urlscan.io logo urlscan.io
SecurityTrails logo

www.storm.mg Open in urlscan Pro
13.32.21.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.storm.mg/lifestyle/3634588
Submission: On April 28 via api from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 109 IPs in 14 countries across 70 domains to perform 952 HTTP transactions. The main IP is 13.32.21.3, located in United States and belongs to AMAZON-02, US. The main domain is www.storm.mg.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 1st 2020. Valid for: 2 years.
This is the only time www.storm.mg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
71 13.32.21.3 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 93 142.250.185.98 15169 (GOOGLE)
23 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
1 3 34.96.119.68 15169 (GOOGLE)
1 1 172.104.121.22 63949 (LINODE-AP...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 65.9.66.82 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
17 104.111.225.233 16625 (AKAMAI-AS)
1 2a04:4e42:1b:... 54113 (FASTLY)
6 18.179.248.189 16509 (AMAZON-02)
5 2600:9000:206... 16509 (AMAZON-02)
28 13.224.106.33 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
14 2a03:2880:f04... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
140 2a00:1450:400... 15169 (GOOGLE)
9 15.165.227.126 16509 (AMAZON-02)
25 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
57 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 13.224.106.119 16509 (AMAZON-02)
2 4 99.86.2.29 16509 (AMAZON-02)
2 78 2a03:2880:f14... 32934 (FACEBOOK)
3 65.9.66.80 16509 (AMAZON-02)
2 18.176.63.232 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 108.174.10.14 14413 (LINKEDIN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.224.106.110 16509 (AMAZON-02)
1 1 52.11.78.200 16509 (AMAZON-02)
1 13.224.51.212 16509 (AMAZON-02)
1 2a00:f48:2000... 47447 (TTM)
1 115.88.123.125 45974 (NHN-AS-KR...)
1 1 203.133.167.207 9764 (DAUM-NET ...)
1 211.231.100.211 38099 (KAKAO-AS-...)
1 3.35.111.161 16509 (AMAZON-02)
8 2a03:2880:f04... 32934 (FACEBOOK)
2 10 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 210.59.219.31 3462 (HINET Dat...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3.221.134.89 14618 (AMAZON-AES)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 210.59.219.180 3462 (HINET Dat...)
9 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
9 34.234.163.11 14618 (AMAZON-AES)
1 3.219.93.236 14618 (AMAZON-AES)
1 185.59.220.193 60068 (CDN77 (^_^)/)
23 2.18.233.180 16625 (AKAMAI-AS)
3 16 37.252.172.250 29990 (ASN-APPNEX)
3 13.209.165.138 16509 (AMAZON-02)
4 12 2a02:2638:1::13 44788 (ASN-CRITE...)
8 178.250.2.146 44788 (ASN-CRITE...)
4 213.19.162.51 26667 (RUBICONPR...)
4 103.132.192.30 138552 (RTBHOUSE-...)
4 178.250.0.165 44788 (ASN-CRITE...)
4 162.210.196.208 30633 (LEASEWEB-...)
2 210.59.219.34 3462 (HINET Dat...)
5 54.178.71.123 16509 (AMAZON-02)
3 213.19.147.42 26120 (RHYTHMONE)
3 3.123.110.9 16509 (AMAZON-02)
3 185.64.189.112 62713 (AS-PUBMATIC)
8 2a02:2638::3 44788 (ASN-CRITE...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 210.59.219.175 3462 (HINET Dat...)
4 4 104.117.200.100 16625 (AKAMAI-AS)
8 104.111.230.142 16625 (AKAMAI-AS)
4 8 192.96.200.41 30633 (LEASEWEB-...)
2 2.18.232.130 16625 (AKAMAI-AS)
4 4 52.28.254.214 16509 (AMAZON-02)
3 6 18.156.0.31 16509 (AMAZON-02)
7 8 52.210.189.83 16509 (AMAZON-02)
5 5 151.101.114.49 54113 (FASTLY)
6 202.39.143.235 3462 (HINET Dat...)
2 2600:9000:206... 16509 (AMAZON-02)
3 185.64.190.75 62713 (AS-PUBMATIC)
3 185.64.190.78 62713 (AS-PUBMATIC)
4 4 213.155.156.164 1299 (TELIANET ...)
10 185.64.190.80 62713 (AS-PUBMATIC)
2 178.250.2.151 44788 (ASN-CRITE...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 4 77.243.60.138 42697 (NETIC-AS)
4 4 35.201.96.126 15169 (GOOGLE)
2 185.64.189.249 62713 (AS-PUBMATIC)
2 169.50.137.190 36351 (SOFTLAYER)
12 185.64.189.110 62713 (AS-PUBMATIC)
4 5 37.157.3.30 198622 (ADFORM)
4 4 185.29.135.233 30419 (MEDIAMATH...)
1 3 2a00:1288:110... 34010 (YAHOO-IRD)
4 69.173.159.35 26667 (RUBICONPR...)
3 7 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 54.95.42.61 16509 (AMAZON-02)
2 6 35.201.76.93 15169 (GOOGLE)
1 2a03:2880:f00... 32934 (FACEBOOK)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 52.48.151.83 16509 (AMAZON-02)
1 72.251.241.204 29791 (VOXEL-DOT...)
3 3 213.19.147.45 3356 (LEVEL3)
2 3 146.59.148.16 16276 (OVH)
2 3 54.78.254.47 16509 (AMAZON-02)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 2620:116:800d... 16509 (AMAZON-02)
3 3 18.195.54.133 16509 (AMAZON-02)
1 1 51.75.146.160 16276 (OVH)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
21 2a03:2880:f04... 32934 (FACEBOOK)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 185.64.189.114 62713 (AS-PUBMATIC)
952 109
71    13.32.21.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-3.fra56.r.cloudfront.net
www.storm.mg
2    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
93    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
cm.g.doubleclick.net
pubads.g.doubleclick.net
23    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a04:4e42:400::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
apn.c.appier.net
adx.c.appier.net
1    172.104.121.22 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1731-22.members.linode.com
gocm.c.appier.net
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
4    65.9.66.82 (United States)

