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:08:38 GMT
server: sffe
age: 423092
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52792
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:56:16 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 51 KB
51 KB 32ms
30ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:04:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 440582
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:04:46 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 50 KB
50 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:08:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 422382
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50784
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:08:06 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 52 KB
52 KB 39ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:42:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:06 GMT
server: sffe
age: 366295
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53144
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:42:53 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 53 KB
53 KB 40ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:02 GMT
server: sffe
age: 449468
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54000
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:40 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 57 KB
57 KB 41ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:13:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:14 GMT
server: sffe
age: 454430
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57968
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:13:58 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 47 KB
48 KB 43ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:43 GMT
server: sffe
age: 366259
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48552
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:29 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.37.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 38 KB
38 KB 45ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.37.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0313272102ea0987ddb17775ea629abf40554d23727500ff486ba02cf82396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:21:47 GMT
server: sffe
age: 421774
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39184
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:18:14 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 9329 52 KB
52 KB 44ms
12ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 09:32:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 316493
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52844
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:32:55 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B1B1 0
172 B 15ms
14ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLzWGxCE07gCGO69rpwBMAE&v=APEucNVGBgvE1Bz0zpLwQQHvQydrTpT4-1PvQF7oD1LNdAHNcuMwpeBaJAL-USRMVG3XpDhzzv4CWElKtcHrmx5zMKmQle2nEDZSGhj8066GCBILfTngOeyX9hOz41EFnJwOM0hs2xtxmxAtiIIGc-rxykI9lJbWP9WnQc2oB2NmFIxqw_LiYULbjSL7EHYqcc2k6Nby-bLsXdpYSZwyktpiY7Q95_IqLA

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLzWGxCE07gCGO69rpwBMAE&v=APEucNVGBgvE1Bz0zpLwQQHvQydrTpT4-1PvQF7oD1LNdAHNcuMwpeBaJAL-USRMVG3XpDhzzv4CWElKtcHrmx5zMKmQle2nEDZSGhj8066GCBILfTngOeyX9hOz41EFnJwOM0hs2xtxmxAtiIIGc-rxykI9lJbWP9WnQc2oB2NmFIxqw_LiYULbjSL7EHYqcc2k6Nby-bLsXdpYSZwyktpiY7Q95_IqLA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 23 Mar 2021 01:27:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 23-Mar-2021 01:42:48 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 23 Mar 2021 01:27:48 GMT
cache-control: private

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6D25 39 KB
19 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtEf8GKY2REEaLCIQfmd37a0lxWgrg4hNIs06Fwb6fxOGafl4XfrHsyTnzp20FIqwaXLt1vVIRU8ZFe1RoJUH7OHYkfQ39ogirhBXbqwP_jnusJLolQxLF8CmVPNmstqf3moPgREEkDK3AhqOT6zxh8DPW6Q&dbm_d=AKAmf-DFYvG5TbO10L7q59cBMoW5oW22iKcxSzo-nzHsfACnFoZPiCUD_gH6kkD9lih_V_wD-aSkWabzhr21aNrQd82nmUhU5tREpQYDYwS2YTb_z2RCLJtNgQUXwFIBDv_vKM8CVscYfG5zz9MFyIQFQ5Jf9EBWJsDv3JjFMBFv3XjOdWYn8DBjIbbS_ZUhXY-EbXuDeqNJIgANICpYExVeWikGLSYrpzCNHcQS5we1TpqcrJXdqv4UtYyvsAWCOucU3K7038Xwoy0I7wRZsGV4QGotmIwzgKEbNxOUgsyX-u6C-k-58OnjZ9bvHhYjNrZJHdYhOc2XAznya1NzDA3Gax-4PRcRjo-gzc6xZv9Rp-ABBxHuhzlazS0Eu00OAZeHY3rS-MoOlqsgk3bLaylLV-EjJZ7EVbCczcm4csXqVqNbJ4Lv0AgfBjageO0EKFoKVYls5bNzXL7PyuuSpPfY8MhHNYCuHZ-5LJD1AUx5Q8GCPim1VP3N5taIJ44ZGIxTw4f-E047EdB_XS59EZBSRsdd_XiZJH9ToqUN3vO5ZYCGf-aKW1R0M9YdNoq38meRjOVJ4xl0ZVQu6bdkCICM95kPlau6pTNaU8HAzxvnwbEKnX5mKBB8hq0ivkPgZrvKJCSLwREaw8YZc4Lb_7GsRjmzVdeT1Enss2ug4UDaSL0gYw7CV7IZfq1Bs9thG_WvxDlKF87PKwwr6tzVRYA7udvukDbtCjXr9_4ptyXQjrIGQKANj-MhxjGIwSCONnio9tQay-QmWOh5TgsE4Dd1czB0vzCBrUatYULc2L3AVBTYPDJFzx-7dnO9XQXM4YIV80F7VdMsbu0WXonSDvXWguaZY3UY-EB8Q-rEVZbrPmzeX-UbfUhad2SPDIp9XYW0Mp9GAu-OOoZ_oReVfDYlknzfiLWXD3haAQDEJPelBW6YFMccgpRUQ4S6AkbGak65O4Xiq2A3WTktZ_yCvfxBIlRDwsKvsAjhb1HthYirC_-6eoKc5f2l9kg1Sp2tEd1zC4FFZ0Q87-riA_tJvkXNW-aK-Zv3k_0x9JBX6vz8PqlwDjw-p-FP-MnDt7WzmKDO4RDnROqgIHwvsZ1iyTFncKzF1JSfCt2ZR6A2iaXGptvUQoLxU6ErmdZhLPaDPWNnCTxsMuX-xWqFxGXfAbZJAikKnvY_ike2lZwT6H-p8QcaLQjHCuS8YtHsdXf4wceXYNEwF9LoxZfx84jUo-P0-xf6fGwaqGadcbcrCgL7k-26hOnduNjLblWoLoLYT3rA4tp2LwH84xnlmsGpxMbODE2E32CsrHaQntSVYeiswhsOZ-bnexNPgnRwEiAHmRxcOCmqSadKYl8RkKK8o4Mq7i_J7nNJyxuPly9zYHoTEIKP5axXWzYWOWr_3P7FOfd5bLKL7D4nVYrZKfJIQqya1db6ckSxzLUfS0xUcm1OB0JjIdBADpX-hribLMckop0T-IJoicaSUugtJxZgogVYipJijOlJtl2CMqFOBYeZ1Gret5cOfx3DMx_CEReGsqcTTkfb8mxjFMevwpeeSHtyknAklTzYMiYatLhJUE-BnoUgKMpQsq8JB6VNgG41IkaDl8AorMxfba19w2jScx2qonXSHsNvxqGDlwHdt8eEAtXARxJSIeFK3gM_pBgJbT8IimGAtjj37mvxf9XKZMdh0S92FeTNiOWes3_cx7lfNyu2e3FLWjqsiQNlyA43BcTf0o3--EUNpC1T0HDkx3dtHblm-PyG4aUpdCb2Ea_hMIwvGWOunHhFtR5X4KZmLlLk5_fCIDrCVfDQnR88O3m4e3y9ryf8RsuTbDamFJBcmKerFn1SQCkJCwY75GoU4tiTSeU-FuLtoPsHO4nt3p7syIYqu42WpeKkx--JUoVfHb3FesjXBYsJ_4VtA8mg72xsYb4Qw8lvqLdD-uI28WYTzYXeN4cZuCEqKptjb9TgqQ0f7R5EhGw9rwyRQ0QQow6LPiAV4OQ4OEz_izehW8CK1X_itrX0ZQu7wz2T1S-K_MAJp40D2Q0qhI8lixxoZWfRerbYH9KvsoUkRkBrzgk72JaVu1YsLcZfBhelrhANfvnfuL5cBt6p-JkmfaeiU9dPScuyVrSogueJsYeGNyMKgHsSad3eLIvWzGg2tZDA4klj6iQoTM7aqotCv6I6iV61kozdlPFz3x8ChwLW-MSO5RNb_x-RjHVuWBvMl-frlt2ecbavn9c_9Sp7ibXj679xntmrN0_yYQ6qZRS0HnOc_c1FKX4VZ6EsX882tc0zeuOlFtWMOrh7idai-K2PwTWaksbSEFQ7hwj2b53qfHDuMB1lhq5zryjexAsttIogveOIS244Y2yjEG1avNKm8p8btSaTKcOg8SvDkmRvEk0QnmwX4Zoh0xBKW0JhizBAr4NruT4yiRKbIpbJgNZwvp1Hkxbal6Dms0hRx1r5Ik9qCedSR_qk1Pt6R0XYDE2ZJKBDjDSFw7uM6iezvZT7gvxzUT-kNVrUcXl-fBhkwpUqpfw2hbze3kO4YQFdkn_PvuZQg6bgXK__2t6V4K38n_ehk0gyJEhXjZ43fn65oCopSSRgfRyfAxwYBh02i8PQ5MTguXf_QizNlkR_JhLXjS3vjhDwzfEYNMmJJ6QGCx0ayJxB7uXJ-sPyt2cdCWXXEk_u_hxxByqQ4JPZC5XhL_hDZRfOHLkNK0TPfhGU7Fk8tZwsriZl20rTGKUm1DLITeAX3fZ4DeSjEYhysvjTK7n46Qj18l91chGY4Z7rBFeZKRjVKbXZ1gIOTTwAEj5ySlMm58GcfQ8V6Qfwlev_lcmbClfZ68Mb1Mk2EgSVPX9oIg498EzCv2kYflhj2it6XPuONwY_9jPIc2t0bKMaaNLWh3WVtPcM9vuimVOym5OMluDem4egrXX6-Lv-TuNJ0BAiaNN3SuQlWar5l8kgWi51FbafUCZpniZk2GkbN-tE9s3Xmkl3he1bG21RfU9cfk3IN_4miMWf2yAeZEDzufJkozrk1EN3d9exymeo2BJ3ST3wQpmmC08tLwL5C243y6vy50fK9VKJKCUf0V8NX3qslNPphjurnJDUQaG-NdlbjJ2_-eMxMJx1I14ZORd14USOc-BdW-wDYyLzIccjurM1PGKzqtuDfjlijBzn_VQ_9vtjIihHtA&cid=CAASEuRohHNr8dLO7Nya2vlE9MJn9g&rfl=3%2Chttps%253A%252F%252Fwww.storm.mg%242%2Chttps%253A%252F%252Fwww.storm.mg%252F%240

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c9cc9abcbd6c35c427d368a03a48314ad1f994e85ae0504c8a0a89a1d8e451f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18848
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 6D25 2 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:19:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:19:13 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D25 117 KB
36 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 6D25 12 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:18:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 580
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:18:08 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D25 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BcVzQyE5NekD8JH7sVoPiJqBSPiVzIY_JOwsguFdZ_1vCm1Ohle6O5CDstY2hwD5iO-HtLSchiUMocroJaX3gnBqXgBzIZ0uuGgCfUdTy-2e7JP88

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EA87 0
0 194ms
80ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv2Xg0E0L2PdVBoCCgeokDU8tptE_0rXad26cX1jWLh0icHPQOSYEw4-g8-ps-QGvZxijMvP9hYbiPrpPDM7BkaNf2iM4fwtYXEDkPty0HMizjQjK3AU-S5XrUuflzBTZyduPdCRgTMzqcEG0kzrH1GivkgXjucsk1SA20Mkz_axAQDXET78KtzOZZxm4tbPPNcqmymvFvqwV0u6AYIvI5UAryYk7W1ClnGAk0r4zLO9FQyW4SWEBcmv2LJveeVAyChrBPvTZEZOV52VgSZiKMGLUysw-7HxqfL4RRGoIUIWSPsze_9DJSs_3Y&sig=Cg0ArKJSzKnr1VmiNmwWEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 25 KB
25 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:51:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
age: 430553
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
expires: Fri, 18 Mar 2022 01:51:56 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 43 KB
43 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 01:48:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 344372
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
expires: Sat, 19 Mar 2022 01:48:17 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 46 KB
46 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 02:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
age: 255203
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
expires: Sun, 20 Mar 2022 02:34:26 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 51 KB
51 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:42:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 305106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:42:43 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 52 KB
52 KB 14ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 03:56:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:08:38 GMT
server: sffe
age: 423093
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52792
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:56:16 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 51 KB
51 KB 16ms
12ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:04:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 440583
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:04:46 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 52 KB
52 KB 18ms
14ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:42:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:06 GMT
server: sffe
age: 366296
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53144
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:42:53 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 52 KB
52 KB 25ms
20ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 15:23:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 554641
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52836
x-xss-protection: 0
expires: Wed, 16 Mar 2022 15:23:48 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 53 KB
53 KB 31ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:02 GMT
server: sffe
age: 449469
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54000
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:40 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 55 KB
55 KB 31ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 20:36:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:24:59 GMT
server: sffe
age: 449469
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56272
x-xss-protection: 0
expires: Thu, 17 Mar 2022 20:36:40 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 52 KB
52 KB 31ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 09:32:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 316494
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52844
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:32:55 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 47 KB
47 KB 31ms
25ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:31:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 305800
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48324
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:31:09 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 57 KB
57 KB 36ms
29ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 19:13:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:14 GMT
server: sffe
age: 454431
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57968
x-xss-protection: 0
expires: Thu, 17 Mar 2022 19:13:58 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 52 KB
52 KB 35ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:10:01 GMT
server: sffe
age: 366260
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52988
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:29 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 47 KB
47 KB 34ms
25ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:43:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:43 GMT
server: sffe
age: 366260
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48552
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:43:29 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 50 KB
50 KB 37ms
28ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:08:06 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 422383
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50784
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:08:06 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 44 KB
44 KB 37ms
28ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:47:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:07 GMT
server: sffe
age: 366025
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44828
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:47:24 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.37.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 38 KB
38 KB 35ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.37.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b0313272102ea0987ddb17775ea629abf40554d23727500ff486ba02cf82396

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 04:18:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:21:47 GMT
server: sffe
age: 421775
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39184
x-xss-protection: 0
expires: Fri, 18 Mar 2022 04:18:14 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 50 KB
50 KB 33ms
26ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:12:09 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 26140
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50856
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:12:09 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.81.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame F8AC 20 KB
20 KB 32ms
19ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.81.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a8ac06d8362313d13f8f2dfc1c316d298fd7bab4e5751c9ef390d9fe251cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://api.dable.io
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:52:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:35 GMT
server: sffe
age: 23704
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20692
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:52:45 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 61ms
61ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1022
date: Tue, 23 Mar 2021 01:27:48 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK prevnext2-snippet-ie.png
images.dable.io/static/i/ Frame F8AC 288 B
906 B 59ms
58ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/prevnext2-snippet-ie.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202102281237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "78144ca1e42485765eff8fd58568ec78"
x-amz-request-id: 591CD09AF8CD4095
Connection: keep-alive
Content-Length: 288
x-amz-id-2: 7G5U6muBaxNSGmhqG7iwW92CD3kNrE++7zY6kOYdA+Gjk7HSB/R8MqDdc/ng/2PvHnwYH4sXKs8=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Tue, 23 Mar 2021 01:27:49 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame F8AC 661 B
1 KB 122ms
62ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202102281237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "2260fca7dca92761058aace21a176daa"
x-amz-request-id: 52BE244A95119091
Connection: keep-alive
Content-Length: 661
x-amz-id-2: ddzH4x80PczY70htU2NaqE2ktBJe1/NjynlaucpW8YrFqL2pHSqL9WozXhXeF0K4kWOGM3T6G+0=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Tue, 23 Mar 2021 01:27:49 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C0CC 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11035
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 3B9A 2 KB
2 KB 342ms
341ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.578832526102169
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 440bed45e7d58ed677fcc665d87894dadba995222ca77536b95d88c609611e43

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 01:27:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1470

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3B9A 80 KB
26 KB 41ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:49 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:27:49 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame F3C4 2 KB
2 KB 653ms
341ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.6267964353645541
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 440bed45e7d58ed677fcc665d87894dadba995222ca77536b95d88c609611e43

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 01:27:49 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1470

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F3C4 80 KB
26 KB 19ms
18ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:49 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:27:49 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 2A92 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11035
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dot.png
images.dable.io/static/i/ Frame F8AC 269 B
887 B 57ms
57ms Image
image/png 104.108.42.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/dot.png?2
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202102281237
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.42.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-42-51.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f