ASN16509 (AMAZON-02, US)
image.cache.storm.mg
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    104.111.225.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-225-233.deploy.static.akamaitechnologies.com
static.dable.io
images.dable.io
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
6    18.179.248.189 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
track.storm.mg
5    2600:9000:206f:5600:1d:68e4:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)
track.unidata.ai
28    13.224.106.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-33.mad50.r.cloudfront.net
img.scupio.com
12    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.be
adservice.google.de
14    2a03:2880:f042:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
140    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
9    15.165.227.126 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
api.dable.io
25    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
www.googletagservices.com
12    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
8    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
1595e939843b8bf1b4a3324b9dba517a.safeframe.googlesyndication.com
57    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    13.224.106.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-119.mad50.r.cloudfront.net
d31qbv1cthcecs.cloudfront.net
4    99.86.2.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-29.fra6.r.cloudfront.net
sb.scorecardresearch.com
78    2a03:2880:f142:82:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    65.9.66.80 (United States)

ASN16509 (AMAZON-02, US)
resources.storm.mg
2    18.176.63.232 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-63-232.ap-northeast-1.compute.amazonaws.com
service-pvapi.storm.mg
2    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.be
6    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com
px4.ads.linkedin.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.224.106.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-106-110.mad50.r.cloudfront.net
certify.alexametrics.com
1    52.11.78.200 (Boardman, United States)

ASN16509 (AMAZON-02, US)
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1    13.224.51.212 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-51-212.phx50.r.cloudfront.net
aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net
1    2a00:f48:2000:1023::3 (Germany)

ASN47447 (TTM, DE)
tags.viewdeos.com
1    115.88.123.125 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)
ace-sync.toast.com
1    203.133.167.207 (Korea, Republic Of)

ASN9764 (DAUM-NET Kakao Corp, KR)
analytics.ad.daum.net
1    211.231.100.211 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)
act.ds.kakao.com
1    3.35.111.161 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-35-111-161.ap-northeast-2.compute.amazonaws.com
adx.dable.io
8    2a03:2880:f045:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
scontent-ams4-1.xx.fbcdn.net
10    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    210.59.219.31 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
pixel-api.scupio.com
1    2a02:26f0:6c00::210:bb19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.viewdeos.com
1    3.221.134.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-134-89.compute-1.amazonaws.com
track1.viewdeos.com
2    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
5    210.59.219.180 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
9    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
7    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
9    34.234.163.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
1    3.219.93.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
1    185.59.220.193 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
cdn.viewdeos.com
23    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
vpaid.pubmatic.com
ads.pubmatic.com
aktrack.pubmatic.com
16    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
3    13.209.165.138 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-209-165-138.ap-northeast-2.compute.amazonaws.com
sp-api.dable.io
12    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
8    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    213.19.162.51 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
4    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
4    162.210.196.208 (Hyattsville, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
2    210.59.219.34 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
5    54.178.71.123 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
ad.holmesmind.com
3    213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)
tag.1rx.io
3    3.123.110.9 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
8    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
12    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2607:f8b0:4002:809::2003 (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
6    210.59.219.175 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
4    104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    192.96.200.41 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
6    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
8    52.210.189.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-189-83.eu-west-1.compute.amazonaws.com
match.adsrvr.org
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    202.39.143.235 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
banner-cfnetwork.cdn.hinet.net
2    2600:9000:206f:ca00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    213.155.156.164 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
4    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
4    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
2    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
5    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
4    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    69.173.159.35 (Central, Hong Kong)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
7    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    54.95.42.61 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
ad.doublemax.net
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    2a03:2880:f006:21:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
scontent-amt2-1.xx.fbcdn.net
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.48.151.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: ns3181477.ip-146-59-148.eu
pixel.onaudience.com
3    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loada.exelator.com
loadm.exelator.com
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
3    18.195.54.133 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-133.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    51.75.146.160 (France)

ASN16276 (OVH, FR)
ws.rqtrk.eu
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:16::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
21    2a03:2880:f045:a:face:b00c:0:1823 (United States)

ASN32934 (FACEBOOK, US)
video-ams4-1.xx.fbcdn.net
2    2a03:2880:f006:17:face:b00c:0:1823 (United States)