Request headers

Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
ETag: "c6dbfa476effcbda5d070b19378fed29"
x-amz-request-id: 994060D4EFC461BE
Connection: keep-alive
Content-Length: 269
x-amz-id-2: L4pDhIKf4PtaA6+cGfB6FdA9xSc+1VR7iomEcX3H3K2HOvy7f1RV/WbqU7P4oSNhlX7Dnoo0YGA=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: Apache
Date: Tue, 23 Mar 2021 01:27:49 GMT
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H3-Q050 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 6D25 21 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtEf8GKY2REEaLCIQfmd37a0lxWgrg4hNIs06Fwb6fxOGafl4XfrHsyTnzp20FIqwaXLt1vVIRU8ZFe1RoJUH7OHYkfQ39ogirhBXbqwP_jnusJLolQxLF8CmVPNmstqf3moPgREEkDK3AhqOT6zxh8DPW6Q&dbm_d=AKAmf-DFYvG5TbO10L7q59cBMoW5oW22iKcxSzo-nzHsfACnFoZPiCUD_gH6kkD9lih_V_wD-aSkWabzhr21aNrQd82nmUhU5tREpQYDYwS2YTb_z2RCLJtNgQUXwFIBDv_vKM8CVscYfG5zz9MFyIQFQ5Jf9EBWJsDv3JjFMBFv3XjOdWYn8DBjIbbS_ZUhXY-EbXuDeqNJIgANICpYExVeWikGLSYrpzCNHcQS5we1TpqcrJXdqv4UtYyvsAWCOucU3K7038Xwoy0I7wRZsGV4QGotmIwzgKEbNxOUgsyX-u6C-k-58OnjZ9bvHhYjNrZJHdYhOc2XAznya1NzDA3Gax-4PRcRjo-gzc6xZv9Rp-ABBxHuhzlazS0Eu00OAZeHY3rS-MoOlqsgk3bLaylLV-EjJZ7EVbCczcm4csXqVqNbJ4Lv0AgfBjageO0EKFoKVYls5bNzXL7PyuuSpPfY8MhHNYCuHZ-5LJD1AUx5Q8GCPim1VP3N5taIJ44ZGIxTw4f-E047EdB_XS59EZBSRsdd_XiZJH9ToqUN3vO5ZYCGf-aKW1R0M9YdNoq38meRjOVJ4xl0ZVQu6bdkCICM95kPlau6pTNaU8HAzxvnwbEKnX5mKBB8hq0ivkPgZrvKJCSLwREaw8YZc4Lb_7GsRjmzVdeT1Enss2ug4UDaSL0gYw7CV7IZfq1Bs9thG_WvxDlKF87PKwwr6tzVRYA7udvukDbtCjXr9_4ptyXQjrIGQKANj-MhxjGIwSCONnio9tQay-QmWOh5TgsE4Dd1czB0vzCBrUatYULc2L3AVBTYPDJFzx-7dnO9XQXM4YIV80F7VdMsbu0WXonSDvXWguaZY3UY-EB8Q-rEVZbrPmzeX-UbfUhad2SPDIp9XYW0Mp9GAu-OOoZ_oReVfDYlknzfiLWXD3haAQDEJPelBW6YFMccgpRUQ4S6AkbGak65O4Xiq2A3WTktZ_yCvfxBIlRDwsKvsAjhb1HthYirC_-6eoKc5f2l9kg1Sp2tEd1zC4FFZ0Q87-riA_tJvkXNW-aK-Zv3k_0x9JBX6vz8PqlwDjw-p-FP-MnDt7WzmKDO4RDnROqgIHwvsZ1iyTFncKzF1JSfCt2ZR6A2iaXGptvUQoLxU6ErmdZhLPaDPWNnCTxsMuX-xWqFxGXfAbZJAikKnvY_ike2lZwT6H-p8QcaLQjHCuS8YtHsdXf4wceXYNEwF9LoxZfx84jUo-P0-xf6fGwaqGadcbcrCgL7k-26hOnduNjLblWoLoLYT3rA4tp2LwH84xnlmsGpxMbODE2E32CsrHaQntSVYeiswhsOZ-bnexNPgnRwEiAHmRxcOCmqSadKYl8RkKK8o4Mq7i_J7nNJyxuPly9zYHoTEIKP5axXWzYWOWr_3P7FOfd5bLKL7D4nVYrZKfJIQqya1db6ckSxzLUfS0xUcm1OB0JjIdBADpX-hribLMckop0T-IJoicaSUugtJxZgogVYipJijOlJtl2CMqFOBYeZ1Gret5cOfx3DMx_CEReGsqcTTkfb8mxjFMevwpeeSHtyknAklTzYMiYatLhJUE-BnoUgKMpQsq8JB6VNgG41IkaDl8AorMxfba19w2jScx2qonXSHsNvxqGDlwHdt8eEAtXARxJSIeFK3gM_pBgJbT8IimGAtjj37mvxf9XKZMdh0S92FeTNiOWes3_cx7lfNyu2e3FLWjqsiQNlyA43BcTf0o3--EUNpC1T0HDkx3dtHblm-PyG4aUpdCb2Ea_hMIwvGWOunHhFtR5X4KZmLlLk5_fCIDrCVfDQnR88O3m4e3y9ryf8RsuTbDamFJBcmKerFn1SQCkJCwY75GoU4tiTSeU-FuLtoPsHO4nt3p7syIYqu42WpeKkx--JUoVfHb3FesjXBYsJ_4VtA8mg72xsYb4Qw8lvqLdD-uI28WYTzYXeN4cZuCEqKptjb9TgqQ0f7R5EhGw9rwyRQ0QQow6LPiAV4OQ4OEz_izehW8CK1X_itrX0ZQu7wz2T1S-K_MAJp40D2Q0qhI8lixxoZWfRerbYH9KvsoUkRkBrzgk72JaVu1YsLcZfBhelrhANfvnfuL5cBt6p-JkmfaeiU9dPScuyVrSogueJsYeGNyMKgHsSad3eLIvWzGg2tZDA4klj6iQoTM7aqotCv6I6iV61kozdlPFz3x8ChwLW-MSO5RNb_x-RjHVuWBvMl-frlt2ecbavn9c_9Sp7ibXj679xntmrN0_yYQ6qZRS0HnOc_c1FKX4VZ6EsX882tc0zeuOlFtWMOrh7idai-K2PwTWaksbSEFQ7hwj2b53qfHDuMB1lhq5zryjexAsttIogveOIS244Y2yjEG1avNKm8p8btSaTKcOg8SvDkmRvEk0QnmwX4Zoh0xBKW0JhizBAr4NruT4yiRKbIpbJgNZwvp1Hkxbal6Dms0hRx1r5Ik9qCedSR_qk1Pt6R0XYDE2ZJKBDjDSFw7uM6iezvZT7gvxzUT-kNVrUcXl-fBhkwpUqpfw2hbze3kO4YQFdkn_PvuZQg6bgXK__2t6V4K38n_ehk0gyJEhXjZ43fn65oCopSSRgfRyfAxwYBh02i8PQ5MTguXf_QizNlkR_JhLXjS3vjhDwzfEYNMmJJ6QGCx0ayJxB7uXJ-sPyt2cdCWXXEk_u_hxxByqQ4JPZC5XhL_hDZRfOHLkNK0TPfhGU7Fk8tZwsriZl20rTGKUm1DLITeAX3fZ4DeSjEYhysvjTK7n46Qj18l91chGY4Z7rBFeZKRjVKbXZ1gIOTTwAEj5ySlMm58GcfQ8V6Qfwlev_lcmbClfZ68Mb1Mk2EgSVPX9oIg498EzCv2kYflhj2it6XPuONwY_9jPIc2t0bKMaaNLWh3WVtPcM9vuimVOym5OMluDem4egrXX6-Lv-TuNJ0BAiaNN3SuQlWar5l8kgWi51FbafUCZpniZk2GkbN-tE9s3Xmkl3he1bG21RfU9cfk3IN_4miMWf2yAeZEDzufJkozrk1EN3d9exymeo2BJ3ST3wQpmmC08tLwL5C243y6vy50fK9VKJKCUf0V8NX3qslNPphjurnJDUQaG-NdlbjJ2_-eMxMJx1I14ZORd14USOc-BdW-wDYyLzIccjurM1PGKzqtuDfjlijBzn_VQ_9vtjIihHtA&cid=CAASEuRohHNr8dLO7Nya2vlE9MJn9g&rfl=3%2Chttps%253A%252F%252Fwww.storm.mg%242%2Chttps%253A%252F%252Fwww.storm.mg%252F%240

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdfa3666b6d8faba8bec7338f44fa50837f0517f66d6624f13ba61f63961f037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0
server: cafe
etag: 7734406380246990614
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:19:18 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210318/r20110914/elements/html/ Frame 6D25 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210318/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 686
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:16:23 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D25 0
575 B 202ms
93ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvoD4jGzA4DZF4l7IxW9JPVmovzrhS7qCUNsOgBCQ0nm5G8R8JH_sy2IYP9-DbPvG1tpqahm-Gfll3FkKuaW2S3NtCzafmMCJbi01w9bxkvBDqgD2eDFKDGWotfIuaZENxl_K8UxeCKcOoE-ZRGcUu2IpV6uH6EcyLchFZcdPfcZro1mlJqLAbcd7jy1R7FznpumcVa9yogkpVuFpJH7vyxqmE_KecDPiODRlnJUTzn5iq5oEE0DhgXgpC82cSk9zmgUOXxgDCxb-IyahdJoOtY4FjzavbtEqjrNm6tNLLYWHx5EUjGH7CRscu-EodbQ74ei5y4jhgDdeqTgZbpxW8jWKxkUvGKkEk97g8VlQLI9Ep3sQBFsqz1kGfwJTKPCy2SLknoCk3Q8i9xHnyi-uvzdyh2sHMgvP7gdiLZJic6_5aTkpwGIA6bzTzRbFqf1jP70PQVmNUzYan8ALUPuvOnVXRnHIwmGm_IBn5TP6CLSp_DjtUPFJ_7nJHekjBEGAtcKEuBWG7hOHJk3qCd9-NA1kkbAm8I_op5epJyYMDbJkuWfbR7kaa5JvFf-VJpnLuR6aWga6P4UFV6mMacWJI6chH3gPPYfijqf-ybgL7m7K8ssun9mhOcBwK_WQcX0gko4XaVncQxR0jzTSwMO1w8YAwP-pkag4LaelVa59h43i4_13td_bwrdyfuRV5BdSXtmeHGU0rdWqc2laePXZNbo2PkyMNUOC_oztm3nNX9ohbVtAS_S0nfADXLjhFlkRuZBPGtlug6ah7ojgB04KhIN06L5Jz0eBdgd9SglrOUSvH3clBbBloUbypKVscvEye_vdmv_-UIJ-7ld3IS1ZjR5D_3Ux71PgqNvQm7C_nftnjeJ-eKbCIVBdKH4_DKmTtNhMvJmPwgICNSfEWh7PChyJB0HWFF95xUJ9zchlPmSOlDG1ZEY7GBYg97WMbXjrIqWhszOjXFzWqI1-PkLNK8fqDfQZcs59yQRDMLrC_Fhrc12GHRgwKed6f1Yadij54vSJ7xWITM68P04kirJXtPge4Cb1WCkEal3h55E2GZCuQ0ep7Wdqx-1OpBLnFegwpjBiLYjaGj2qIzmQ0gpGTruqVuY1rsCQgSW6yhNLcMD8Zti0fYgiDg6guA1bmkMTszdsMjGtt8T_mwLr_8zXev-tCxhXMTYKfbdU9n5w&sai=AMfl-YTYfYyueJRTNyRnE5svwGqyY_pjggqjiJ6nXh5LGCf75IWIiwEozdVq8N9QnRt_WQcmqDB5DFFPL-TyrL4eD56AReMlEF3TqYsnC3q016D7Piuz7y3YZMbwKD7SBSuFx2ptXzPj1zKEZi4kcl8fz_INDkGPMA&sig=Cg0ArKJSzLsl8LvlIQXtEAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210318.53349&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 23 Mar 2021 01:27:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6D25 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 13:17:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43842
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:17:07 GMT

GET
H2 200 300x250-PAKIET_Netflix.jpg
s0.2mdn.net/9612159/ Frame 6D25 79 KB
79 KB 26ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9612159/300x250-PAKIET_Netflix.jpg

Requested by

Host: 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
URL: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e65b2f8e031b4ce2e753a3662dd2b1fa38ca9b171f6698d5e6c023c98bb8cca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 09:25:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 12:50:18 GMT
server: sffe
age: 57750
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80760
x-xss-protection: 0
expires: Tue, 23 Mar 2021 09:25:19 GMT

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 01F3 57 KB
19 KB 62ms
60ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f390b2d2721def3434d087ecceaafa0ae5e140120cc870784f7d00f90c3b5c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 317 of 1000 / last-modified: 1616451005"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19725
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
H/1.1 200
OK impression Show response
api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/ Frame 4B03 2 B
157 B 329ms
325ms XHR
text/plain 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/impression?source=3553076&pick=&rm=30.50.6&cm=0.0.0&channel=Cross_PC.2_4&reco_type=personalized-related-news&cid=51548444.1616462865197&widget_id=y74wWAoV&reco_list_lz=NobwRAlgJmBcYGYCsAWAjAJnWANGAtgKYAuAFgPYzwIAMAdEvQGxgC%2BO40ciqA7L41wESFKonqM6LdpzEIUATgFMWeImUrdaDZmw6Q5SIzV4oh60Vom6ZBrSl410GcyM3VrUvbK1IEWBARXDTlPaX0uaiMENCYgtTdQnS9bSJ4YgA5eFwSQq2TwnyiEBSZeBWDLDwLvOyjFDJpVYTzqyWkAXSA&uri=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://api.dable.io/widgets/id/y74wWAoV/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8

GET
H2 200 request
sp-api.dable.io/services/storm.mg/users/51548444.1616462865197/campaigns/w09qVGR7yIV8/contents/PjmE2KWLzs3L/ Frame 4B03 35 B
109 B 1007ms
330ms Image
image/gif 52.79.132.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/storm.mg/users/51548444.1616462865197/campaigns/w09qVGR7yIV8/contents/PjmE2KWLzs3L/request?q=N4IgxglgJiBcIFYCMCAsAOVWB0SBs%2BqeATOnsgJwDsIANCAO7QDmApgC4D60cIAnlVQMA6gEEA9gDU6IAE6sAjgFdWAZy494ATSp4A4ugDSAOzwAlVQGtLCgDLoZ85Wq7sIAW1Zx8hEmSpISFT0quJKsmBe8ADMCAjRAAy6Mp7sABbiMPBIuNgJMmBpAIbGxqwANrwAwrLiqqqcAApV2MScqDKsAB4ADhDyWSAAKioABACyRbKjxNEzCcRIowlIsMRUsKhUo3rjQwDUCUf59OEQvGns7D2qsAD0dwxP2Orisu7Y7sx3U25g5aw7rF4kk8DIIMYAG6sYzsN58biDEgJPAAHwEQjEUhkcPYRXKnB6RTYcGI9CJJNgSBCEAAXlEySBVOVxOxvPRZCVLHAEvQIOxWO5OGAimz4IBVKMAa1EyABGmQRAOMzHS3mIxFQAF8gA&is_gif=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.79.132.3 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-type: image/gif
server: nginx

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 71ms
70ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=AniViewHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 70ms
69ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
826 B 155ms
54ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

997614e55e349c466219e0c483a6671e9b3b6e6039595737d2306772297e90ea

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:49 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid: 865c55d1-8560-448e-8a43-7e3c5ad951c4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.storm.mg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
114 B 577ms
93ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:27:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 133ms
68ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=AniViewHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 131ms
67ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=AniViewHB
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK impression Show response
api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/ Frame 9329 2 B
157 B 338ms
337ms XHR
text/plain 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/impression?source=3553076&pick=&rm=50.1.1&cm=0.0.0&channel=List_article_bottom.vpos_70&reco_type=hot-items&cid=51548444.1616462865197&widget_id=1oVpxdlP&reco_list_lz=NobwRAlgJmBcYGYCsAWAjATjQNjAGjAFsBTAFwAsB7GeJABgDo0mwBfPcaORJJBbAExJ8RMlRph6TFu04Tk6AOx0MIkhWrcpzNGw6R5vFAA5jitWM21GOvXO4K0A9BY0TtM-V3jI%2BSAeYE6uJaNp72PrwBdLpBlu5hurIGDrz0iiiuIdbSSV6GqEjYCFlWkol2KT4o-sZosaJuobmV3jyoCqUJLcltvsimXc22vYYI9caZcU05IwC6QA&uri=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://api.dable.io/widgets/id/1oVpxdlP/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:49 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8

GET
H2 200 request
sp-api.dable.io/services/storm.mg/users/51548444.1616462865197/campaigns/w09qVGR7yIV8/contents/PjmE2KWLzs3L/ Frame 9329 35 B
108 B 943ms
331ms Image
image/gif 52.79.132.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/storm.mg/users/51548444.1616462865197/campaigns/w09qVGR7yIV8/contents/PjmE2KWLzs3L/request?q=N4IgxglgJiBcIFYCMCAsAOVWB0SBs%2BqeATOnsgJwDsIANCAO7QDmApgC4D60cISA9gDUADgA8oAGwAKdEACdWARwCurAM5ce8AG4BFZgEEkAZgBeAK1FgqAGX4VishSvVd2EALas4%2BQiTJUxlR49Gr8ynJg3vDGCAjGAAzBsl7sABb8MPBIuNgJsmBpAIYAdiWsErw2EBqcRXLuYBKsnABG-Ozs-B7Y2sL8apxU%2BfSsosIQClkgACqqAAQAsvXzxMarCcRI8wlIsMRUsKhU8wDiizMA1Ak3IyARELxpncJqsAD07wzf2Br8cj0PMx3vVGs13rF4kk8LIICVtKwSl05ABPbjTEgJPAAHwEInE0lkXXYRQknGERTYPnoFKpsCQoQgpmixFCEg61PkpQA1nAEvQIOxWB5OGAiuxeIBVKMAa1GydpQNHNErMdI%2BYjEVAAXyAA&is_gif=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.79.132.3 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-type: image/gif
server: nginx

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08F4 0
0 84ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9Cj57T_qckJ59lF_K2UKv644qtsj1Av7ZaFZvPfVxLrdjBKA2x74M9ZZCj_9gTMK61Wu6cGfUP_bufekdByAg7k6C__O1e_CKYYEGj9Zt3Jj0vcKtJbTczyb2AanCo9SNQWWYC4uTlLdv0rU0GHPVUTM6opqf5sQiWGMzquhSYRcVnqQ2MGsN_shwGSro0y_myO3BnCBlkU4nerlS_PcX1-HR_cZEqbvn-0J4iFiPLgwSV-7hBFwsO7PrlbCWc-RxosO6meyj6OtohjVWZwRGtYkUkgYWc2GP3-RB4Lntx_Cq1KKXzj2FhVr9awPPEMNB&sig=Cg0ArKJSzI5VXxyeLzLBEAE&urlfix=1&adurl=

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
DATA 200
OK truncated
/ Frame 08F4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83b0f09a2aec6b022e057f23d78cae19cd18968a3153aa68dd18823879337b61

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 08F4 46 KB
46 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 02:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
age: 255203
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
expires: Sun, 20 Mar 2022 02:34:26 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 08F4 25 KB
25 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:51:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
age: 430553
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
expires: Fri, 18 Mar 2022 01:51:56 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 08F4 43 KB
43 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 01:48:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 344372
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
expires: Sat, 19 Mar 2022 01:48:17 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 08F4 51 KB
51 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:42:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 305106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:42:43 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 08F4 52 KB
52 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 19:42:53 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:06 GMT
server: sffe
age: 366296
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53144
x-xss-protection: 0
expires: Fri, 18 Mar 2022 19:42:53 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2475 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVwSUIyCKEA0TLQ3CwDpyO_YLjI9ZvcmzvdN-bDcIODS7Wb9Bs_juJscN4Z9cgtfCoqeg30zWfOVumLOt7bXj5UlcoyQjkkIBjhDNG0ceUIQxUsk6HuNsGBsAxEu25V-wMj1nT2UIoF8sdiAsWl5LAAoXTOvgSFgoTQtk3sIGu90Pkx3l6ooceyoywDKmGO2xSUMsj7YhW-CK9uU094fhehXajJrgmBS6P9BG9OPsPvux5Ws7B5LY_Vb6yVKpT2Yw5Y2QToHa0ZBXJvEJ4tVVXk3JTnte5hS7E_ly8X6iDQJOkqdav6GWdHDsBoN158Q&sig=Cg0ArKJSzDdaswencajIEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7BF6 0
0 85ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuRCQGXrcAfoG8hmvyZwvLxR7lrleuU-hL3mH4dHrC0aYa_I_l-serHSVzUvTO9Q_zaZ4fDOMpG1SXcHD6ph3q5uYQ_plnPTCzQXyaHIAZ2v-F-1JH0QDNHVr5zjh0bbANZBTtN0YwbQXWYm9ExHKjDzb0qDnhYa4tAZptnpOrts12PifU76f_E5qeW72kEH27VlKSg_ZZbGLyD9k8GDeSo_Fu_aLiJzrvbMapWU1_tEawhSGbbt8aKzgoh35KMAzpTjfI2RzuOrXSn3mRcBQ-yk3PcUUqUSoxQ01llvT8YkR2LkrtlX6KcESq7jUY358fG&sig=Cg0ArKJSzLMDQHcQBWCCEAE&urlfix=1&adurl=