ASN32934 (FACEBOOK, US)
video-amt2-1.xx.fbcdn.net
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
146 gstatic.com
fonts.gstatic.com
csi.gstatic.com
6 MB
103 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
790 KB
88 googlesyndication.com
pagead2.googlesyndication.com
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
tpc.googlesyndication.com
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
1595e939843b8bf1b4a3324b9dba517a.safeframe.googlesyndication.com
3 MB
86 storm.mg
www.storm.mg
image.cache.storm.mg
track.storm.mg
resources.storm.mg
service-pvapi.storm.mg
946 KB
78 facebook.com
www.facebook.com
3 MB
59 pubmatic.com
vpaid.pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
vid.pubmatic.com
image6.pubmatic.com
aktrack.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
270 KB
43 scupio.com
img.scupio.com
pixel-api.scupio.com
bw.scupio.com
prebid.scupio.com Failed
rec.scupio.com
509 KB
42 fbcdn.net
scontent-ams4-1.xx.fbcdn.net
scontent-amt2-1.xx.fbcdn.net
static.xx.fbcdn.net
video-ams4-1.xx.fbcdn.net
video-amt2-1.xx.fbcdn.net
2 MB
30 dable.io
static.dable.io
api.dable.io
adx.dable.io
images.dable.io
sp-api.dable.io
146 KB
30 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
3 MB
27 rubiconproject.com
fastlane.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
50 KB
26 criteo.com
gum.criteo.com
mug.criteo.com
bidder.criteo.com
dis.criteo.com
7 KB
24 googletagservices.com
www.googletagservices.com
793 KB
23 google.com
adservice.google.com
analytics.google.com
www.google.com
3 KB
18 adnxs.com
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
50 KB
13 holmesmind.com
ad.holmesmind.com Failed
cdn.holmesmind.com
c.holmesmind.com
16 KB
12 aralego.com
hb.aralego.com
sync.aralego.com
4 KB
12 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
183 KB
10 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
7 KB
8 adsrvr.org
match.adsrvr.org
4 KB
8 criteo.net
static.criteo.net
205 KB
7 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
2 KB
7 google-analytics.com
www.google-analytics.com
53 KB
6 hinet.net
banner-cfnetwork.cdn.hinet.net
141 KB
6 2mdn.net
s0.2mdn.net
99 KB
5 adform.net
c1.adform.net
3 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 1rx.io
tag.1rx.io
sync.1rx.io
2 KB
5 google.de
adservice.google.de
www.google.de
1 KB
5 unidata.ai
track.unidata.ai
30 KB
4 mathtag.com
sync.mathtag.com
2 KB
4 fiftyt.com
visitor.fiftyt.com
2 KB
4 semasio.net
uipglob.semasio.net
2 KB
4 de17a.com
d5p.de17a.com
1 KB
4 creativecdn.com
prebid-asia.creativecdn.com
704 B
4 viewdeos.com
tags.viewdeos.com
player.viewdeos.com
track1.viewdeos.com
cdn.viewdeos.com
14 KB
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
px4.ads.linkedin.com
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com
2 KB
4 facebook.net
connect.facebook.net
160 KB
4 appier.net
apn.c.appier.net
gocm.c.appier.net
adx.c.appier.net
ad2.apx.appier.net Failed
2 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 exelator.com
loada.exelator.com
loadm.exelator.com
6 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 google.be
adservice.google.be
1 KB
3 googletagmanager.com
www.googletagmanager.com
150 KB
2 doublemax.net
ad.doublemax.net
305 B
2 simpli.fi
um.simpli.fi
1 KB
2 zeotap.com
mwzeom.zeotap.com
981 B
2 cloudfront.net
d31qbv1cthcecs.cloudfront.net
aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net
2 KB
2 polyfill.io
polyfill.io
705 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 rqtrk.eu
ws.rqtrk.eu
516 B
1 quantserve.com
pixel.quantserve.com
542 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adgrx.com
cm.adgrx.com
408 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 rlcdn.com
id.rlcdn.com
66 B
1 kakao.com
act.ds.kakao.com
572 B
1 daum.net
analytics.ad.daum.net
718 B
1 toast.com
ace-sync.toast.com
650 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
138 B
1 alexametrics.com
certify.alexametrics.com
551 B
1 licdn.com
snap.licdn.com
2 KB
1 googleadservices.com
partner.googleadservices.com
437 B
1 jsdelivr.net
cdn.jsdelivr.net
2 KB
1 onesignal.com
cdn.onesignal.com
3 KB
952 70
Domain Requested by
145 fonts.gstatic.com fonts.googleapis.com
78 www.facebook.com 2 redirects www.storm.mg
www.facebook.com
connect.facebook.net
img.scupio.com
73 securepubads.g.doubleclick.net www.storm.mg
securepubads.g.doubleclick.net
www.googletagservices.com
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
71 www.storm.mg www.storm.mg
track.unidata.ai
57 tpc.googlesyndication.com securepubads.g.doubleclick.net
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
www.storm.mg
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
tpc.googlesyndication.com
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
28 img.scupio.com www.storm.mg
securepubads.g.doubleclick.net
img.scupio.com
24 www.googletagservices.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
23 pagead2.googlesyndication.com www.storm.mg
pagead2.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
srcdoc
21 video-ams4-1.xx.fbcdn.net www.facebook.com
16 cm.g.doubleclick.net 15 redirects eus.rubiconproject.com
13 ib.adnxs.com 3 redirects player.aniview.com
acdn.adnxs.com
12 simage2.pubmatic.com ads.pubmatic.com
12 imasdk.googleapis.com player.aniview.com
imasdk.googleapis.com
12 gum.criteo.com 4 redirects static.criteo.net
12 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
12 static.dable.io www.storm.mg
api.dable.io
11 ads.pubmatic.com vpaid.pubmatic.com
player.aniview.com
ads.pubmatic.com
11 fonts.googleapis.com www.storm.mg
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
api.dable.io
tpc.googlesyndication.com
10 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
10 image2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
10 www.google.com 2 redirects securepubads.g.doubleclick.net
www.storm.mg
tpc.googlesyndication.com
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
9 track1.aniview.com www.storm.mg
player.aniview.com
9 api.dable.io static.dable.io
ajax.googleapis.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
imasdk.googleapis.com
8 match.adsrvr.org 7 redirects eus.rubiconproject.com
8 sync.aralego.com 4 redirects www.storm.mg
img.scupio.com
8 eus.rubiconproject.com www.storm.mg
eus.rubiconproject.com
8 static.criteo.net img.scupio.com
static.criteo.net
8 mug.criteo.com www.storm.mg
8 scontent-ams4-1.xx.fbcdn.net www.facebook.com
7 ajax.googleapis.com api.dable.io
img.scupio.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.storm.mg
6 c.holmesmind.com 2 redirects www.storm.mg