Requested by

Host: 0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
URL: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
DATA 200
OK truncated
/ Frame 7BF6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5db046560c402e28f7241880d686f52480c4f98d28eae25a6452f3f0f1018bf

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 46 KB
46 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 20 Mar 2021 02:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:13 GMT
server: sffe
age: 255203
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47312
x-xss-protection: 0
expires: Sun, 20 Mar 2022 02:34:26 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 25 KB
25 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 01:51:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:18:53 GMT
server: sffe
age: 430553
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25360
x-xss-protection: 0
expires: Fri, 18 Mar 2022 01:51:56 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 43 KB
43 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 01:48:17 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:19:55 GMT
server: sffe
age: 344372
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43804
x-xss-protection: 0
expires: Sat, 19 Mar 2022 01:48:17 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 51 KB
51 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 12:42:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:09:56 GMT
server: sffe
age: 305106
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52052
x-xss-protection: 0
expires: Sat, 19 Mar 2022 12:42:43 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 52 KB
52 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 03:56:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:08:38 GMT
server: sffe
age: 423093
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52792
x-xss-protection: 0
expires: Fri, 18 Mar 2022 03:56:16 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 51 KB
51 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 23:04:46 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:08 GMT
server: sffe
age: 440583
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51852
x-xss-protection: 0
expires: Thu, 17 Mar 2022 23:04:46 GMT

GET
H3-Q050 200 -nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 7BF6 52 KB
52 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 09:32:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Nov 2020 04:25:01 GMT
server: sffe
age: 316494
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52844
x-xss-protection: 0
expires: Sat, 19 Mar 2022 09:32:55 GMT

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 23EB 1 KB
1 KB 57ms
57ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.54
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CXR20210323092747853967; gx=H4sIAJW0WWAA%2fxNmYGDg4ubYcf3I9zkvt1kKsAqxcNgLMAEAEmUCtRcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.54

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 01:20:16 GMT
expires: Tue, 30 Mar 2021 00:31:00 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Eao9NX2YIxOZmY1vEkassLpgENPNH47rdlnI5zeiJipZo_yM2VCt4w==
age: 3410

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame DB93
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hSMjAyMTAzMjMwOTI3NDc4NTM5Njc%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJA-zaU5KF22_LJGS3uu2kg&google_cver=1&google_ula=3918219,0

0
551 B

1344ms
335ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJA-zaU5KF22_LJGS3uu2kg&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:50 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEJA-zaU5KF22_LJGS3uu2kg&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 37DE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

422ms
58ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame DB93 44 B
265 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.54&rl=&if=true&ts=1616462869903&cd[SBST]=1&cd[PuID]=storm

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame DB93
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXR20210323092747853967
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1477ms
332ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08F4 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRYAsP3lwmstQFb4AJoOb3h0O4lDhHESpc2ETDFwuw9g7POksWw3j7mdYn5N0GwkHyPwYPC-BgFWzsLI5Y6naFfntP1VtoHVEDB4V1F6a82a65uPskRvcolEOpdLFVIxaqkh4EwL3hPuO_pVCJL7a62KWcVYciLbz9TahOEK8pvDNuhQaUm2QrAAIT1dyKZvLkiUqw5JYIEB53CQM-X8WVIYKVFoqa31hcXcI9pumyW9b5a3syj1Diy4g-U_7ajv-cLvajY_G2Gk6XPLjSaQ03vvrPZdQ3s5i26TqOldxS8uToks8tYf8MiTK9v-3SIw62g9Y&sig=Cg0ArKJSzJf9XK08NR4yEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:49 GMT

GET
H3-Q050 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C94A 1 KB
854 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
URL: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 22 Mar 2021 03:14:09 GMT
expires: Tue, 23 Mar 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
cache-control: public, max-age=86400
age: 80021
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6D25 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92821f7bdc1da89a4c59c01e861887070f5e5adfe224a317a42f88aa17e2827a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame CEF9 0
150 B 23ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.storm.mg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.storm.mg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1816
date: Tue, 23 Mar 2021 01:27:49 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3B9A 80 KB
26 KB 45ms
16ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:27:50 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame B56B 0
150 B 23ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.storm.mg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.storm.mg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2563
date: Tue, 23 Mar 2021 01:27:49 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame F3C4 80 KB
26 KB 51ms
31ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7BF6 0
0 86ms
86ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmcKsz6o4RvJSauEGzuMVI83KJ5pqnvKkYbYXMFCUcYkCwB5eic1UFet3_qTqcJD2YL3yGdMKbsZm89ISZRjWColOFY2AHZIIBYA4n6ijJO_OpgFBFlDLES3cTbsSy6sniR34gxbyzlgHJZtqL7CX0TEMOYqwQoquXC_fExOiYTI_GaOCBAVBd8gfuL_zt0lAx_gFbnglQZbi7CVncBI7rkl602t4e03xr4pQRRaLcznWJzI6sPmVmRmgpfKbjL9HtJYbvLwe0-RJqfw0HTYElKADPzzn3b7qQl1Od_QjfXBAmzXn6OqGSi664q6xQYymxwN4&sig=Cg0ArKJSzM8uCeSGAJRgEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H2 200 edmpVL.js Show response
cdn.holmesmind.com/js/ Frame 7672 10 KB
2 KB 1202ms
1073ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/edmpVL.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1ryxMbYfOYxMAAA==
date: Tue, 23 Mar 2021 01:27:51 GMT
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
etag: W/"bb1f54e9cb2e7c9c3e3c1b5adae79ccb"
last-modified: Tue, 27 Jun 2017 10:23:08 GMT
server: CDN77-Turbo
x-amz-cf-pop: FRA53-C1
x-77-nzt-ray: 1IMlVN4+nas=
x-77-cache: HIT
content-type: application/javascript
x-cache: REVALIDATED
x-age: 4963
content-encoding: br
x-77-pop: frankfurtDE
x-amz-cf-id: sCqm24lh7ZiaAjRxvCZo84HZj0eUBVSi2rFMX0yByXbMUK0g6D70dQ==

GET
H2 200 1.js Show response
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 3AFA 768 B
711 B 1251ms
329ms Script
application/javascript 61.221.230.167
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.230.167 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-230-167.HINET-IP.hinet.net
Software: HiNetCDN/2012 /
Resource Hash: d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: hongkongHK
date: Tue, 23 Mar 2021 01:27:51 GMT
via: 1.1 a55558c6b6748e578253e36b174f0b2f.cloudfront.net (CloudFront)
x-77-nzt-ray: dyiDgcE/dfE=
age: 38
x-77-cache: HIT
x-cache: HIT
x-age: 302
content-encoding: br
x-request-id: f9516cd69b8e768b4deee34906f1d491
x-77-nzt: AVQROQoDLw7vLgEAAA==
last-modified: Wed, 06 Dec 2017 07:54:25 GMT
server: HiNetCDN/2012
etag: W/"124d2d33c6a8e65dc8edee4968d5ff15"
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-pop: HKG60-C1
x-amz-cf-id: JQVSKow-RVefNm2R0OmWVLnTh8HQEI7PYu0zSleesA-HBOWwi4F19g==
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H2 200 av_old.js Show response
cdn.holmesmind.com/js/ Frame 3AFA 4 KB
1 KB 1124ms
997ms Script
application/javascript 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/av_old.js
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: dc495854a8ac178d94730aeea4fc42d704c1af5e0dcbcc79f13b6d9792cbbb49

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-nzt: AcO1rywb6hPOYxMAAA==
date: Tue, 23 Mar 2021 01:27:51 GMT
via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
etag: W/"2a4586297d3d27704ae74fbf71c5d324"
last-modified: Tue, 24 Apr 2018 10:23:06 GMT
server: CDN77-Turbo
x-amz-cf-pop: FRA53-C1
x-77-nzt-ray: 01prcCobIb8=
x-77-cache: HIT
content-type: application/javascript
x-cache: REVALIDATED
x-age: 4963
content-encoding: br
x-77-pop: frankfurtDE
x-amz-cf-id: ot12dD4zJ0ZR1Tre7tnScmJgZ7Xr6ZRpVQcBpRGuTeseIhPyBEqMBQ==

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame 7672 2 KB
2 KB 344ms
343ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.8650460428002009
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: fb0bc5bd005aebb3d302194731d592c2d7a86b07bbe3f316d51213668c7d3edb

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 23 Mar 2021 01:27:49 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1332

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8281 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 22 Mar 2021 13:17:08 GMT
expires: Tue, 22 Mar 2022 13:17:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 43842
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 481A 1 KB
1 KB 60ms
57ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.54
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CXR20210323092747853967; gx=H4sIAJW0WWAA%2fxNmYGDg4ubYcf3I9zkvt1kKsAqxcNgLMAEAEmUCtRcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.54

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 01:20:16 GMT
expires: Tue, 30 Mar 2021 00:31:00 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: cgAhZUCFs4ZuDfq6NvbJMjh7UdR2syDVg2xDYFnTj2nvuDdrOxywJg==
age: 3410

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame 4491
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXR20210323092747853967
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1496ms
336ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame 4491
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1hSMjAyMTAzMjMwOTI3NDc4NTM5Njc%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAfBgxDR_l0d50AuXZ4yDRg&google_cver=1&google_ula=3918219,0

0
551 B

1662ms
335ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAfBgxDR_l0d50AuXZ4yDRg&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:50 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEAfBgxDR_l0d50AuXZ4yDRg&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 48CE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

369ms
65ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame 4491 44 B
153 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.54&rl=&if=true&ts=1616462870101&cd[SBST]=1&cd[PuID]=storm

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EA87 42 B
89 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJofvz5HTeI188AIYHHJtKTqp27QcBOnnhPVBTYxgkcFMOVKmN7vzvLynItt6ZYvUmKLC4w_IkaXgEDDE1ZyMsX2kDrwEF8QFRCoOK3PQ&sig=Cg0ArKJSzFzLj1dDQo4iEAE&id=osdim&mcvt=1088&p=200,315,450,1285&mtos=1088,1088,1088,1088,1088&tos=1088,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=2004118907&rs=4&met=ie&la=1&cr=0&osd=1&vs=4&rst=1616462864462&dlt=189&rpt=41&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK impression Show response
api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/ Frame F8AC 2 B
157 B 324ms
324ms XHR
text/plain 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/logs/services/storm.mg/users/51548444.1616462865197/impression?source=3553076&pick=&rm=30.52.3&cm=0.0.0&channel=Article_bottom.AD_box_transparent&reco_type=personalized-related-news&cid=51548444.1616462865197&widget_id=KoEeAWoB&reco_list_lz=NobwRAlgJmBcYGYCsSAsqBMA2MAaMAtgKYAuAFgPYzwIAMAdEhvQmAL67jRyKpMAcARkF5CpStUQMmLdp0iTkafvwDso4uSo86jZqw5dFaLKtMbx2mtP1yjOpoNq1%2BFrYpuzDChylVM3CR1PA3luGiYsLH4cfE0g6z0vMOMmVVoROMsPJND7GlQAThQkWkCrKVy7HwjkfjRynJk8msQkQQx21iz3YKrvcLakZAx1HoTK5urB5EEEVCwy8YrdKYHFIv8oxr61lN8MDELCncS9-KG%2BLG6xXrPbdYcFrAxUU8mH-fhC-loEV2WTU%2BFxGaHm71WwNa8x%2BRQBtwmkOSILQgnSJ0BuyhMxQ2AwSwRKxC02MqCEqBu8SJ-S%2BQ1oGH4b0x92R0MccIhxMeEQWTCQnJpKNQHWFAvObPQ0QJVKBrJx6D%2B0uyWLlpKwSGOYuxqThsUJspaOKQWGE8JlKsNxlewr15pZlt8dTNyvtJKeP1otpdH1VDn%2BtEKTP1FrdEWGLjGwdd3LaZMEAWZPodPMEhUEXruSdDbTo12dmaRybAaKEIq1XgAukA&uri=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: */*
Referer: https://api.dable.io/widgets/id/KoEeAWoB/users/51548444.1616462865197?from=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&ref=&cid=51548444.1616462865197&uid=51548444.1616462865197&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E8%A9%95%E8%AB%96&ad_params=%7B%7D&item_id=3553076&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8

GET
H2 200 request
sp-api.dable.io/services/storm.mg/users/51548444.1616462865197/campaigns/w09qVGR7yIV8/contents/gpYEBD7JMu07/ Frame F8AC 35 B
108 B 553ms
331ms Image
image/gif 52.79.132.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sp-api.dable.io/services/storm.mg/users/51548444.1616462865197/campaigns/w09qVGR7yIV8/contents/gpYEBD7JMu07/request?q=N4IgxglgJiBcIFYCMCAsAOVWB0SBs%2BqeATOnsgJwDsIANCAO7QDmApgC4D60cIA0gHsAoqwCCAdQEAhOiABOrAI4BXVgGcuPeEMUAbBAwBWxPAHkw4gEoBrAB4ANWQpXqu7CAFtWcfIRJkqVApiejUBZTkwb3gAZgQEGIAGKjxZL3YACwEYeCRcbETZMAyAQwA7MtZdXlE5dzBdVk4AIwF2dgEPbFEAERaBW052OXK1AAcShTL2WVZbMYgFHJAAFVUAAgBZSfXiGN3E4iR1xKRYYipYVCp1gHFNlYBqRJfC%2BgiIXgz2sbVYAHp-gxgdgNAI5F0PMx-pN6o1-nEEslUvQIGUAG6sabggCe3GWJESeAAPoIRBJpLIOuwSrpOBM2HAYvQGdEkKEIAAvaIhEBqXRtHz0EZlaxwRKo9isDycMAlGbwQCqUYA1qNkrSgeMaZWYmR8xGIqAAvkA&is_gif=1
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.79.132.3 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-type: image/gif
server: nginx

GET
DATA 200
OK truncated
/ Frame 7672 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6D25 0
515 B 253ms
82ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 pubads_impl_2021031801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 01F3 286 KB
100 KB 59ms
58ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 08:39:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102478
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame C0CC 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 108861
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A92 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 108861
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ Frame 01F3 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 01F3 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 01F3 30 KB
11 KB 141ms
140ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3239297725891981&correlator=2520334366495363&output=ldjh&impl=fifs&eid=31060522%2C31060529%2C31060321%2C31060367%2C44733567%2C44739387&vrg=2021031801&ptt=17&sc=1&sfv=1-0-37&ecs=20210323&iu_parts=225677396%2Cstorm_content_FB2_336280_scupassback&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie_enabled=1&cdm=storm.mg&bc=31&abxe=1&lmt=1616462870&dt=1616462870300&dlt=1616462869645&idt=646&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=815&adys=4599&adks=2667770676&ucis=1kom6ckvv5jv&ifi=1&ifk=3068183849&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&top=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=879561936.1616462870&ga_sid=1616462870&ga_hid=1764941968&ga_fc=false&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

55d340e50382b4950b07461c01b039505ce003c3f30fec9779337eb7f9ac7d32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11253
x-xss-protection: 0
google-lineitem-id: 5325495111
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138311040986
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d5f4a27e2f4553f89373925ec6dccf16.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 01F3 0
0 57ms
15ms Other
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d5f4a27e2f4553f89373925ec6dccf16.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 01F3 0
0 7ms
6ms Other
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame C94A 35 B
463 B 39ms
10ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEB3BFcbh_gN60gcPX8GTils&google_cver=1&google_push=AQvitUKil2GJRpS9t4UaPDyLYRy6Y2gnFzy2gmiX_X1MtimwMiHwaXuwqIKGUvC0VuYvZBf4LKctX0mvZNIwywN8-_YnyysDAM4

Requested by

Host: 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
URL: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C94A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WEZLSUYyTzUxTG92UE01&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cver=1&google_push=AQvitUIZJHsNd5uTWtxrH9RcPMrAaGBi3YbzRlN-Lu4VuZj...

170 B
201 B

58ms
57ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WEZLSUYyTzUxTG92UE01&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cver=1&google_push=AQvitUIZJHsNd5uTWtxrH9RcPMrAaGBi3YbzRlN-Lu4VuZjqVVElSU0gHHGlUgtOb5j3pO2KisIo2Uf8mWeukzHq-zgPCMXWU_D0

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:49 GMT
Server: PingMatch/v2.0.30-632-ga311aad#rel-ec2-master i-018eb1938ecb3107d@eu-central-1a@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WEZLSUYyTzUxTG92UE01&google_gid=CAESEIS99soCtVf9yqCQMplp-3c&google_cver=1&google_push=AQvitUIZJHsNd5uTWtxrH9RcPMrAaGBi3YbzRlN-Lu4VuZjqVVElSU0gHHGlUgtOb5j3pO2KisIo2Uf8mWeukzHq-zgPCMXWU_D0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C94A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELHLNcRZiSGNP0V-uQspQ8k&google_cver=1&google_push=AQvitUL2Divhxh3tkdrMQbZmdy57kAyuixgk81PemCI1PxAL4zMx-DePjB7aS3RxBe1Nc6i3P8aksvmS703K54cZ...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUL2Divhxh3tkdrMQbZmdy57kAyuixgk81PemCI1PxAL4zMx-DePjB7aS3RxBe1Nc6i3P8aksvmS703K54cZ-BA8nrITooLd

170 B
190 B

55ms
55ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUL2Divhxh3tkdrMQbZmdy57kAyuixgk81PemCI1PxAL4zMx-DePjB7aS3RxBe1Nc6i3P8aksvmS703K54cZ-BA8nrITooLd

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 23 Mar 2021 01:28:37 GMT
Server: MT3 3611 f10363c master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AQvitUL2Divhxh3tkdrMQbZmdy57kAyuixgk81PemCI1PxAL4zMx-DePjB7aS3RxBe1Nc6i3P8aksvmS703K54cZ-BA8nrITooLd
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Mar 2021 01:28:36 GMT

GET
H3-Q050

200

pixel
cm.g.doubleclick.net/ Frame C94A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJa-O9ow6WTLLjm5LNUYWcw&google_cver=1&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQmsdk...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEJa-O9ow6WTLLjm5LNUYWcw&google_cver=1&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLz...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1NjU0ODM0ODQ3NTYzMjU2Nw&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQms...

170 B
190 B

57ms
56ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1NjU0ODM0ODQ3NTYzMjU2Nw&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQmsdkLfnxjgBqBAHxaUue8u3O

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:50 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTA1NjU0ODM0ODQ3NTYzMjU2Nw&google_push=AQvitUJIWkaEOBSbZMHmQR04DF_dBBpS5b2H6TCK50_RYTKwOnfzTgSekNa5JpfBfs2z-6vKbLzQmsdkLfnxjgBqBAHxaUue8u3O
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3-Q050 204 attr
cm.g.doubleclick.net/pixel/ Frame C94A 0
26 B 56ms
54ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IYTX_qsBBazH4vk8r0AgwaPVGvl0zrQsMsIjAndkpDOouoYLQw

Requested by

Host: 3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
URL: https://3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7672 80 KB
26 KB 23ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:27:50 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 138ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1616462870396&asid=5e7b346a41db963e5530bdd4&ofpr=&fpo=
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&copid=57173f460757bb6c428b465b&nid=59c9148628a0612da3689288&cocid=5e7b1f3a1565c6447b6a2624&ncid=5bc32475073ef4123906ff46&coasid=5be1502628a0614a8f0ee919&e=bid&cb=1616462870396&asid=60116da081b49b7ea9147795&ofpr=&fpo=
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame 94AD 1 KB
1 KB 57ms
56ms Document
text/html 65.9.58.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method: GET
:authority: img.scupio.com
:scheme: https
:path: /html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/html/ad.html?v=1.0.54
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: OrgKeyValue=CXR20210323092747853967; gx=H4sIAJW0WWAA%2fxNmYGDg4ubYcf3I9zkvt1kKsAqxcNgLMAEAEmUCtRcAAAA%3d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/html/ad.html?v=1.0.54

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Tue, 23 Mar 2021 01:20:16 GMT
expires: Tue, 30 Mar 2021 00:31:00 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: yOOMdBq-5I3pBXLZrRW4gnr_G7ekDF1JfVvUEYeyNjmkLe5xZtAtUQ==
age: 3410

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame DC7D
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CXR20210323092747853967
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
581 B

1283ms
332ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 2673
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

242ms
63ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://img.scupio.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date: Tue, 23 Mar 2021 01:27:50 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame DC7D 44 B
107 B 9ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.54&rl=&if=true&ts=1616462870476&cd[SBST]=1&cd[PuID]=storm

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3D30 0
0 85ms
85ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv66Ihvt48xszF4oFXzfWiXPqne4w6u9Hc_tKIP5CoawKmcBIoZCptA2TXb-xkuS_gY8IeaGLPUU21g47orQTqsuZKJyA7XRwY0_G2tA_AKl72EwKQ_fjD6zf37DJ7JxupNNQ-eU8fq6rL4LBNrabaezHWYsnM2Ni-sEgCmn6MBk993lE9aIJe_ufzrmlvpRrm9eRZPy300silafYmZHmqQWgH3EAgU5530taQOVihQFF0LnB0VX3fKD1RVuH3nRpmmPrfWrp3XHQQH52rbWc0N5jAQG5vBvyeGIo0FwOn3Nk1hkkTT1amGqXc&sig=Cg0ArKJSzOeZ2Bj9rXGkEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3D30 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a1028b3bbce02d8eee1fd402b83d9f26fe3f2ba9c2d0cb0b968c2aa05cdf466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6587
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 681D 0
0 84ms
84ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubS-6_PRDlIfV1IBo3mIiluW8W2v7MERqMUIFwIaJcfR3CsnDLXgYCKCzfKpsAG3AYQN1A_8AQw1mKFT5L9DN1WLAKORSM7wOUxzenaToy_kqy47HEkPiJAkaLKMcehphRoju8xxIDp55qiNruyJVZ3tfZPyXkGmd2X29QBK6x9ytGEMEgXCt1TN0jS4_CxgiJwHWbHE7c9CGAcaBXn97zywsN6j1T6CpM9cNacKNaS_cvNE89bmVCGc_1jLKc2NpzbcUTiUuvhjaTlrqqW8v5yGMNmpN3VV3mpVNrWOR7waMvOVQBDHyzFPHivb-1gJ8TcArLw0w&sig=Cg0ArKJSzAaJqbxF5VyBEAE&adurl=

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame 681D 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:25:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 681D 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:17:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Apr 2021 01:17:52 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 681D 117 KB
36 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 2215713340812315698
tpc.googlesyndication.com/simgad/ Frame 681D 34 KB
34 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2215713340812315698

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1be014f1ede7b0777e12a035a62a8c762f99a74d404cc1466162687a8da207bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 04:11:14 GMT
x-content-type-options: nosniff
age: 594996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34902
x-xss-protection: 0
last-modified: Fri, 08 May 2020 09:38:28 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 04:11:14 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 01F3 73 KB
28 KB 57ms
56ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 01F3 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e498b88591c195aa2e1c7ec355a549ee3198e679d2bb951dafb5c1c379cdfb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6479
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 98E4 330 KB
114 KB 64ms
38ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0853 330 KB
114 KB 76ms
52ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8281 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 108861
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8022 0
150 B 28ms
27ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.storm.mg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.storm.mg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://img.scupio.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1570
date: Tue, 23 Mar 2021 01:27:50 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 7672 80 KB
26 KB 16ms
15ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 24 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D30 17 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 01F3 17 KB
6 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031801.js?31060522

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
DATA 200
OK truncated
/ Frame 681D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eee730a9d60a81d5e5126638bc53085c810e09eafdf432eafc5bbbc09cba16c5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 681D 0
0 90ms
89ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_yjDze-uhwDq2mwXi719v4y4qqjZOatZ26R3tsw7wHQGoKnuur50qwcNdXh9eJpsSZvRurBayaOhQxwd-AYShrEXEtUFFjaBu3a483fHU2IqLlyY3J9oT-1TGFQPAFxgHD1QZZYrFD2ISZLFUsCQTKYbZanNSj671Wvu6fK42Mas5oqs63517OSn1e1Q_8nPSr67QUDhFcspPG6z1AwjIUIcBtb7jxKjksrc-O9hvBszWnpLJ1hvBqpIEi6I6uvdWKNmhbDxUYGjsrCStxjhCNsvOVZGw7IxeAJ7Swl5YyCg_mjx0F40HMXfde-hJmbvhw3nFlGtfJQ&sig=Cg0ArKJSzJ_Hzc5ZT4TLEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 23 Mar 2021 01:27:50 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 34C3 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11036
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame A358 576 KB
188 KB 59ms
41ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 22:19:46 GMT
expires: Mon, 21 Mar 2022 22:19:46 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97685
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0853 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:51 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0853 107 B
146 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame AA55 576 KB
188 KB 33ms
32ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 22:19:46 GMT
expires: Mon, 21 Mar 2022 22:19:46 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97685
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 98E4 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:51 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 98E4 107 B
123 B 18ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5AE1 52 KB
17 KB 181ms
78ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Wed, 24 Mar 2021 01:27:53 GMT
Date: Tue, 23 Mar 2021 01:27:51 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5740 37 KB
14 KB 164ms
55ms Document
text/html 23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.storm.mg/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:52 GMT
ETag: "13006b6-94f8-5b232eca8cf5e"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=75849
Expires: Tue, 23 Mar 2021 22:32:00 GMT
Date: Tue, 23 Mar 2021 01:27:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
https://pixel.advertising.com/ups/55986/sync?uid=YFlEFwAAAIbUHSrK&_origin=0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFlEFwAAAIbUHSrK&_origin=0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e

0
976 B

60ms
60ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFlEFwAAAIbUHSrK&_origin=0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55986/sync?uid=YFlEFwAAAIbUHSrK&_origin=0&gdpr=0&gdpr_consent=&_test=YFlEFwAAAIbUHSrK&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e
date: Tue, 23 Mar 2021 01:27:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBmYmJlZjZiMy04Yjc2LTExZWItYjQ4YS0wMmU5ODU4NTQ5OGU%3D
https://pixel.advertising.com/ups/57304/sync?uid=CAESEIRERlfth7OwSPNAa55u5GQ&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIRERlfth7OwSPNAa55u5GQ&google_cver=1&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e

0
976 B

62ms
61ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIRERlfth7OwSPNAa55u5GQ&google_cver=1&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEIRERlfth7OwSPNAa55u5GQ&google_cver=1&apid=UPfbbef6b3-8b76-11eb-b48a-02e98585498e
date: Tue, 23 Mar 2021 01:27:51 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd

0
124 B

60ms
59ms

Image
text/plain

18.197.47.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55953/sync?uid=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.197.47.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.advertising.com/ups/55953/sync?uid=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 369

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3440 12 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11037
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 48CE 31 KB
10 KB 60ms
59ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12682
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Tue, 23 Mar 2021 04:59:13 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 37DE 31 KB
10 KB 62ms
61ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12682
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Tue, 23 Mar 2021 04:59:13 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2673 31 KB
10 KB 119ms
59ms Script
text/html 104.108.50.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=12682
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9441
Expires: Tue, 23 Mar 2021 04:59:13 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E8A3 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1610
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 02:01:01 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EA74 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1610
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 02:01:01 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 48CE 284 B
536 B 50ms
50ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 37DE 284 B
536 B 85ms
49ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 av Show response
ad.doublemax.net/adserver/ Frame 3AFA 0
153 B 950ms
311ms Script
text/html 13.112.166.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.doublemax.net/adserver/av?p=9035:30258:85886:e3f3c7cb0471f2b7884a0d076f82d94c:6893&type=0
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/av_old.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.112.166.41 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 2673 284 B
536 B 107ms
51ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 5740 3 KB
4 KB 768ms
88ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66582223&p=148803&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 18905e2e177868a53b2769a0ec6e86fe3483b8cbbf43db321ad9391b04eebbda

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:50 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 5AE1
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
817 B

51ms
50ms

Script
text/html

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:51 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid: 20e539c9-e5cd-4f5c-9489-813e95f85e42
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:51 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid: 96fb4d7a-1796-4550-9f3e-c2c870b2add7
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 aae8902985f70aea661cf8023f85fcef.jpg
cdn.holmesmind.com/image/6893/ Frame 3AFA 95 KB
95 KB 30ms
29ms Image
image/jpeg 2a02:6ea0:c700::1
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/6893/aae8902985f70aea661cf8023f85fcef.jpg
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d605b8016e96843b147169071b1b1442b000a65f71a0cd4b3a7164d4fc9dc282

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Tue, 23 Mar 2021 01:27:51 GMT
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-77-nzt-ray: OvmZaf9eqto=
age: 951
x-cache: HIT
x-age: 321
content-length: 96959
x-77-nzt: AcO1ryzID6TvQQEAAA==
last-modified: Tue, 16 Mar 2021 11:01:37 GMT
server: CDN77-Turbo
etag: "421a434546050531bdb55b4faa802c13"
x-77-cache: HIT
content-type: image/jpeg
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: -NiRcBF7OpbPdjCrJze5vBOv44kMfpkjP1wydFWbbR674quwUKimKA==
expires: Tue, 23 Mar 2021 01:32:30 GMT

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 3AFA 0
77 B 314ms
314ms Image
image/png 3.113.254.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1616462869&p=9035:30258:85886:e3f3c7cb0471f2b7884a0d076f82d94c:6893
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.113.254.193 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-113-254-193.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 34C3 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 108862
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3440 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 108862
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC3C 0
111 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=1297403516770945&bg=!vL-lv_vNAAbUo7L91KM7ACkAdvg8WrNUC8E0Zy5oW5SO7pOJCOezjU-xN2HpQWSdX_fFbT9A2Sa76gIAAARGUgAAAEVoAQcKAEiHgcsc_F4vqcLJ5u3tJ6p1SYJmRnobs1EIVrAjuP4Qvh1ftatcHGJrgeYregCHJ22cTNZQ75FIn8FJ6ObSAHQ22Rvn1lkOHAuZAekblHgdaDZ-a4PA7b00KzfW1UGXai6RrUSR5-b3JC9z8RCMS0rMkcnFGGeG5uReMqvcC4UTSmbHTQo7iOGhQf0B94YZvfiPpOfjzFKnUgGIxqdZRd-qvxIKqW06fXYefnG7EXbO52Inkm4rd0RCKoi3b0gyY-7IGW_DZMA_1_GapAw2pfEAiy8K_OleD4_C1Bs-8qiJqWpZGCIzecLM0gk4AtZagFVz6xyzPgo1KhijjBrwgCkcE9vbI3PJ-ZEpvJmGGz_JhuCPr736706nTWFyPp9HS2b6ojb6_vzVBPwX-jy7LbI6BC545CLD6FHsdH6r2obPQQTRRR8qu2qgyRvWTJy-gvXkZUnN_aYx0J0XzC-bUlFgmEnJmeKD39p6MoHFnSwK1hsDu1e5lwYt9yxHEgf2A5Cqa2rq7DvLjK-RLGinZcvq0huLnnEk5Ym-qA_fJHCZWb-o8S7tualnEca_N0Zv0NnB7zZoE9zaPmm9MM4uhyY8yEIMYL5HzE8RMNlSSUOAjCL2qPzcd9SCbzxsAR36rOIxO6IQ8OqGVC9zm64LrQFvnUXiqjLWERHe7LntkjHR93wwdo8wn5DntYnFNfS2VeQdL4Mxx14LuHnPQk4V7tXdNTdJxX74HXYKgbbIdL9x3aNC-yc

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8175 0
23 B 43ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=3791733844364843&bg=!lpWlldHNAAbUo7L91KM7ACkAdvg8WgqZd0NnIWo8g1AakDTQo5fkJOupbYQ2oevkN1IaXGdP-6SZfwIAAARUUgAAAFBoAQcKAS06-1q0PnrVVFUZ-33kAC75FrkPSsXwtX0PxMuXUfAnOIaiOA4yK1URg5kHowwKqWHEpD8Dj2tVWoxeGrQ9lIDG_gG8zmN6pEuUUH3hZPdpVHMRuPyT7ogGr1wV1Dt0RZF4_NsPLqrmNBLfJZSXoydalrGstdGP-reB8VChK_KDvTffgXfsPOSbZ5hbrnoVaOAsWwH86n6bVythpnLnZOY-ip-P6-V1LWDNHorbKV_Y7N-iz_abKPF837iztBBJi4mkPbp4XBc504Nv8NnfQfOUSwW5nlwI9FDyoudyYWxS2o8C0Kh8H3lL48wQpDnxZ-rfq4KHwFKA9h0cWRGYb2VTwkYXB4w1NdCyUriphog842YEzOLBFMmtvdlVoCvZPiMP99NZCozz1IkVpzsfmQH98EGtiyn0DdlJ6-RuvK37Vd1GFZ6svdiFkDNglKihDBTigQXeTeLZtg0azJ5fNejCdl3Hljr5TWXXfe32wSHpN1jHxSW_WEzpBVVqtgOPcXkqJOd5_4L8iaMQ2Pez2X-y6N02a8trgniqdgVPGnTU07LehYcQ49v1GoyNmn8FX8PemCAX88nG0RIaKRUkR4cJR5jMm9m9naulr-d5Ni133NqOqaLbZ4KWnOCeU-51r2mGErITOOoA5PUKOHHGHIFMuK9TtGdYjYTDjQ2GkxoCH3V9J1zTm1PAHK1r47GnPx1T6X1qMsDqu548RRR0puDfNP2fVxHwhNlZISKTUZxT2jQDRdcK9hyvk6vmYqG1w84vUV3vAhEd1VI3sNlfKCGrI1wN0Tog_kHPHNrToeMABwzxjBJcDk1ZJI3c8y4PqOeOfW2DRR3cqOCXS9wVAa7bSxsL2v5Pwh63sb6iex2jCBsWqcnaC3DXYrvVVg-OdpMly6pIZa2NAzPiyZgVBOZq7XUf1AM0I33fYxVBRMFDdSsVefwYgEj_70Tq3qDVv1c-BQPe676yDqCbZ0ck361xX0L-JMhGNSsYIBiOr-E5wwD1jKoYyYwb9xfHIGDL1F4kxwaaTuDhU7DruhPAqKNv7c6VdY4cPfOW8YbghqpilEoV_rp_347n1ThA1C0

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 520x250_8.jpg
s0.2mdn.net/dfp/354556/4906259910/1616030027317/assets/ Frame F2D8 91 KB
91 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/assets/520x250_8.jpg

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e15e8a8c83cf3cf04ada9b65867b776be8a005fa08189b61900bcc347aa56e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 08:54:21 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 Mar 2021 01:13:47 GMT
server: sffe
age: 59610
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93396
x-xss-protection: 0
expires: Tue, 23 Mar 2021 08:54:21 GMT

GET
H3-Q050 404 Big%20%20Banner_970x250_2.jpg
s0.2mdn.net/dfp/354556/4906259910/1616030027317/assets/ Frame F2D8 43 B
124 B 7ms
6ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/assets/Big%20%20Banner_970x250_2.jpg

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:19:29 GMT
x-content-type-options: nosniff
server: sffe
age: 502
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:34:29 GMT

GET
H2 206 fund06.mp4
videofile.stormmg.com/ Frame F2D8 256 KB
0 40ms
13ms Media
video/mp4 2606:4700:3037::ac43:9427
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videofile.stormmg.com/fund06.mp4
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1775
Content-Range: bytes 0-4419901/4419902
x-amz-meta-mode: 33204
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3W8P9F3JES642070
x-amz-id-2: 0SF1AJtTvvwSndADS3Yh0fHaMq1cRJSaFp9vuJ75wP2/vgkgC4OpnmrdhKQA4OW1BzyYNCxiy9k=
x-amz-meta-uid: 1007
last-modified: Thu, 18 Mar 2021 01:06:43 GMT
server: cloudflare
etag: "910dfa3635c4d570edd87bb115c4ec92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8uZNCy8WlE89y9fsKygxJVkxAZjUa0vT%2FimRPsKKxdftz9txWjVnUGWy34bGwTeb%2Bhpqm0MY6tjP7XvyB4Apd6sNqIsT2rHbHCL5q20R3FdOJxOhRSOENWTDD5BoQGFGhvc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-meta-gid: 1007
content-type: video/mp4
cache-control: max-age=691200
cf-request-id: 08fe4b141c00004e7f50819000000001
Content-Length: 4419902
cf-ray: 6343e13359604e7f-FRA
x-amz-meta-mtime: 1616029601

GET
H3-Q050 200 dev_studio_latest_videomodule.js Show response
s0.2mdn.net/ads/studio/ Frame F2D8 14 KB
5 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/dev_studio_latest_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/studio/Enabler.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5779a219232877fb6ef864e31dbfbc8fefd2d8390cb58778882ad93b361ae9d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/354556/4906259910/1616030027317/%E8%B6%85%E7%B4%9A%E5%A4%A7%E6%A9%AB%E5%B9%85PC.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5095
x-xss-protection: 0
last-modified: Thu, 11 Feb 2021 01:22:48 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Mar 2021 01:42:09 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame A358 156 B
752 B 341ms
236ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1639267460880428&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2655659892&sdk_apis=2%2C8&sid=3F07C3B3-7F13-4A68-A26C-F642745F6719&eid=21061824%2C44729227&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=1616462871749&cookie=ID%3D817e912e868094f7%3AT%3D1616462870%3AS%3DALNI_Ma8JwBjlwWc-RrxhF6jcBIpYjptmQ&scor=3320731184178525&ged=ve4_td2_tt1_pd2_la2000_er1272.325.1425.625_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame AA55 156 B
185 B 326ms
236ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Aniview%2Fpreroll%2Fsyndication_7&description_url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=859403303957962&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2738054009&sdk_apis=2%2C8&sid=905F3560-98FC-4419-92DC-17ED670C452D&eid=44736153&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=1616462871766&cookie=ID%3D817e912e868094f7%3AT%3D1616462870%3AS%3DALNI_Ma8JwBjlwWc-RrxhF6jcBIpYjptmQ&scor=207336839587466&ged=ve4_td2_tt1_pd2_la2000_er1272.325.1425.625_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 fund06.mp4
videofile.stormmg.com/ Frame F2D8 60 KB
61 KB 15ms
14ms Media
video/mp4 2606:4700:3037::ac43:9427
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videofile.stormmg.com/fund06.mp4
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81fff03f0694c84bf34cee70056c87edafd68d4315e0a087bb5de6ad67bd1a0d