img.scupio.com
6 aktrack.pubmatic.com www.storm.mg
6 banner-cfnetwork.cdn.hinet.net www.storm.mg
img.scupio.com
6 ups.analytics.yahoo.com 3 redirects www.storm.mg
6 rec.scupio.com img.scupio.com
6 s0.2mdn.net imasdk.googleapis.com
6 vpaid.pubmatic.com player.aniview.com
6 track.storm.mg www.storm.mg
track.storm.mg
5 c1.adform.net 4 redirects ads.pubmatic.com
5 sync-tm.everesttech.net 5 redirects
5 ad.holmesmind.com img.scupio.com
5 images.dable.io static.dable.io
5 bw.scupio.com img.scupio.com
ajax.googleapis.com
5 track.unidata.ai www.storm.mg
track.unidata.ai
4 pixel.rubiconproject.com eus.rubiconproject.com
4 pixel-apac.rubiconproject.com eus.rubiconproject.com
4 sync.mathtag.com 4 redirects
4 visitor.fiftyt.com 4 redirects
4 uipglob.semasio.net 2 redirects ads.pubmatic.com
4 d5p.de17a.com 4 redirects
4 pixel.advertising.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 hb.aralego.com img.scupio.com
4 bidder.criteo.com img.scupio.com
4 prebid-asia.creativecdn.com img.scupio.com
4 fastlane.rubiconproject.com img.scupio.com
4 sb.scorecardresearch.com 2 redirects www.storm.mg
4 connect.facebook.net www.storm.mg
connect.facebook.net
4 image.cache.storm.mg www.storm.mg
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 token.rubiconproject.com 3 redirects
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
3 image6.pubmatic.com ads.pubmatic.com
3 vid.pubmatic.com vpaid.pubmatic.com
3 hbopenbid.pubmatic.com player.aniview.com
3 ads.adaptv.advertising.com player.aniview.com
3 tag.1rx.io player.aniview.com
3 sp-api.dable.io www.storm.mg
3 secure.adnxs.com player.aniview.com
3 adservice.google.be securepubads.g.doubleclick.net
3 resources.storm.mg www.storm.mg
3 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.googletagmanager.com www.storm.mg
www.googletagmanager.com
img.scupio.com
2 video-amt2-1.xx.fbcdn.net www.facebook.com
2 loadm.exelator.com 1 redirects ads.pubmatic.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 ad.doublemax.net cdn.holmesmind.com
2 um.simpli.fi ads.pubmatic.com
2 aud.pubmatic.com ads.pubmatic.com
2 mwzeom.zeotap.com ads.pubmatic.com
2 dis.criteo.com image6.pubmatic.com
ads.pubmatic.com
2 cdn.holmesmind.com www.storm.mg
2 acdn.adnxs.com player.aniview.com
2 prebid.scupio.com img.scupio.com
2 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 player.aniview.com player.viewdeos.com
player.aniview.com
2 pixel-api.scupio.com img.scupio.com
2 www.google.de www.storm.mg
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 px.ads.linkedin.com 2 redirects
2 service-pvapi.storm.mg www.storm.mg
2 adx.c.appier.net www.storm.mg
apn.c.appier.net
2 polyfill.io www.storm.mg
1 simage4.pubmatic.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel-sync.sitescout.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 ws.rqtrk.eu 1 redirects
1 pixel.quantserve.com 1 redirects
1 loada.exelator.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 scontent-amt2-1.xx.fbcdn.net www.facebook.com
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 1595e939843b8bf1b4a3324b9dba517a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 csi.gstatic.com securepubads.g.doubleclick.net
1 cdn.viewdeos.com www.storm.mg
1 go1.aniview.com player.aniview.com
1 track1.viewdeos.com www.storm.mg
1 player.viewdeos.com tags.viewdeos.com
1 adx.dable.io www.storm.mg
1 act.ds.kakao.com www.storm.mg
1 analytics.ad.daum.net 1 redirects
1 ace-sync.toast.com www.storm.mg
1 tags.viewdeos.com securepubads.g.doubleclick.net
1 aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net www.storm.mg
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com 1 redirects
1 certify.alexametrics.com www.storm.mg
1 analytics.google.com www.googletagmanager.com
1 px4.ads.linkedin.com www.storm.mg
1 www.linkedin.com 1 redirects
1 d31qbv1cthcecs.cloudfront.net www.storm.mg
1 snap.licdn.com www.googletagmanager.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net www.storm.mg
1 cdn.onesignal.com www.storm.mg
1 gocm.c.appier.net 1 redirects
1 apn.c.appier.net 1 redirects
0 ad2.apx.appier.net Failed img.scupio.com
952 140
Subject Issuer Validity Valid
*.storm.mg
Go Daddy Secure Certificate Authority - G2		 2020-02-01 -
2022-04-01		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-26 -
2022-03-26		 a year crt.sh
*.c.appier.net
R3		 2021-04-10 -
2021-07-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
image.cache.storm.mg
Go Daddy Secure Certificate Authority - G2		 2020-07-10 -
2022-09-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
static.dable.io
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.unidata.ai
Go Daddy Secure Certificate Authority - G2		 2020-04-21 -
2022-06-20		 2 years crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2019-10-15 -
2021-10-28		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.dable.io
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.google.be
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-04-15 -
2021-10-15		 6 months crt.sh
www.google.de
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
certify.alexametrics.com
Amazon		 2020-07-12 -
2021-08-12		 a year crt.sh
*.profile.phx50-c2.cloudfront.net
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
tags.viewdeos.com
R3		 2021-04-26 -
2021-07-25		 3 months crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2020-05-12 -
2022-08-10		 2 years crt.sh
ad.daum.net
Thawte TLS RSA CA G1		 2021-01-07 -
2022-02-07		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
wl.aniview.com
R3		 2021-03-11 -
2021-06-09		 3 months crt.sh
*.avideotech.com
Amazon		 2021-04-06 -
2022-05-05		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
cdn.viewdeos.com
R3		 2021-04-13 -
2021-07-12		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2020-05-18 -
2021-07-17		 a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2019-06-28 -
2021-06-27		 2 years crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.cdn.hinet.net
 2019-05-10 -
2021-08-11		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-04-26 -
2021-06-16		 2 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.doublemax.net
Go Daddy Secure Certificate Authority - G2		 2020-04-24 -
2021-06-24		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.match.prod.bidr.io
Amazon		 2021-02-26 -
2022-03-27		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2020-05-28 -
2021-05-28		 a year crt.sh
*.exelator.com
Go Daddy Secure Certificate Authority - G2		 2019-05-17 -
2021-06-25		 2 years crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh

This page contains 104 frames:

Primary Page: https://www.storm.mg/lifestyle/3634588
Frame ID: 0F2CDCC260CC60AC93A193A0738741F2
Requests: 295 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Frame ID: B8BE5241161B9C450678F4CE1A7849A8
Requests: 1 HTTP requests in this frame

Frame: https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTk1NzcwODg1NzI5MTUiLCJtZW1iZXJJZCI6bnVsbH0=
Frame ID: 4A6581FD2C0124984EE694C09786E18E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022331377991686&output=html&adk=2801219079&adf=3163849507&lmt=1619577089&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619577087360&bpp=1282&bdt=278&idt=1748&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8055969750184&frm=20&pv=2&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060828%2C21065724&oid=3&pvsid=2656981039981739&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1786
Frame ID: F9BA0C66C0CC07EB042B69EA15521340
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fthejournalist%26tabs%26width%3D320%26height%3D130%26small_header%3Dfalse%26adapt_container_width%3Dfalse%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId
Frame ID: 4B2F194907A11D8190F6D26F1699E8D2
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbFCRB73lWbxlyxAVm5vNvkxHrpe2ThTe7P-b6fdMoVlcY9030Dl3ylKX698Obvt14wPFG69oWumCjdDK6tdY9O_QU0zW6z4GSSK2gYuZwZvKnITynrf2-U6aUNBMja2ZKTUc89XrCnDlAp31fm9Q5TEXmui6o8Ln8GBf54AUR_4JvVVXLkELrVPDxn9O0DutYv-wf9azP7GAeKNVunnmXFkwro8gccsNNKt8arA-KyGvp2QSHoD3VsJcqb5AfbxKseqVKtZOYa3saRzyQhd5cGxb0luFX1YyhzYxsv6TkQQjZYhs7hs8Y&sig=Cg0ArKJSzAZziE5x9qImEAE&adurl=
Frame ID: BF61371FA8BB3E29609ABDBEF47D6033
Requests: 8 HTTP requests in this frame