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=4358144-

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1775
Content-Range: bytes 4358144-4419901/4419902
x-amz-meta-mode: 33204
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3W8P9F3JES642070
x-amz-id-2: 0SF1AJtTvvwSndADS3Yh0fHaMq1cRJSaFp9vuJ75wP2/vgkgC4OpnmrdhKQA4OW1BzyYNCxiy9k=
x-amz-meta-uid: 1007
last-modified: Thu, 18 Mar 2021 01:06:43 GMT
server: cloudflare
etag: "910dfa3635c4d570edd87bb115c4ec92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P4tuPCE2KwyOHxIQ1DrrDrYfnXgEs0hMVAIrpOSVdWrYBiEPLVO5Sq8C8WAqwX0f%2BPLsc6LGbS9FI0rdZse7u0i6RGoxzkGX1b2mHhAzDjd53eqaYayEn5CMn1ducWJZDVM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-meta-gid: 1007
content-type: video/mp4
cache-control: max-age=691200
cf-request-id: 08fe4b14e200004e7ffc83e000000001
Content-Length: 61758
cf-ray: 6343e1349ac54e7f-FRA
x-amz-meta-mtime: 1616029601

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8281 0
23 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6WehFERZYPjuNpmZ-gb_36I4AAAAADgB4AQC&bg=!kpGlkdXNAAbUo7L91KM7ACkAdvg8Wtt4Y_rGixNZeDr7tpF2ruCu2H1kWynso6hkXfEJI-tJgQqXhAIAAAKYUgAAAHtoAQcKADTgPBISZPhswYgvLXaMbZ9SoAC1pF_PVlKzS-4vAWM8xMtCHQ8ptTUF4S-DyWsY6_5PzViWmQLAyM-o3qbqMZ4l4za0D7eZcYKqODqDYbgN1FB88_seEKv0j7NvieNozk7jM5Ke1Squ-553dEA88LxEnSdVzwhD1h_zUNnXf0QuBbTDuefzDYmM3c_geKgXM2bAJ_Sj96-cfBUrAj0-jwVVp16FqueUErwO-szgErcQDmywTV7Ec-TxngyHUMy_sqmGTFTbqGqLJhrsMlErj2B8UwfuPQUgh6UDKD4LLmqR3v_siYtgejxogUTGal6dMdQ6rjl--9-cnd8hbGOMPlXj-7qJoe7Wq8P5DvSjAouV6EaUptdYU7Dnh1-8bxviflUFqapgE3rqoe1e8U-W3X619ACQH2EFwCNwSJF9VR2Tv3o1zaUQCg8_BbirgdnBEHL_lw1D8InW2en312Y7sW05dWWCQeHToMGmJefCIAz0FOYTJo0EL4MrZCyuRhXPOBr_D5g4h1wTkyQr22VoPbtNllMPTlaqgEU64lh4SQrEWvtzUcQR4TyXQJg3X3rMGjWlgnnIKqJf2oOWp5kmLE-EkXQHfMXndL_Yiejce7FFSk_XpjBDEFrHKNlcvMOYR2KFeS-zc-6YAm4CjbioLPIIwxb3mtJUlOPdxk2yIB0-B3NJzVJgaqr4Mtguq0s8DGAZeH1SgMc8QinTnt8gFDXO4QcbFb26filWkwPq_oiEpyQViLmEeSyz9vu77CnKJzavaHfDmKkS6ieGQtFna8EQBeL0M9DLll9g1fOM10Xo_fVu8a10k04pwU9TB65Hz-EoSSeNi6cfHbUDO4BZVdPYg95egUAFF9G7CzKRNZDlt5HsfawbkxfpIv24w36xePpyk2ZtkK8QiEchuLWDCmig7JID-5GnBuYJZgafzELDtNfTHEkTA9mDrv_ZoLvj1TWL4_qLA6W9I-_nAftjcWOrOiLL4hh_x2OE_diTFU28lWiH_BcAdLU

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 fund06.mp4
videofile.stormmg.com/ Frame F2D8 4 MB
0 11ms
11ms Media
video/mp4 2606:4700:3037::ac43:9427
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videofile.stormmg.com/fund06.mp4
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9427 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=196608-

Response headers

date: Tue, 23 Mar 2021 01:27:51 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1775
Content-Range: bytes 196608-4419901/4419902
x-amz-meta-mode: 33204
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 3W8P9F3JES642070
x-amz-id-2: 0SF1AJtTvvwSndADS3Yh0fHaMq1cRJSaFp9vuJ75wP2/vgkgC4OpnmrdhKQA4OW1BzyYNCxiy9k=
x-amz-meta-uid: 1007
last-modified: Thu, 18 Mar 2021 01:06:43 GMT
server: cloudflare
etag: "910dfa3635c4d570edd87bb115c4ec92"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r9hh12w5Ut0dmAzlA5HELXDXtyMEwkyQ8FSrcqZshRWfwwY%2BJZdONVs53cO6as8pGhFxkxl50odDkINdL3rP8gaYPa5DyfnKOfJUbJiPRJpHAwIAe7KrEoLSqy1vRjDVckM%3D"}],"group":"cf-nel","max_age":604800}
x-amz-meta-gid: 1007
content-type: video/mp4
cache-control: max-age=691200
cf-request-id: 08fe4b156100004e7f4bb49000000001
Content-Length: 4223294
cf-ray: 6343e1356b7c4e7f-FRA
x-amz-meta-mtime: 1616029601

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D30 0
46 B 40ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031801&jk=3955627612180477&bg=!WVqlWh7NAAbUo7L91KM7ACkAdvg8Wusht7F7rqlO6iBVba5X7weVvBtDe-LnhKimia5vzUpb6le-WQIAAAHTUgAAABFoAQcKAL63-OQ76KpwQDxL3XwduuOaw0vmq36p4Ww2ow7Om7cW4MGCNUBwfrrvFFSguzuxKessXIPjsEuFDcJMEf5n_sStYNOI7ngUr5LRpLA0aVc2HzdWBLviV1IIWySftQkcAdWy-acJ0FQ3vEWV3CJxevBuzKvEivicQz9JFMJyApTivVZE73yuz_Iy8Yveq2Hi0QJLP5BK-TFcCtmdtsT0konvxx6FZFrCfaSbJy_R4xqIVG3lsiYYi7FsoWWdwBCQmQHYWgnvmdJri2hqRlgILKkUi4v6NRXKdnoAltRE30vz6eZHwq3QhoQ590gOa5k6ul6LhlINSKXplT31hP0bif9Mh2KKwn2976bYXbMF6whTR5Bb7MeKl-bq8NJDxCFzV0YdDDXyaer2HhgREmNqpjlC6ZqJIGRIt2QYGAMFW5OtJ9Xtw5wFxJ46BBREKxMYKOti4Fn-oz2IbUxsXhjejLT_gvnSJesA9zm3IHrsEvkZYJwMVjurNl-7nXDouoBMFg7-FSxQiEBX4nY630sn9E-vq7ap5t_YMZ5G2SGP9TUpRmtzRDs5n1yJXzA2kcp38Udy1h1_XiFKv-CWQgv02eQEBJS6HusTblURs6cCfdxOifRAw_aHNGAC-CoUFMeDec2Ar1DqCQ1BPbn_MV1CxJZMQP0j2P3-kGaduBD0Eq0ozlkW1lE3YMesgB2X_HAfDAc0cEmuZXRhaTNzmNhP7lnU3u8HhiozK7LZbnWGkMEPSnVQ50-4crD4a03OLau4aPuNSLHMmWx9CSXfOC_SaQV1rWpV8sgrYqtRK_rGeUYAyqU5X5hGD2Y8B1wy3QOr51FIcnsEHzKX-z2ItdEOWq6fMWM7vWaZtkD2GrASBsk0WG5pokArJ2FP7g

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01F3 0
23 B 43ms
43ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031801&jk=3239297725891981&bg=!TU6lTgrNAAbUo7L91KM7ACkAdvg8WnktQvOe7mCJ15po8QvB2bhBhdpjYNhH2EZ_x392j3gT8YYmRgIAAAFzUgAAABFoAQcKATeW-LwjWQ3GZnSuFU7gbJjSe-wJDCed3H5J_qiK2tno8e3JYuyQvSEBaMrfrGx1MjAu-0qqSGp2vizERYU7zyhgguFp8-ih4M4vivOAp1zSFYwNqDSE09iA5lDUDW_qelzkeYbOLqp8HNoO7kyJvXr4oqFRSZeH8W6cOdIqhHRh-Ft6QQzsZx9MzVdijcckbmER83SGuSDtesc2WlVTjJ8848OrrzwB7G0Q38diMVsX0b8THdoH1DybPIjxNSMs3mXw8fgSqogxCZPadFvL7vJ6E0hbe0b1ymzNJk9pm3946RU0oN1PEZbFnIEenQsGXF903-5ftXPxH2jdeHi4z65Q0MF-ktpEG0a2DiQjRKok-b-pR9DkG5xhgRBPf4f4XsFkUBRL18dX-uCEEL3KKI8X0bQqO35fTZkB9AScZ_biZyPt2POJjoySkrpXGfFr_ZOUFoBZtl8WeLsGszpwm8m96Ik5A4giN-fOoLmQwIFI-rxaNtRyN3FYVjjwgDmOI6tu4UzX68p1IEqT-Qc_Qiv-J16A2QWJRR_7mPE0NznIpnv8SPgiyS3ehvOKU-6-NrAvALW2-tqhQ0-6KmYKR5AaP8MICBivDm17_jsDmhL-WDNEcFp5-ajBCu0jW-52Po1A7Yaj7FGzC_JrPOjBiEIvmX_hCGi0De5uRxv0Azr9J4XKhm9lLQNReNycAbii1sKwIeS8O4pk48VHTc27GabFifcIV_4ng0_VVURf_cNXuT2CSJIFYfqvaE12H4kt7Ld59VbDmQddSc__n-4hgMGjWYzg3leXEMx8KXj8t_YUWgrkjCZ4TXwyLTxZ84s0LUND-PEdBzjslhzu_ATLry78BagtDHoMmxPYEbL0BKSV-Ubau4oIWmFghHSTeXkaF5H90VUkOdqOlb8dJ9EZvp_UjxwRjvhqrFFhWUmnjVeksVA6TX0Vb9VGdXU63q23LaHnerc5iXUuXG8psrrjN5iHcsTXDbj1rajRTfY8sFv73Q4TNtyjsnAYt-m3BzD-oN2-LIZV3oGRxrDZwPrpI2oTGkQ-zAwZwMeoSXIXa-TqT4XsSBBS3MTM6aGbtr9M

Requested by

Host: www.storm.mg
URL: https://www.storm.mg/article/3553076

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic Show response
d5p.de17a.com/getuid/ Frame 2C02 35 B
134 B 170ms
55ms Document
image/gif 213.155.156.167
TELIANET Telia Ca...

General

Check archive.org

Show headers Download Go to

Full URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66582223&p=148803&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.167 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method: GET
:authority: d5p.de17a.com
:scheme: https
:path: /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

content-length: 35
content-type: image/gif
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame AA22 43 B
284 B 199ms
65ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=66582223&p=148803&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Tue, 23 Mar 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1321
date: Tue, 23 Mar 2021 01:27:51 GMT
content-length: 43

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5740
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=AK_L8095SMuoab7mbs1i9Q%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

147ms
49ms

Image
text/html

23.218.208.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.200 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-200.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=94560
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Wed, 24 Mar 2021 03:43:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame 5740 95 B
595 B 42ms
22ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6343e1378e5a4a80-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 08fe4b16b900004a8011979000000001

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 5740
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&sInitiator=external&gdpr=0&gdpr_consent=

42 B
604 B

114ms
114ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
frontend-id: 10
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
frontend-id: 0
location: /pubmatic/1/info2?sType=sync&sExtCookieId=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&sInitiator=external&gdpr=0&gdpr_consent=
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

Artemis
aud.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&addseg=21

7 B
147 B

678ms
59ms

Image
text/plain

185.64.189.249
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&addseg=21
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:53 GMT
Connection: keep-alive
Content-Length: 7
Content-Type: text/plain; charset=utf-8

Redirect headers

date: Tue, 23 Mar 2021 01:27:52 GMT
via: 1.1 google
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&addseg=21
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: text/html; charset=utf-8
alt-svc: clear
content-length: 135

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDBBRkNCRjMtNEY3OS00OENCLUE4NjktQkVFNjZFQ0Q2MkY1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
505 B

295ms
58ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:51 GMT
X-lat: amspug019:0:423
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBkA7ZnCfpNP3xB1YT-A_J0&google_cver=1

42 B
855 B

238ms
58ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBkA7ZnCfpNP3xB1YT-A_J0&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
X-lat: amspug020:0:473
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBkA7ZnCfpNP3xB1YT-A_J0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 5740 43 B
609 B 2050ms
741ms Image
image/gif 159.253.128.188
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

bc.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 22 Mar 2021 01:27:53 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd

42 B
882 B

208ms
70ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
X-lat: lhrpug005:0:437
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a351d4f1-0bda-4b9f-867a-4fb1e2a087bd
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1056548348475632567

42 B
801 B

71ms
71ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1056548348475632567
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
X-lat: lhrpug003:0:489
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:52 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1056548348475632567
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71c56059-4416-4900-b420-fa75977ef632&gdpr=0&gdpr_consent=

42 B
946 B

139ms
71ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71c56059-4416-4900-b420-fa75977ef632&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
X-lat: lhrpug002:0:439
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Tue, 23 Mar 2021 01:28:39 GMT
Server: MT3 3611 f10363c master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:71c56059-4416-4900-b420-fa75977ef632&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 23 Mar 2021 01:28:38 GMT

GET
H/1.1

200
OK

Pug
image2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6621114705051675582&gdpr=0&gdpr_consent=

42 B
769 B

351ms
58ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6621114705051675582&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:50 GMT
X-lat: amspug002:0:370
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:52 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid: 34d7c8ce-865e-4d2c-9585-1ce72c899b5a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6621114705051675582&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
https://x.bidswitch.net/sync?dsp_id=59&user_id=b85e7df5-ee76-4832-92ae-503c4c35403a&ssp=pubmatic
https://x.bidswitch.net/ul_cb/sync?dsp_id=59&user_id=b85e7df5-ee76-4832-92ae-503c4c35403a&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e00ff582-7be9-48f2-9514-e3e00a5feb30&gdpr=&gdpr_consent=&gdpr_pd=

1 B
745 B

73ms
73ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e00ff582-7be9-48f2-9514-e3e00a5feb30&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:53 GMT
X-lat: lhrpug003:0:483
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e00ff582-7be9-48f2-9514-e3e00a5feb30&gdpr=&gdpr_consent=&gdpr_pd=
date: Tue, 23 Mar 2021 01:27:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 00AFCBF3-4F79-48CB-A869-BEE66ECD62F5
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5740 43 B
925 B 101ms
33ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/00AFCBF3-4F79-48CB-A869-BEE66ECD62F5?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame 5740
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=00AFCBF3-4F79-48CB-A869-BEE66ECD62F5&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-B.U3CHBE2uWSEdrBzNxV0ZQdTpn7ntI-~A&gdpr=0&gdpr_consent=

0
418 B

1265ms
58ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-B.U3CHBE2uWSEdrBzNxV0ZQdTpn7ntI-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-B.U3CHBE2uWSEdrBzNxV0ZQdTpn7ntI-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD Show response
ads-eu.v.ssp.yahoo.com/a/h/
Redirect Chain

https://ads.adaptv.advertising.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462872242&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageU...
https://ads-eu.v.ssp.yahoo.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462872242&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=h...

249 B
529 B

289ms
76ms

XHR
text/xml

3.123.55.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-eu.v.ssp.yahoo.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462872242&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1&a.y_rid=d2cb824a-3c28-419a-94ad-0f91a4190e46&a.is_yahoo=0&redirect_y=dHM9MTYxNjQ2Mjg3MjM4Ny4zMzQ0NzM6YXBpZD1VUGZiYmVmNmIzLThiNzYtMTFlYi1iNDhhLTAyZTk4NTg1NDk4ZTpyZXF1ZXN0X2lkPWQyY2I4MjRhLTNjMjgtNDE5YS05NGFkLTBmOTFhNDE5MGU0Ng==
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.55.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-55-203.eu-central-1.compute.amazonaws.com
Software: ATS/7.1.2.128 /
Resource Hash: 6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: gzip
server: ATS/7.1.2.128
Age: 0
content-type: text/xml
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

Redirect headers

strict-transport-security: max-age=31536000
server: adaptv/1.0
access-control-allow-origin: https://www.storm.mg
content-type: text/plain
location: https://ads-eu.v.ssp.yahoo.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462872242&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1&a.y_rid=d2cb824a-3c28-419a-94ad-0f91a4190e46&a.is_yahoo=0&redirect_y=dHM9MTYxNjQ2Mjg3MjM4Ny4zMzQ0NzM6YXBpZD1VUGZiYmVmNmIzLThiNzYtMTFlYi1iNDhhLTAyZTk4NTg1NDk4ZTpyZXF1ZXN0X2lkPWQyY2I4MjRhLTNjMjgtNDE5YS05NGFkLTBmOTFhNDE5MGU0Ng==
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
239 B 59ms
59ms XHR
application/xml 52.59.121.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22250380&w=16&h=9&minduration=1&maxduration=120&player_width=640&player_height=360&referrer=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viewdeos.com,5e60bfad28a0610ba100c7c4,1,,Storm%20Media,!aniview.com,57173f460757bb6c428b465b,1,,Viewdeos,viewdeos.com&us_privacy=1---&GDPR=&cbb=6462872243
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.121.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-121-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:27:52 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1616462872245&asid=5e7b1ed1c4933477bd298304%2C5e7b352d1565c6447b6a2628%2C5e7b346a41db963e5530bdd4&ofpr=4.5%2C4.5%2C&fpo=%2C%2C
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 138ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&copid=57173f460757bb6c428b465b&nid=59c9148628a0612da3689288&cocid=5e7b1f3a1565c6447b6a2624&ncid=5bc32475073ef4123906ff46&coasid=5be1502628a0614a8f0ee919&e=request&cb=1616462872245&asid=5bf15ba628a06170a83106ca%2C5e7b6f63a0d1ec4dd8042bc6&ofpr=%2C&fpo=%2C
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 105ms
105ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:27:52 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 188ms
71ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 3B9A 35 B
266 B 427ms
146ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:52 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H2

200

cm
c.holmesmind.com/ Frame 3B9A
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

156ms
155ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:27:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame F3C4
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
507 B

153ms
153ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:27:52 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame F3C4 35 B
266 B 1153ms
145ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:53 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 5AE1 0
744 B 51ms
50ms Script
text/html 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:27:52 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: c9bbea32-e598-4f2e-a76c-1de39ddf91de
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK checksum Show response
api.dable.io/items/services/storm.mg/id/3553076/ 103 B
375 B 994ms
333ms Script
text/javascript 3.35.249.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/items/services/storm.mg/id/3553076/checksum?callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.35.249.226 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-35-249-226.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

1523cf82ab00d2a617761287189fe22bea60be2ab81ca76dca87ca762b870803

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"67-VnbJmpNuTJGZ6y7KxivqJx5/KME"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 114

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 415ms
139ms XHR
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Mar 2021 01:27:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 136ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1616462872717&asid=5e7b346a41db963e5530bdd4&ofpr=&fpo=
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3-Q050 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 54BF 330 KB
114 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:52 GMT

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5906 576 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 22:19:46 GMT
expires: Mon, 21 Mar 2022 22:19:46 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97686
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 54BF 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:52 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 54BF 107 B
146 B 17ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 9939 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1611
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 02:01:01 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5906 156 B
730 B 472ms
420ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4250127936677898&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2751314732&sdk_apis=2%2C8&sid=F2A496B1-14BC-4101-9943-BD3136DC9660&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=1616462873001&cookie=ID%3D817e912e868094f7%3AT%3D1616462870%3AS%3DALNI_Ma8JwBjlwWc-RrxhF6jcBIpYjptmQ&scor=2214382150587732&ged=ve4_td0_tt0_pd0_la0_er1272.325.1425.625_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 7672
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
49 B

153ms
153ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 23 Mar 2021 01:27:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 7672 35 B
266 B 729ms
150ms Image
image/gif 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:53 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK 9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD Show response
ads.adaptv.advertising.com/a/h/ 249 B
542 B 706ms
76ms XHR
text/xml 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462873499&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
239 B 61ms
59ms XHR
application/xml 52.59.121.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22250380&w=16&h=9&minduration=1&maxduration=120&player_width=640&player_height=360&referrer=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viewdeos.com,5e60bfad28a0610ba100c7c4,1,,Storm%20Media,!aniview.com,57173f460757bb6c428b465b,1,,Viewdeos,viewdeos.com&us_privacy=1---&GDPR=&cbb=6462873500
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.121.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-121-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:27:53 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1616462873501&asid=5e7b1ed1c4933477bd298304%2C5e7b352d1565c6447b6a2628%2C5e7b346a41db963e5530bdd4&ofpr=4.5%2C4.5%2C&fpo=%2C%2C
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&copid=57173f460757bb6c428b465b&nid=59c9148628a0612da3689288&cocid=5e7b1f3a1565c6447b6a2624&ncid=5bc32475073ef4123906ff46&coasid=5be1502628a0614a8f0ee919&e=request&cb=1616462873501&asid=5bf15ba628a06170a83106ca%2C5e7b6f63a0d1ec4dd8042bc6&ofpr=%2C&fpo=%2C
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:53 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 93ms
93ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:27:53 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 769ms
68ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H2 200 finance_data20210323.json Show response
resources.storm.mg/ 1 KB
891 B 1065ms
1064ms XHR
application/json 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.storm.mg/finance_data20210323.json
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16f075565dbec2932bfa4138d407c7867c53869e08c3564671236f899c5a7dbd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:56 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 23:10:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"ee1b5411f72bae61341d19059229bb2c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
x-cache: RefreshHit from cloudfront
x-amz-cf-id: G8Uk5IqVAIi8l2LXlLXyWGiiOdYRXpvGdfQ25jzJzLyQELLr6gkT8g==
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1616462874278&asid=5e7b346a41db963e5530bdd4&ofpr=&fpo=
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/article/3553076
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:54 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6DCC 330 KB
114 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:54 GMT

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8B2D 576 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 22:19:46 GMT
expires: Mon, 21 Mar 2022 22:19:46 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97688
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6DCC 44 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6DCC 107 B
165 B 18ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 74BD 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1613
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 02:01:01 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210318&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72edaf2009703651997e9a3c8bf2c09b38adea52a3dbbe3b2f1c9d5622926d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6477
x-xss-protection: 0

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/20419801/ 0
400 B 47ms
47ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/20419801/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 23 Mar 2021 01:27:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Fri, 26 Mar 2021 01:27:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:54 GMT

GET
H3-Q050 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8B2D 156 B
267 B 239ms
239ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=967378155623962&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=3383288387&sdk_apis=2%2C8&sid=004A2496-FF6E-4988-AE0F-0C8337FB73BD&eid=420706136%2C44729227&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=1616462874579&cookie_enabled=1&scor=423564047663096&ged=ve4_td1_tt1_pd1_la1000_er1272.325.1425.625_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:27:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1A9A 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 11040
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A9A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 108865
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210318&jk=4428478098213158&bg=!k5ClkNTNAAbUo7L91KM7ACkAdvg8WtTlqSkD8XA_h661rK56iOKoRsehZr9IzEoP4eTtOwFJek7rAAIAAACAUgAAACBoAQcKAY1bPHqKohYtAqoRnZg0-LxUtthlA7O3q5Dfr8dr6aA7lPnohqApSw6685GM2pPUny2Q40Zm5WVmC_0udIr8HO4gzPC46IVd1WHdvSIL0ktmUCodtdNT4LUH1b7Jd-UiHozrvaZRFpZRQrlAb5VCSJmvpQvgKIvWfMVmoyMcOl4u_gS0XgUKsak_tdql2OZ2L9kfkPW5WWAP7tvPhmbT6J08uiLHJWis-pE4va_wo4_mrDpYQ-L-uN7e5h5GPKhsBy7swSmmgWggUhJ1Cx4wQe4wSXHIe7WIjHiRZB_2tCtN-Tckb-av1oFljiijMc7S985B5gCxDOm-klVY9q8tsdKbj1v1Rh1Rci1KKWp1h39BnAx_5xpSSiYL2T7aVRPyjmzsSizBodpL5y9ae9ZyBTw-FZ3Xu0dPGS9NoyZOe8qrpkbULPmLHaaD0nk2HtfMWXJxJvXAWx6GrXo_LAGsjR5N0k19zJ51sqhD9oISBUyiC_R9LH19-m_dRjnjTltSliuUKh4WwpBPIXzXCBsvmQHUslKj2SjbnboKiNN3HcReGfQg-v2Pkef1oCKkJdVLENajJ7mWqRnXARTjE5yrKmt13Gi4kUwse4DRIEy4JlpfizfyU3UcMNjIJ-XW7Y5Nwclen_49d8jHu17bPtm_yCxJVgf2-540sG8tlcBgsMDEOlhBrzTvhMvP5WP_Xz1sD11cFEbCsX1pfgPDKo7ij4jUMiUNuZ9muX6woDB8kAO8KK352GfTFEl_JGkb2NKrqG1jF_VqQ3m5tfsoGQHJCiE54gKjhpnU3R8zuUBRFRpp7O1Dgx7iES9uIQoZB4-ygtPv0xbWTpA-6JMiQFe046IK41oBVvht0IskiJPTuHWQK9EcFTR8yWFtvR32Z_55aURxtdhXkDtaBSJuPqyu7RQlsdS60aOX-rdJEplnMYVLUfaL6gqwOpOsGjIbpFwZiA7nF7IRpU7nfxtArbXXayzLjIN963mrDyxd25HrtPN5ROE4-WCJBuYkgEMBlIFD78J9m-36D5fFFXSzVXX7_nSDA978DU8nGtPZlzQsYrnI5g2xjdq76cZnLqBC2GcHEg_niubRuShPYMkFJYzMOQ2baFOtACUdTkuABUcsA5DAX-f_NlqDCLeOpo8FuhvbLLoXUA27

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Mar 2021 01:27:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 track Show response
track1.aniview.com/ 0
93 B 139ms
139ms XHR
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Mar 2021 01:27:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame EBF9 28 B
191 B 17ms
17ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/228f3ac7/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw
X-YouTube-Client-Version: 1.20210321.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtWcHJUSFI2RkJJQSiQiOWCBg%3D%3D
X-YouTube-Ad-Signals: dt=1616462866686&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C200&vis=1&wgl=true&ca_type=image&bid=ANyPxKqUQe2kNyJbJKg_6BkVsPgPk9bnL4C38Hfc9BS3CzLNrw_WQa5c9f_a5LzbnM2y7wtinqJ2RM8HoMENTFlMmceGopnnVA

Response headers

date: Tue, 23 Mar 2021 01:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:27:58 GMT

GET
H2 200 finance_data20210323.json Show response
resources.storm.mg/ 1 KB
890 B 1018ms
1018ms XHR
application/json 65.9.58.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.storm.mg/finance_data20210323.json
Requested by: Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16f075565dbec2932bfa4138d407c7867c53869e08c3564671236f899c5a7dbd

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:06 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 23:10:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"ee1b5411f72bae61341d19059229bb2c"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 8arawVhruwJid-JvKSUvm-U6xBsypgubEJIwu6-9DObRUOd18TRnGg==
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD Show response
ads.adaptv.advertising.com/a/h/ 249 B
542 B 69ms
68ms XHR
text/xml 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/9s574l4Tysi3EN4NTS7vldCTLFN1UFF6+4UIan5+Z3LISQsQ3HhV8aDrdJaixbMD?cb=6462889847&gdpr=1&gdpr_consent=&pi.viewable=0&pi.width=640&pi.height=360&pet=preroll&pageUrl=http%3A%2F%2Fwww.storm.mg&us_privacy=1---&scpid=57173f460757bb6c428b465b&eov=eov&hp=1

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://www.storm.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 advast Show response
ice.360yield.com/ 27 B
239 B 61ms
60ms XHR
application/xml 52.59.121.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/advast?p=22250380&w=16&h=9&minduration=1&maxduration=120&player_width=640&player_height=360&referrer=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&vast_version=3&vpaid_version=2&video_format_type=instream&schain=1.0,1!viewdeos.com,5e60bfad28a0610ba100c7c4,1,,Storm%20Media,!aniview.com,57173f460757bb6c428b465b,1,,Viewdeos,viewdeos.com&us_privacy=1---&GDPR=&cbb=6462889848
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.121.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-121-220.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:28:09 GMT
access-control-allow-credentials: true
content-type: application/xml; charset=UTF-8
content-length: 27
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 track
track1.aniview.com/ 0
70 B 138ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1616462889849&asid=5e7b1ed1c4933477bd298304%2C5e7b352d1565c6447b6a2628%2C5e7b346a41db963e5530bdd4&ofpr=4.5%2C4.5%2C&fpo=%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 138ms
137ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&copid=57173f460757bb6c428b465b&nid=59c9148628a0612da3689288&cocid=5e7b1f3a1565c6447b6a2624&ncid=5bc32475073ef4123906ff46&coasid=5be1502628a0614a8f0ee919&e=request&cb=1616462889849&asid=5eef7527d30acd461e47f63d%2C60116da081b49b7ea9147795%2C5bf15ba628a06170a83106ca%2C5e7b6f63a0d1ec4dd8042bc6&ofpr=5.5%2C%2C%2C&fpo=%2C%2C%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
213 B 69ms
69ms XHR
application/json 3.123.110.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
828 B 150ms
50ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f30a005ceb6d203f8f91f5ab1cdeafc78e65feb03101de31a24df75451a4f55a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Mar 2021 01:28:09 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: 1c9e7e70-2133-49cb-8465-c351133e1116
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.storm.mg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
58 B 111ms
111ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.storm.mg
date: Tue, 23 Mar 2021 01:28:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 track
track1.aniview.com/ 0
70 B 139ms
138ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1616462890025&asid=5e7b346a41db963e5530bdd4&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 137ms
136ms Image
text/plain 34.237.155.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=40374&t=1616462868&cip=194.99.105.99&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=1&aafaid=&proto=https&uid=1616462868053-915114750161-022002-010-003685&cha=0.7&cb=20476908897&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&copid=57173f460757bb6c428b465b&nid=59c9148628a0612da3689288&cocid=5e7b1f3a1565c6447b6a2624&ncid=5bc32475073ef4123906ff46&coasid=5be1502628a0614a8f0ee919&e=bid&cb=1616462890025&asid=60116da081b49b7ea9147795&ofpr=&fpo=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.155.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-155-161.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FDAC 330 KB
114 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:28:10 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8EA2 330 KB
114 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116759
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:28:10 GMT

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame C4FB 576 KB
188 KB 8ms
7ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 22:19:46 GMT
expires: Mon, 21 Mar 2022 22:19:46 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97704
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8EA2 44 KB
16 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:28:10 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8EA2 107 B
146 B 16ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 bridge3.447.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7D18 576 KB
188 KB 6ms
6ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.447.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.storm.mg/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.storm.mg/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192496
date: Sun, 21 Mar 2021 22:19:46 GMT
expires: Mon, 21 Mar 2022 22:19:46 GMT
last-modified: Mon, 15 Mar 2021 15:51:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97704
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FDAC 44 KB
16 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 23 Mar 2021 01:28:10 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame FDAC 107 B
123 B 19ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2055 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1629
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 02:01:01 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4B6C 36 KB
12 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.storm.mg/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:01:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1629
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 23 Mar 2021 02:01:01 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame C4FB 72 KB
15 KB 305ms
305ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1151116195123924&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2655659892&sdk_apis=2%2C8&sid=754BE517-7D19-4615-89AE-1042206ADE88&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=1616462890456&cookie_enabled=1&scor=2859512568286234&ged=ve4_td0_tt0_pd0_la0_er1272.325.1425.625_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

7470040b523d1089ca733081323b090a1071634d1ece912bb50bb1e258541a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14840
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7D18 156 B
185 B 250ms
250ms XHR
text/xml 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2FSMG_Aniview%2Fpreroll%2Fsyndication_7&description_url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3720386843111864&sdkv=h.3.447.1&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&u_so=l&ctv=0&sdki=44d&adk=2738054009&sdk_apis=2%2C8&sid=57881F11-5096-41FB-AD05-C2A5BECA1AE4&eid=420706136%2C44729227&url=https%3A%2F%2Fwww.storm.mg%2Farticle%2F3553076&dt=1616462890463&cookie_enabled=1&scor=3473174859884012&ged=ve4_td0_tt0_pd0_la0_er1272.325.1425.625_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.447.1_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 23 Mar 2021 01:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.youtube.com
URL: https://www.youtube.com/embed/nhjbmRQVmrw?autoplay=&mute=1&version=3&loop=1&playlist=nhjbmRQVmrw

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Domain: prebid.scupio.com
URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5219495264747416

Domain: prebid.scupio.com
URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8720078587238955

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

399 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 17:44:14	Name: PugT Value: 1616462873
.pubmatic.com/	1970-01-19 19:10:38	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 17:44:14	Name: KRTBCOOKIE_466 Value: 16530-e00ff582-7be9-48f2-9514-e3e00a5feb30
.pubmatic.com/	1970-01-19 17:44:14	Name: SPugT Value: 1616462872