Frame: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
Frame ID: 516E115EF621D55C4C9CF9493E68286A
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkfvMZ18RT7f46rC05JEYzu-q9JySBpitsuUmYnKeZNK_cXxsAluEOC5d_ub775hlbNtv38DYMrLW2kufwLzEvCVvphK9xXt6Mees7iEA8W3bZQzK7LDDjUkjvS8T-xKphL_bjh7J7wiMF13PfLyARwP327gnw1LUUCmpvLBajVgYTHp9MTFUm-u53G75V_z1hl0X6Hud_5xjzb7qUS0MfXTXaIQshIfHlasGUkTD-Wfhaxt1FxdzQ-044zdnszOhtKBCRuKE8qsayuORq4x1Sw21QosnhRSHQVGWClaD_MIWS3MvTnx0&sig=Cg0ArKJSzJkHoZChrv7XEAE&urlfix=1&adurl=
Frame ID: 7618ACE3E68878FB8270EB3D20E7AE45
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWwSLrt45xE_phzT1ShHkDCQ8nnwJ88bQttjMPQfzN7cqYr1TwqNaUiOwvEQJXwUN4nWQNIQt0aPX0VYtqXESn185hQ437IbdMYnefdNpZ4TBR2ZzrR1qjeIKSP-g60YAp-sgTGkr9YC66kO6lW3ZekOXf9KtP_P4_LcZ7mfnkoPDTmwRvAOcFaLA0_d7Dv7IX-3GCvayK9PR9dopFxjTD5dkMegCD0Jq38bUTl7L0ig_1ySE_PVquLa8ppgclY1WYXBMo44BDgUhzcez5x7j5w2tYTniIezDhrXeSPGxh3M5r31vAHqTD&sig=Cg0ArKJSzLlzZUQLeu30EAE&urlfix=1&adurl=
Frame ID: 9177B66F713BE2A2E4D7B22DCD81FF2D
Requests: 6 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: FFD7250790EF40D9351CF234CDA9FF53
Requests: 23 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: 192958E94151856594F68A2C7E10D498
Requests: 28 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Frame ID: DBC8C57C2744C200C72107F7CD942BFA
Requests: 35 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgdjy3ht985h-Kl7r6w6FbQKoK4y_rjkkvWsc4hT5NRwnArIlR2ut5x1Yarq4QxpfMSq-Gfh_AgylxERLpc25pGDYVtQOvmMupNvuWjnBI7cl_3BfZRPYCOJdvMs9yTU2p1iDaBUabjRn34SzyqNM182tGN04U8FsLNK9J30JeS5bzjI6pTLG_FetuUFPvFNyxsOnaIsVdeArcOskbtAr81otf43rwQ7GECJAKtRdalgtmvy0R0Htwr6T0l3V0-ChTUeFHEdtJxwreJCkt-uoCKnaMPZ_V0bs3p5qpftpowKv8K3MvQFc2MhJpNSBlSlnaerWjKIY&sig=Cg0ArKJSzPdb9X7OuWbkEAE&urlfix=1&adurl=
Frame ID: C91097AE58D34F21D5CD36DCE2B59F3E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPl_jV289KYRR2C9GN4d3ud3z4uM6vRgkxk4qAzNyds4c7FBrRjgrDfrEaYyn_y1ql9v4U1ymNeyELmbKMmfGm0SgxuWcvnLO_MSE1GTuOoJCpUT87tJ_Z6WKXZ0h08GI2qahPCZEK8J67qufd0h3bMUf40FPaJHz87b6OR3drAMvvxmvRz8Ux5pd1i-rGQO8EQowwavvCtDEoZyi6eFUJ0WMEO7s_ZImN6sq90Cph-vS7MRAvyUiuXr7GW-M6tJU9zE7zLlv1UTn_JpKXWff9lyHNoQ9ezkF5MSyFzuoTfUmT33KmkYbTWg&sig=Cg0ArKJSzETjYeF12Tq7EAE&adurl=
Frame ID: 4B238BD0055827ED3D8B866C17F21300
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk3SE3Fj2f69C2nk6y6vBr-DnMA8pALg-E7CxWqkXG1gfKl19-PngRBrf0ccHMux5JXSl3npT4sD-Shf7LzDe3i-fz1zraf405PNhVJuZEUqa7bvdeoFojIIICH75UHA_rjOKhDkNEu4YvqXqjZEbjKZDpvTq3VWGPCnubs0pgMlnBQ1BoFeHzI0pD1u9m18P2YssDgc6QQhGCFB1KPWtVLP5eML8SPoFG3_4r1tc1XkD2UOiXUoxPY5WiZYuABN2DirNNI0pyImcLoDwvobT16xItZL0UZPJvrpXuprjCf-lyXUd6e1OhcDntrbPvEN5qRTgmSxPc&sig=Cg0ArKJSzF0u7ALQPwE0EAE&adurl=