108 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js(Line 6) Message: The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.storm.mg/article/3553076
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.storm.mg/article/3553076
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 0.000s] [studio.sdk]
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 1.139s] [studio.sdk] Using default ad parameters in test environment. Simulating local events.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.002s] [ima.legacy.vast.VideoDisplayEventTracker] dispatching event creativeview
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.002s] [ima.legacy.vast.VideoDisplayEventTracker] dispatching event start
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.003s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_PLAY" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.003s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_VIEW_TIMER" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.003s] [ima.legacy.vast.VideoDisplayEventTracker] dispatching event mute
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.003s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_INTERACTION" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.003s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_MUTE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.300s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.516s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 3.994s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 4.238s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 4.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 4.739s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 4.986s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 5.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 5.517s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 5.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 5.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 6.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 6.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 6.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 6.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 7.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 7.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 7.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 7.993s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 8.234s] [ima.legacy.vast.VideoDisplayEventTracker] dispatching event firstquartile
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 8.235s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_FIRSTQUARTILE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 8.235s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 8.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 8.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 8.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 9.244s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 9.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 9.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 9.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 10.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 10.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 10.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 10.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 11.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 11.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 11.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 11.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 12.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 12.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 12.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 12.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 13.234s] [ima.legacy.vast.VideoDisplayEventTracker] dispatching event midpoint
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 13.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_MIDPOINT" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 13.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 13.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 13.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 13.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 14.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 14.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 14.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 14.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 15.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 15.488s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 15.735s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 15.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 16.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 16.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 16.736s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 17.000s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 17.235s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 17.514s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 17.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.019s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.236s] [ima.legacy.vast.VideoDisplayEventTracker] dispatching event thirdquartile
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.236s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_THIRDQUARTILE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.236s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.485s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 18.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 19.235s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 19.485s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 19.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 19.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 20.242s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 20.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 20.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 20.989s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 21.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 21.517s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 21.734s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 21.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 22.234s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 22.484s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 22.741s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 22.984s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 23.106s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 23.356s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 23.606s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 23.856s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 24.106s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 24.356s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 24.606s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.
console-api	log	URL: https://s0.2mdn.net/ads/studio/Enabler.js(Line 169) Message: [ 24.856s] [studio.sdk] Video "gwd-video_2" dispatching "EVENT_VIDEO_TIMEUPDATE" event.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ada6a0e6b211a42036e4be40cf8f63d.safeframe.googlesyndication.com
3ae7821746b634e801f4981bce499b71.safeframe.googlesyndication.com
3f64db6d4324d99215cee6a288db42e5.safeframe.googlesyndication.com
acdn.adnxs.com
ace-sync.toast.com
ad.360yield.com
ad.doublemax.net
ad.holmesmind.com
ad2.apx.appier.net
ads-eu.v.ssp.yahoo.com
ads.adaptv.advertising.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
adservice.google.de
adservice.google.pl
adx.c.appier.net
adx.dable.io
ajax.googleapis.com
analytics.ad.daum.net
analytics.google.com
api.dable.io
api.popin.cc
apn.c.appier.net
aud.pubmatic.com
b941f13208caded1abc44d9c50878d7a.safeframe.googlesyndication.com
banner-cfnetwork.cdn.hinet.net
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
c1.adform.net
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.viewdeos.com
certify.alexametrics.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csync.loopme.me
d31qbv1cthcecs.cloudfront.net
d5f4a27e2f4553f89373925ec6dccf16.safeframe.googlesyndication.com
d5p.de17a.com
dis.criteo.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.aralego.com
hbopenbid.pubmatic.com
i.ytimg.com
i1.ytimg.com
ib.adnxs.com
ice.360yield.com
image.cache.storm.mg
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.dable.io
imasdk.googleapis.com
img.scupio.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-api.scupio.com
pixel.advertising.com
player.aniview.com
player.viewdeos.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r.popin.cc
rec.scupio.com
resources.storm.mg
rtb.gamoshi.io
s0.2mdn.net
sb.scorecardresearch.com
scontent-frx5-1.xx.fbcdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
service-pvapi.storm.mg
simage2.pubmatic.com
snap.licdn.com
sp-api.dable.io
static.criteo.net
static.dable.io
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aniview.com
sync.aralego.com
sync.go.sonobi.com
sync.mathtag.com
sync.technoratimedia.com
tags.viewdeos.com
token.rubiconproject.com
tpc.googlesyndication.com
track.storm.mg
track.unidata.ai
track1.aniview.com
track1.viewdeos.com
tw.popin.cc
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
videofile.stormmg.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.storm.mg
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
ad2.apx.appier.net
prebid.scupio.com
www.youtube.com
103.132.192.30
104.108.42.51
104.108.50.124
115.88.123.125
116.202.172.174
119.63.198.143
119.63.198.172
119.63.198.188
119.63.198.189
13.112.166.41
13.226.155.103
13.226.155.13
13.32.21.27
13.58.174.102
139.162.78.222
142.250.185.130
142.250.185.162
142.250.186.162
142.250.186.34
151.101.14.49
159.253.128.188
178.162.133.149
178.250.0.157
178.250.0.163
178.250.2.131
18.156.0.31
18.197.47.23
184.25.115.49
185.29.135.227
185.33.221.53
185.59.220.198
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
192.229.233.139
192.96.200.41
193.122.174.27
210.59.219.175
210.59.219.180
210.59.219.31
210.59.219.34
211.231.100.211
213.155.156.167
213.19.162.31
23.218.208.187
23.218.208.200
23.37.42.132
2600:9000:206f:ca00:1d:68e4:9700:93a1
2606:4700:10::6816:1957
2606:4700:3037::ac43:9427
2606:4700::6812:e234
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e4:101::6cae:b55
2620:1ec:21::14
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2001
2a00:1450:4001:801::200a
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::200e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2016
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:400c:c06::9a
2a00:1450:400c:c08::9a
2a00:f48:2000:1023::3
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:10::214:b4a1
2a02:26f0:7100:484::2c79
2a02:26f0:7100:48a::25ea
2a02:6ea0:c700::1
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
2a04:4e42:200::621
3.113.254.193
3.123.110.9
3.123.55.203
3.124.165.65
3.35.111.161
3.35.249.226
34.237.155.161
34.96.119.68
35.157.48.14
35.201.76.93
35.201.96.126
37.157.4.23
51.38.120.206
52.17.151.21
52.198.167.159
52.206.105.201
52.206.107.130
52.3.103.250
52.59.121.220
52.79.132.3
54.150.150.172
61.221.230.167
65.9.58.62
65.9.58.81
65.9.58.98
69.173.144.138
77.243.60.138
99.80.71.186
02ec4a6487ac02d159fc096b0d4652ccf9c898aba6efffa95d5546065e1941ca
034385d3ecf8a345dc53799aa76e9e600a8b321ab3fba473cd40f84cb68e30f8
03b57ed1f944d098554c9de5c7ee93e167e0564d4a3b74233b53939ccc58d99d
03e9d0d62b70ae8d31478335a324c17109d6e673237bc65bf6c72272c407cf7e
0427b3ea4fb3b504707684df4857ddbe1380af73a2b6985873dfd2679b06aa5c
04b53924e054afe428a4482452f988f705775328c10a2e3432dfc95a4fd3a1fa
05c7f3eb439f302c50256d83fd1e4077ba8d340af9da81754f2fe508cff4b434
06a82e7390460586a6a8c8f1693df3ffdf641d15b03c7e1793a370237c66e7d4
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
0960a5cb00e1f8f1934102cf94b63688f38bd747f7d951c8920f46744ccf8c3c
099c4f6fcdeb738f1a34e07cfcd439b7883d9202e1cd274d473e9afae97f6df2
09e0498d34b2d12792bac483b39957e41b3b7212b01f8c43fed8865637037b63
0aec5645d4703cf2e88a048553dce7f443035e1b72b1f727e81e88430bbbd604
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb3d6b9b1757754df547aff38edc0d0f839e271ce4b4ffc05c25c1fc1ba847f
0bda73a116b2eb72a94c4328bc8eb3726232b5111a2d94285fed49f68a7b1e85
0c7a43ec01aace0dbd0c2d75681f978a5352dc43fb02450907405a6e5f28e79e
0c87f3b4d92afe0fe065579482fcddd868d690f84d716451533ac9a9c15c72c5
0ca03bc8cb6fd85905a04f59b6471ce35b0a4d0d12f5f988778bb7cb059e77c2
0d9f3d845fd24f8a8161da7c3d550ccee30980e52e4cecfacc09449d6731a248
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
0f783e92bc337bf9296313dfab3632ee0c4d2f63e989fd7b8b59b9975a0db9fd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e5f6fcb0e9f167de2c70823137b29eab53c944c144a9e615ad0f92729db0ae
11f436a97bc0a6d6f2a7f171b8c1b89872e6af4d857af61db1c43235a5395ec0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1389babfb36c9e1ac183cae31e9969e934a85a548e569629927577874798fded
13cba20f9221b946e3c5e2265a4b6668213e20d621be12a944c92d24417c98da
14c0cf3877366a725f5b3d7096ac33979dadc47af37e757fb69005a976651e6f
14cadea523346d662be7f113d8af19ca2f8de6d23ab65739004389046f3eb621
1523cf82ab00d2a617761287189fe22bea60be2ab81ca76dca87ca762b870803
15387a2ee399c272637a8b8bd41edc4327f69d7129ba328056069bf630f2014c
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16f075565dbec2932bfa4138d407c7867c53869e08c3564671236f899c5a7dbd
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
1817454b4d24a71e5f7d419c298a3bac9c08d832b99900059bd6ab86b648bcc4
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa
1821d1a770f27dea043b6a0fb99d6b31c9310eb2cb5d08a2ae319da8c10ccac4
18905e2e177868a53b2769a0ec6e86fe3483b8cbbf43db321ad9391b04eebbda
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1b1f95a7046550981861f75a1ccc13bedb6b2b47a59d3263af35ddd181ce23fc
1b8d76df01f625c7664ded13227bc8aa61fa8065164b513ddd251d015bbd514d
1be014f1ede7b0777e12a035a62a8c762f99a74d404cc1466162687a8da207bb
1d86ad203d9f732075a57918233257f12d7689499451b75db4bf8318b54b50d3
1d938720aaf6d016c860c53d8842628dedd7196dae458d9da48103ec114e1846
1e90eb46b27544e9106c85cd9c10c9e2c6dcc6d1eb49d1d15419e565d960020a
1f2e28d35b7d608a3d098d5ecac6bcd4d892c79eb0f6f9c4684b8adb1dd63191
1f42e74f5c5a5df9e1bfd1251da805b7e6a4cd21f27fd3566ca70f3e2d904a52
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
1f88f04d2039412abf17f3587560563d8497854523fd5608fb90cc15085c0779
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
20d890382a48f278fce348e066bdba95eff87ecce5dbfe78c984bfd0dce8b14f
2181bf2d0c090462a7deeed66278a1ff394dc7cb66dde16d60a01f0168899601
22785a0aec47809a443eb9fd98df9a7c696260190f74eb3fb2c12ca7af1d9b58
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
259e4a34adc3d7c461105e16bc6f53880d4db3efa276ce8b58f42d76708bc82b
259e997e3a4f4bd0996eed99c1cfe51e55b1d0370554b188cd9ee75c74f92649
25cad4f681bb5aa3451c189db0377ada0f1d05a7d415047831bc02f8d53e0d2b
26352e7aa0979f5e5a13c11ee8955a5babfd0f93870eb68f41b93be02f30339e
26aab0e75aa845381e68809fe57a4dee5fe1894d258f62e11a28ce5e509ba6d3
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2be0bc8c5d7f8ddafea42e7f8fb8bddea1704a9a0e8a51bd364815c532b945ed
2c684a062f67427313dc6f962662ea03bc0510bbc4c105231bc02ac4eeb3fd0a
2d02440e8d33ed422c8b81b46bcc4f98b8f34fd8bc76e61dec98ab379f5f913b
2db84904c133623cf6c14bbf915c09c4f3bf5b7456f80e6ea61b30a2cc8ede79
2f5da442d9e3c2f3fac68541006605f2d05906cb492847087abdabcc92233b97
2fbf1f595af3f8a68f3797cebeae7bc66dc1b20da23a1f7ba04d80a07b7dc071
3191e006c168f1119f156a3eff84cfc787b8b30a8ba57477a8b5287672d6d9f5
31d52d16834e8b8c42cd19725d19a78de0841213640542e89781512630751beb
32c787bb891e5830f3714a3284daec91cc3b1f229fed34f6378b96aae7099cd9
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
37184b5b0c26342b3e4182bb81377106d50067c096aa1b3ded2bd4739e3b5d82
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
384a277d27daf55d585ec4a866104412a3a91f8db4493c82ccc37e12f197d7ad
38865b5a217b514dd4dab8928c80964c0d608b499997609d54966f8a14677eb2
38f5937523d6a01df73c307939a810cc2dee7c037c31b06905aba300e665e93b
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
39e0155bef8ac065b68f5b9ca3fa285eb75548504921e2b61ea5dd6455e1cc45
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3bad69264aefa45b3cf2c482d1e9de36e7a234292974a993f2469960d5756d22
3bed0c39164661e57ee6e1a9b124b490fbe89f9edc6159f73c47a2472ade8287
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
3d278d324065ab89c5eef315040c5084d97db20be44db41440980c99988b3cf1
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da81b80483ed6fae88ca49eb33b6b76ee2fb0854e157b9c06a04ddde56a2c22
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4a80df7e4892e639fa7f7fb4746c9e2d6ed100b9214352bb7f2ad3d1193118
3fa191f0798bad44d61ee59928dc469aa9a515998c0a686ebd5e8f55f8fbb8f6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41513a8006b54331549ae42a78785b83f9f9c713327f6a8c914b1ec5c2c8b079
41de6ebbe9653813f28709c8ad60193f319a568c04c71198b8dd9ddd4ca125ba
4391e76b48e70dcb06afff7c4e2e21722a17e0f840c08e936249943cf637d57e
440bed45e7d58ed677fcc665d87894dadba995222ca77536b95d88c609611e43
45efaf8d0edf78de5fe175b963e4689dad500f240693f6328ba7271616548195
4624cc1a14b12ba0fbe128e2507cb3c35ef08bc43c2950dca2bfddb07d645c9f
46f1e9fa13d07c840f99873d4972dbfdc88eb39f3988a4cd5b7831c2fdae5ac4
4736abc878880e5e13b646bbd5b46e6470c91b2959c616a865af1f265928b621
473d6cbef21a937d77c2079ce0b78fa7541a806999be0138930060716aecef61
476d55eb073ca18e550dbfce4a84051f4759ebac1f1941abe30fec66ff9228d5
479989738fc0e366549ce95ed2b5c8da55a3e52a3e21ccf6de9b0821cb0f6ccb
482f7aadd7dbfec9f7d97f2ecce024dbc5e057c94acba64f2be497ba54c3eddf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
49282e4672536552c839b406378a8b8da80232a7d9956b90d9127e8a2450c1ee
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
496832b29c05d19987bcc3c825498d6d43edc8874026a9b5d5795ba9ce4bf7d3
49fa1f2ea2530ea43048ef09d020963a697eb909b220c92601521a92840e3878
4ab8d4672e4e6dddaffe2961db019619fddee5fdad48793107e3ef3065239f68
4c185134ba8a22adff5bdd45aa2b29a0f5e2c723606287eb2eb74770c83a9601
4cbc4bd9900691ec730e24678b055b3c0768f52f879eeebff707616fe36696df
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d3d809b3a504784d735dc0e1ff8da0ca5c0c8521a54132d983d1ce0545d5560
4df23d9a8cd6462ea12f1a2dab724715a347066d0e638de411dc69e6f0efc77f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea48f70035f7723886fd9d504ec7f7676bcf1bc47bc3e0243b7f8125c139c92
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51757ea0933827a15266d7fd6881a2d82c6c3462bf2927854ecc68c663b25587
522230d87369e152908c470009f92c72afc02605415954ad414e9594aa148e5d
5319bd824c5f14475d957733881db31f069bbbcf4a208f46ec787fdf0fc6ff0e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
54e153f12ccb83ac6e08c82b3b68f3cd585d19104437ed105b5edf25e94647ae
559004a545a13667b7f7b0abdec7892df86ae2d2b36536c76ca37cbbf1b5bccc
55d340e50382b4950b07461c01b039505ce003c3f30fec9779337eb7f9ac7d32
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56ed88293bc3b19239d5c0fe26672cfd7b41ed3bad4d974970cab9a373f0be98
572aed79428943b43b75b57bc3e612c09e811c17667b82bfd3de2c9ea5f7e0c8
5779a219232877fb6ef864e31dbfbc8fefd2d8390cb58778882ad93b361ae9d7
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
58bf5b5478e5d1fb7441daeff9fd1ed60a4ad5fbfabc64715cd8608f3f59f6da
59a98beecaaa2055592d1fec998eeb157f138e6843ba05b61d068b69338b02e8
59e458be5b11f05057b89c2e2bdb4eff59629d359b746abfecfa7a096963d5d0
5b43311cd3b32f81df683cbe244aa8358d5834e09522946ae7f735ee1b8501e8
5b8115054b070d534b4bc58a19487528aaf82f342415a65202ce9fce1d537c36
5c9cc9abcbd6c35c427d368a03a48314ad1f994e85ae0504c8a0a89a1d8e451f
5cf9c12c2c7d3604898b38b194b9fe47ceda25031806707fb938878a21aec779
5d8e28b9d7fff002671128a402714aae0ff3c0aa601b677027356581b70b0885
5e35eaf06d2c0fec83daea235852bbc7990653ea9ca2ef93dc62899de1b2a014
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
6058cb9f9dbc7304725382cabe8dde30b79fc0818bdde92cb97555799bf0037b
618c89a5b58b064e607d86e2797b5b6d9166527b0a93c13608cefd2c67a2bf06
61c9090ddc45ead2e35e781336f1c40348ecb0020c24afccac9d0a0ba7bd40af
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
62e15e8a8c83cf3cf04ada9b65867b776be8a005fa08189b61900bcc347aa56e
62f2c559d63d55073af212151c1659ab41fe869df350868a5ad1c1d6daba0836
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
63fb017b3d2b4304a5d509d13f1ced991419b38a7445884ce0e60241668a3aed
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
65e89900fbab9303f1f33d8230c67a5e94755d20a3c1567ca8b987bece4759e8
66289bde64db020d57ccfdf3b595e4bd89c95a1f81865bf8a2e80ec12472408c
665921c0c34325316b332d150a9531f1bc4019cc48748006c5174840c8d6a7f3
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
67d8e7a3e7815e72595c83389b163f51ecd562ed6c394cdaf5cbc93c7330623e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6c3b45883391f9bee5d62253976f509d35d0ce09466f09a9e0f036f51fa48a2b
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d9eaafc340c46807a31a00917fb95d51c33321d52f3bcf41297a84fccef4553
6dc4b9bf8e422c97cea924a04b673a14ead515cabf0be3da77fea3beb4a90dea
6e65b2f8e031b4ce2e753a3662dd2b1fa38ca9b171f6698d5e6c023c98bb8cca
6f23e209272fff2b49d26918d269cc831047bc51e277b859684e3f68553e6531
6f46931015fb8a0516ef5ca1d3ecfa0534871744b8ed66d3878928ab236fcf5b
6f4fb7214dd83ac5d36eee5c9c99e56be0268d41d4123c399ac43fa1f92aecd4
6fe8e683eab18fd17809898839bb7f04fbc99d49e9a4f0a6878a39e73a9a16bd
70220866d2a137da98b88db58aa84abe0676ba673c40bba79f68eaf4f5ffd2e2
715263829d8eab12dcfedf56a208b1e6c958995413a47cddb3ed532d75aca6c8
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
72a80770f582b1bb93c4686c2d8f7d96cd6e911198e518ba3f19cd50cb108804
72edaf2009703651997e9a3c8bf2c09b38adea52a3dbbe3b2f1c9d5622926d4f
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
733201312f56e42181c43c357f8025240548ac9b4945c0691069324e8f695551
740d0e2ab785d5697336ecd812e6c6fb5547e741ab78204d93023d08bd274ecd
7470040b523d1089ca733081323b090a1071634d1ece912bb50bb1e258541a82
7496fc4c8d3fb70573e8155918f5514c72e9680a2b69b36dd5c13eb799148e57
74a8b34ddd37ba93b4c8198cebbc858c098de1effdddd63eebf9009d55cc53c0
74f67f85dc2c3543ef481f30ba5ee9bfa5f452005486b9a2f67b0bede47ac9cb
756cc7e6757619252347bd4a00662cfd04ee073070d12da15948e852449608e5
76064ddd12bf9fe3cb8055771f4790d2a4a391a04e4e961bce6a6f3f89d6235b
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
79421a5612f5b1e7c225a816d80b2b85ff9be2456b97a2eb3be4c5d22cfc3e87
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7b55264fe4dfcde67da04b3134f76cee471515b9e0160375fc70c6f7e6589c2d
7bda620bcf7f6ed95efd80d28de0e5534cf4855a40f42c27755442556642d526
7c19a43c3cbd95939921f06bdb9fee7cf89eab36ed21f52b71bc344bf7823da3
7c9c150b26aa2c7e8358c40d569d3da67dc5e6e208c7a798d2e4c9574f581979
7d9cb621633f5925775861be167c4ec7880e741b4db48caffb31cc5a9e5f118c
7e498b88591c195aa2e1c7ec355a549ee3198e679d2bb951dafb5c1c379cdfb5
7e61f5417431e000124fbcf81b86ae6c08999e6f229f2ebffc748d82c2516ba4
7efe5fbd74b183b583f0c7cf328ff613dbbbf971ccbabbbbe2a8450f619c9e4c
7f815034f183f3d8b947c77df9e643cb5aefa995dd0e44aacd2e47a953f36aad
7f81b8ad14422ad8f41f69b8cb3fbb92008af8642325af05a8db81b0d18ba3e6
7f89f37ed7eff60d8dfc4200a72158aa382318fea2f32e27984ccbcc372acfdb
802fa850549fbc67d45600c105c26b9a422bde2764752e1bd2d999b16f1aff6f
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
804eb873c8b828218c0ce74770f5ebcfc3e2bb5cd8e279168e69e5b3e0ca9b66
813e44281bc30d24c69706ba9de28a356111cf651fba494ee024dc655615347c
81fff03f0694c84bf34cee70056c87edafd68d4315e0a087bb5de6ad67bd1a0d
823e86ef31b2612afb0ae4ef9eb3319a3a0e885014cbe0d44a27719ee435a88e
8320a5fa8b7e5b43abe1359be9de3e9d7e93256f27f4c0f812444be3eb2ee3af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b0f09a2aec6b022e057f23d78cae19cd18968a3153aa68dd18823879337b61
847240dd4e1c45b3091ed30ce53ba4a8ddd9dbe5babffe1f9b161c8021d9e2d4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85152866db31641960ff23bf508f6ba9100872370e1de5abf6294ca657d54e5b
86bc1b9c19853f85f239840a9240df7784276a80bc13d301c166f2a4cb099670
87661d55b617c8eca4c4e9d4541650586a80e057e63dd24f3253c3df29299ac0
880ceba6ed002e0e4cfb47168aaff3735535e987795a13e145adeb9afef68acb
88a8ac06d8362313d13f8f2dfc1c316d298fd7bab4e5751c9ef390d9fe251cd2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1028b3bbce02d8eee1fd402b83d9f26fe3f2ba9c2d0cb0b968c2aa05cdf466
8a7b3e1fb9dcfcdc74602cd099e52b29d81d0e136dd6405f9b9f604695ac0c92
8afb4e8baa2ec27159a9f1b678e3c7b3287a354c679711e1d7a9e8cb0a0ae798
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8c7fd018c4872f9a90abfc0ca641aae5b149539c54b9fa25d2c851aa54db6c64
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f
9037d7a33fcfe84e0a009d57555d0fffb37898e8dc6c8c1b6ad8b2432932d3e7
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376
922a79196f73794faec9a3fd24221d4bff52b4a502834773d1d8974d55a8945b
92821f7bdc1da89a4c59c01e861887070f5e5adfe224a317a42f88aa17e2827a
9289a5873f3af0ffc3ea0e65176d4224b7633b3928f03cea59af8cf03de08e3f
94787763c97e2505befdf1b883d5fde64c1f1df7547ec5d9c44db6aa5158c1c0
957ccf45e2619f36e82c0418e1ef953dc3230da4c8c07dde0ca87f4fbb7152f9
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
965053e67af4148e0fdbf448a1e907385df001a74fb52c5ac6cba5b8a950f926
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96cbd55ebd863a4f343f7e529b93b763999702e393bbc4edeecec14e0f188c9f
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
997614e55e349c466219e0c483a6671e9b3b6e6039595737d2306772297e90ea
99ab33392b1024585c85bede1ddc2d1ce44316d4dc44d8ba6b4e029acdb31cfb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0d4f663cf14d5417afdc1b49cc230169f2c2b6c0c779ae1c768fb2ee416625
9a5712681acafa08e27671d5267b717d78ea82bdb9f87871471542e89b1e0c90
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b0313272102ea0987ddb17775ea629abf40554d23727500ff486ba02cf82396
9c175d534cf98c238750824b23ac92954963b9edcddce8ccfc1e03f66e8dace2
9c6de398b00be04297ce1aebdf24eed587464488127326a6611438bc65dc26e3
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f
9d57f50fd3260899ab36ce3d61ded63f87dcb0579353baa49e786c93c640cc6c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e9ac9a4008262b7824e7c6b4668507db4ea3b69ec84f2516b535d4453c4c3cf
9f38dbe5285453b6587970dd8c601d3b854b5b3bd67a40e4587d080008a38156
9f64aea633d0f8d08bda7000c1ea8dfdc4db4d156eef91c1063426a57f93f7bc
9f9bc7439037dec9c597c303cf0e156fa126d50b35c097e3d88e53d0f379be5f
9ff926261a19ffc0741cb4b9dc3da250c82639cb881b7f3981234ee474b432a7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5
a22c497288d6b312171de3df8ed00831f34a76a52384c1ba9d504e11c98a5f21
a2469b91c0bb4ca4f8f1d67b79f1ada540029e248827717b22e0e8333e18f818
a322a466f5deaa8bcd3dcd6f7ab89f71e16c39929028a3180484c44e0f19887e
a4531fdb3fe10bd4f5d847d25b787e37734df5953f771383bff4df984c111ea8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af4fc508d900876f8a13db0104bfa864c9aa17be11914045813ac9cf3317de
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a8b1d478b7bb9316d230f5be129aa063dee9c920b0151e64d9d8fa3a88ac6569
a926c66ab7552018456c121c26019b754a6b5fe8e84e477fd1d5d439f7096c82
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a99031e634125d4b49c4ead0de32fce1f935b8c13057ebfbc9443a490cb5be67
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ad184a33a34d25298d12ead99fa419e47a49201e75a5d22b00f09cfcbf01c03b
ad9fdfac0e1db77fc2dac89227102ccba3bbd01604c75a11127fea77f648eec7
af391daab639e9edca60f1da104865061f97adca1969f92ab786507d58accaef
b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79
b17322c9274aeada4df3efd7b68f1ad1ccb677b24f76caaac9f7adcc9f3eb137
b1ed587eda401e449edfe34318d55e185497ec21a52b907ee05cf6656e961d9f
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b285066ba59e5039157ddfcba79f72390903333cac36a54b1d0fd64c43ebc57c
b3969c3f9781bcb3b32ce256adffec5f39b3da0cb97106669102d0a6c8a23250
b402c1a7a2efd185a6d15196f7997e3d18f06abac9c47557b7ba3f164f8287ce
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95
b50277b2389bfdda3bb9148d0c26c07324d1eb8db70a9c703d41325d66b4af6b
b5468351c8c8e3383fc534a18b52f7d6a00f675928adc712f447c206f60a685b
b5db046560c402e28f7241880d686f52480c4f98d28eae25a6452f3f0f1018bf
b6a5728ba63f31c5a48cb0f825c8ca0ce939e0255f385f9b645514c34855f071
b7234d81a83866451da09545fa3dc6bcd725bd6c0c8029d5b07a4e214345f427
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
b7422e8f025032bbe6f4cf2063b738f19a8c6038b8f4804490d18ee2178e1c12
b7e771a6f487c7afb92afaf819cd2ce75b6658f6425636b8a032326fc6dc0c7f
b87d2b583d0c3be29b335e8a856f09f3a5b2530bf309a8efa71e736277ae9303
b898e855beda5cb89fe9c28b2d595c78bc9c0817cfbb298b227ddc5c2bec8ffa
b8deb5e72bfd442887a936f0ef7c4c20db50d78b1b3a4a526cc083ef66de9add
bb04746af0386a3d16cd49bc967e1b860dc6b54ce1ff33ecad5288af0832596f
bb659fdd4ff3fab5e762c667f05841ea8c82b858cfa5942b7e193e8425b4fd37
c088e0a33db26229df70d6fef18c9fa1a7503fa38d265845f3977a97b349de41
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1415a971814e2ebcfa9e8eac1f43d3671a5f4ddfc59b6c77a15985775741d27
c1cbcd6a92e442332195ef40b66f2fb869596d5fdd012f3428c4c27082e21af7
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c535b986e71387a46a93ca7ac007424c3f3e1e3a64bba0beaa5620e7cf48459a
c55b8883a9f908ffce1d25c10579acbb6a65961ca7240eb6b20ca17bde45761e
c5ee49b56c363611c87785b7af8cb7340f77d78c7321a6ca8eabe82f759852df
c609232e4c218c81785beae599c9568353f2c2743388bc6f11dc61a06d0ae540
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
c6ae3eb1be0bf3b77b26fde2cf511bb009f7c577c14f8aa606546673b2246b57
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
c76450f131e599364cc2a9d87ad033d7c65004e249375ecb2725ce1f4dd35af8
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c8976f18096e56336e5cd4438ac3df8cb49452de3842f17a3321b2bf3f01dbd1
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc64a742ead51c8d3c7ab29597287ffcfae6b93ff22d4d35fd646187ab6a4fde
cd68a6e55fe88aa4ec6dfce4a35ba9c3cd69a6954e5ecb4e3d091d819c4a5375
ce0b837dd2586f5f77a0802fbcce5c9c591c1834131d7d7a9c02e86c5a8efd09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0f3d060a8a27456f3b8537d493f6b05291f61a715e6f681108e68f641d6eb7d
d155ba42b20312ebff7388d008028af184133a06a03679d6fc7d8ed539e171a5
d19d9de9bbafb40238e5d2b02a6ec1546158f7956dbc641a5f292befed381647
d1fb043900349bdce92c43c72b32fde51f85ef8f8d6b2f9fb5e49c5a1737c68c
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d3a74cb2d2cba175141e0a6540c2d50a023c9c86a2376baa79e1945c2af73d9c
d4d902f10380ef4cc0107aacc4eddcd7de75ac0fc989aca2faf91f9b2902eb80
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558
d605b8016e96843b147169071b1b1442b000a65f71a0cd4b3a7164d4fc9dc282
d605f1fb10b5ee49f59328d98df7757e135c1d247fe79392b1ce97afaf6e34ad
d6cc84ef340916babc2b71d9c35667ddf38ee35dbb433b65680668b8a42f191f
d6d753667a59a12cde15e6fee9191e40a3aea40bd36260b139c7026a1470a458
d794625b678a8c160730301011f833dd7759fba70300edc2f780c9d93aa17954
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d98d14669eb4616f42bc62d7af02f1b23925c61929f9a10736bab32fa2b5b87b
da95c0c9d09839aaaff02edc4753f2b902b69a3bdc95db3131ffc8feec1c8d17
db66cb704b06be59fc6922dc7967e7364b868d618e82e4b2a793a588e0f1efe7
dbabe19e414cc5c2a689741c39d996a188cf370e5284023ff4f1e130d926957e
dc46343f4589fedcba61b549d5c3877301846da5b4a40bd836619d0d6fb00df4
dc495854a8ac178d94730aeea4fc42d704c1af5e0dcbcc79f13b6d9792cbbb49
dc57ad3da1bc1921137bf4c7532a9c049cf16a527834ff367aa3f2c25e268df9
dd16b9afd96a30d9ae811bd0176d96bb682864165229bc7986aee2d08c247571
dd77e1ddf80fb6d4be22be84c88555cc22612ce02def8b82bf94b87f605fdba4
ddadd70ae359b0cfe71ee656a546833549e9bd9b97ceb18aa31df7c78d9a8ee4
ddd7c2d1c584601519db86d2155181ec9b3ef59677db0372de43e477cfb746c5
dde62bb2649004442ef3c2c13e6a0aa55fc11dfb46936eaac860f1fe1e6fb759
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
dedd7382bfd428ed2d40a685b5ceb9fc103d74cb46ebf07277f2b415de7465ef
dee1c2d9b5c5a0e93277f92b9c8d9b5f1eea79f501ef644b359ec41dd24d06e7
df18f6d97724aedc00931593f05d46795219aba0c1a5c4c5f1e11c210a1f016f
df23bea1e7f5aa13de91f14483ff88a9a728722aea9f76bd635f2a25904457cd
df4e4a1ced817cdf2b03316c0c3d3ae51bd50c25fd97fdb576bb88a89c55cd10
e0058900a2ef8836f22935c4a90f3f430771447e782bf87946e86cba2ffb3c3d
e15eda4c5d3b6afcfcbbc57867c0367f587c146f57326b244aa9fbcdb47c4f1c
e1a532a13a0fddaddf9c92e6855b014907b2716e70934d33c9396c2c67f25919
e2ddf8f53c500dd4f7b5b6cf5d99a520fa6c64b07ee5cf830a3de44663e13d1b
e3a6edac4585c512e36c35202b1a96b92743a91ec00d327398ca20580bccee1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c90ca9666deae58c03b5ca7c21733d3d1b24a2821e21e6a32a7cf38e5fac2
e4c0eec3f0a6bfb56273512939516c1bbf6feec940a74e64097d3df91d7a8c8d
e5012125c13d807e7a419983db8cef1e12cf9a7cae340a7f8ae0cb94cdf79a94
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e64cd3d63467a570ac7dcc5dc9925a9d37f846a6bbfa7b11abec507bbc4cc53f
e66fb907a79a93d3c9813f2f348b42bd1bf6f3bf140331fe57bc7cc30a816246
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e7653bc8d0b70e8d10e40a7f99669b31170b5e1b89947983380083b01b9d8fe0
e7dd20e87296817ef69bec061306b833e6e3738b0e810b6e1e97540ce9ff2cf6
e85dd3fbfd058e5a132a056f129863c9a25086b8104f41889b4ba18219831d66
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e946b85433f80e6a0847a25b0e1939f9b8b0b35c46a80b8cb8531614232073ac
e9820fbc9b653901418ed7c2bd0b52b7e0b961fd8cd61112465a11f6faccd057
e996784cacd24396160deff0366e192d503bab24c17c28b9692b087e2fb7ce5b
e9ab4ee10afd27d95bf4ee1eaf1b309dc134b216be199ee1eb8066753dcc6a01
ea556e4bd9e34f1a4eac0d4fb439a13ebe61ea9dd1a95f4d33bba61f2ceaa8e8
eb1fe724298d5ec0f4963144835c2c6f8c1b67c209ca7574a20d35302a941013
eb7f360bb2dce8675c30cf6b2688b68c05dc7f7ea622c3b885dc67f9bea81787
eccd1aa5863c88b1cb516307ef5a9c9ddbbe3f9731b16cc9acab24c0cfc39ef1
ece31fa1e8b682dfec3c92cb9c61b642e14be828768a0510258278015169004e
ecf0ffde6e56a2c058421a0ca1a3446a00d047de48239cd168f7eb93a07a9269
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
ed493954dc29f271b07eab86f6c032ddd2f20b8ee39f0cf6ee54498e78dd5fd8
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
edb4e27665aeb697692cddfbeb739cafb2dc606c1adfe3c7101815d49e5f4605
ede6c1a3c585742554555e636acc48d7008124e7726a000abf6bb4b627c62d38
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
eeac86418bfb5dcc777b921ab61b055a141941acd8b65a939981dc79d328a31d
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eee730a9d60a81d5e5126638bc53085c810e09eafdf432eafc5bbbc09cba16c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
efba10b7c8dbd37216f0269338f49892f8c6215cc6f239d98dea601873dd0934
efcb136b50cdb865511e3f483bca65c94900f0e2d0f1ac1bbbbcd29ad170a8cf
f005c98cdd99a099b2d8fd66faa51c7a15fbd1b5bb4e633f8b649a58bee6072b
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f21cc4285df8ecb724605ce4a6928b89404fc611db75b2ff881f57ef92964afb
f2bc4c51d2489de1ba8b8636b9b40ba08a979cdf79789ff02da378904c1a4a1c
f30a005ceb6d203f8f91f5ab1cdeafc78e65feb03101de31a24df75451a4f55a
f3168403eabe87c4fa8bf097e63d6409e3e6d15a14825215c27e9e4f1f943c95
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
f3906d94b42313b74cd11d1e98a4cd521c2e4d8d9dab72f15e0cb9dae29be044
f390b2d2721def3434d087ecceaafa0ae5e140120cc870784f7d00f90c3b5c79
f4e8ffc4bdcad011c3805dc13286b0abd4c57dbf9cbaa158eaab796add830723
f5d211cbdf6d740f9cdb42e75366974c5d0032be25dae3f16164b1ae6120e2bc
f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d
f69113c12d5529e05d6e2515e38e1e036ec7e26a69d0726809be73964c47c112
f69b06e98c7774bb5ebb2c4b9b5f02e6ec05854a605e3bfb86d1e4f4b15119da
f8039a306f8d0b637a4e84a6ac01087f8ecd0e86193b0007d0e1abb495d85021
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f86fe0b4219ad84a269f08c28b8424ab0c8965cae0b5ed4cf0b50f56698a4529
f877a798b0af17fb62564cc4a3b2c8f1fb76398c7e3156eae984fafe175bf4c3
f8e7e777ab2c510a548bec6e1e8b9a3fbceb986ba8603686a64f7d11ed3e8805
f94ab680d6a6d6a9f2793b8ad326a91399e93b1da660dec1656bd3ea96716319
f992a3471511cc92b4d7a8a249c809c31edc7c242ebe26ed274543c98cb7fe3b
fa4f6f67cae8ebdfb32ef792bfc98c325b1282de2db5fe0b59e8d332cd0b29fa
fa5006bcbd76adcdb2a6d6b72cc3324379e50d7f644e9013f4b4c424270341f5
fab1f4d1a5bb1f1154c31b23537e728f3648abb2e4c40fc564c76f9fbeeafc09
fac37d72be5f38ca147c85ba0921206d661cff46d14612d6a0029ffd332a68f3
fb0bc5bd005aebb3d302194731d592c2d7a86b07bbe3f316d51213668c7d3edb
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fda2f0a46e2e32e8ff388e31441bc5c48e1f101aad46597985e58c2e08fe0b8d
fdbe8d58f0533f6d5be3c57ee68f06db56d4e6c8c8178618f08c517e809d4b2c
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
fdfa3666b6d8faba8bec7338f44fa50837f0517f66d6624f13ba61f63961f037
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe4d3948d30d25ce7309609636dfe6b36cf5e49b30cd8e843756698e18e0e814
fec5ef03a71ae0ebcca09e3f8ec2441b8293465dcd9bd08971449f6866fc249e
fedd8db5e24161cb735c50f520e212db37ef50bd94bdeebc05c080f56c22f2e5
ff48734d304a507bbb0c11a2664b0a0f45bdbd39f935863a8f357b4b537942bf
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5
ff9dd2020328ceb632372acc069ca580300ae28e8a6c338e968c977ee7705adf
ffcc0f5b5458b5e9eaa54a148c555593dde0d3e797314cffe8933e09fdb48586
ffe1703d6adf284d92bfc1731706618610c977b81ba5f52c556559142648ee7c

www.storm.mg Open in urlscan Pro 13.32.21.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

850 Requests

99 %HTTPS

41 %IPv6

70 Domains

135 Subdomains

122 IPs

13 Countries

16649 kBTransfer

43641 kBSize

4 Cookies

32 Outgoing links

Redirected requests

850 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 30 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.storm.mg Open in urlscan Pro
13.32.21.27 Public Scan

Screenshot
Live screenshot

Full Image

850
Requests

99 %
HTTPS

41 %
IPv6

70
Domains

135
Subdomains

122
IPs

13
Countries

16649 kB
Transfer

43641 kB
Size

4
Cookies

850 HTTP transactions
30 data transactions