Frame ID: B8F9900E4ACF28EC98F67FE6B555D2EF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLX9MtGafFp33OQN-S6CcAajAa_HcZGMijjdRuA7bhdwEY4jPrBCK6zFjExb3weMoX3KaM1VBgFgJeOCXC32Co3TGON1KILVJ_G8bQ6QDAspWlUT3cgmaD-ZoZPMNWJapj7gw3Fs9v1qNkX-yYmuAvc2qouHzOezWItWi94ZatA15E6NER2njbeJPLzDB7-uMxY5e1tcsrXnFEgH3JspLlAaQxQMdwlL1fXwXNIdHxye03Ma8OdR4SEpF0S-c5iqOytL09Y3anzhfCdZsxfqyJg2llKPxD6zO6nQvkTmW4juIcuvcotCRJQg&sig=Cg0ArKJSzKzLxV4iOF3uEAE&urlfix=1&adurl=
Frame ID: 0DB4EFCACDC83C5D6EC7EFD91679A293
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss82eWqNRxQB_0m0xCi3UGzqLl7dqVmY3whuFyzMtFIcQDYZkUmeM3XvJ0AXVp9xaM3YA-jkTmQrGEtrvRwth7t6Q-ed43V0dfvHRCBEi_J9C3W7dYjUY-xprAbPSEndFR8Gd0RPZ5Q5njhUSNVaHjaNaES9234Y5h01qdvdelFaQmPyUrLS-krMgk8GjmwZdftPKtPmFVS1Asg3jBL5QJQfjJWto4uIbblPL0lIRFRW5lUKvt_IAe3j4TvNakr3M1cBpqIKX5nIsYRphxu1YsgvVsVlv4rmyqIchzCL60UrNIU-fUuMEiLcQ&sig=Cg0ArKJSzNkepunZ87NTEAE&adurl=
Frame ID: D885E6C6BB96C9221CCD4BFFD733DACB
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaS35sbMNXP9HzPConUfJnpIQeyvAlLhNXJaraRlqqjB3JVwcgWmeqOICJNbcANFE75TqVludb1j4eHOq7DSUNoI_9QHoc0pUx-Cpdvn2r4TXhnVxkL_Frwlj2tudzKcPTiQn1kHKKuTDTj8D2qu2JVdzMwFkQ6OlGAtNuuMsa8zWHtmyPXuJSgS7NvimLBw3SLHm5gGKqUNwAH1mwYCLvYQwnk65j0ae-IrTSGxAQfptL0FEAfNTap7R1B47egqoE4HiDhUSS4vYqzynhrIEQUE0VX7bzMMCari5IkP6dh97te3-n1IiMsNU&sig=Cg0ArKJSzKFVCJMSk5Q2EAE&urlfix=1&adurl=
Frame ID: 4DABEB630806FF379DE5171E9D348120
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvnfJP-KUkIowG-fZjv6uTzoa4sqHFnqPXEJgOb3YkAHJQ7F9hPLwkm3AryQryr7BLaZnzfGrYDhNImVM8QoLp9QtXsfcsIiq-FDXPZVEsSHYqoEQChxyVEosXusz3hIisF6wrdcyXyILgEJ1cvPKXka6dVU6XD--JoTqeg_HYXiGSk7-DTQqVRNZM9ix30XVu3uyE7CDagefNu5mQJ5BhqJwovunkU9hmIIFlzzn6CePqZuC3mn_mvmb242qhANJ2rjaYoi4Q7if6uw8PPBToTPLIVQwQ3QAQGFloZMr263e3zJNePa05SLFgAxI&sig=Cg0ArKJSzFbe3lE9Au_4EAE&urlfix=1&adurl=
Frame ID: 2F50F5E5C5E5DD470FF8B40FD78ABDC3
Requests: 6 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html?mid=0
Frame ID: E019FD56538B3285F8B16A14A99245B2
Requests: 2 HTTP requests in this frame

Frame: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 643EF01D69D158ACEAE10BE6C1535666
Requests: 19 HTTP requests in this frame

Frame: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A28198265DD1AE2487D2388551C9A838
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpToBGSHvJFwYsuDKBi_tChvM-dRoatrYJU03Ou5fSaWGgDKitdNAC1NcUS0XallS8_aMXDan088pfQTJG6Y3jRCC8rNFCwrhqz0wDPya2rhO0I01dHFYB5ukSvss2W4di5NG3GzswCF2HWbrrPL7C1tQJ08Bk0evTFFWDM1AXJuFO5imrmFrlO4dYhwK-WRkWOaFsQIg4xscXQLgFsaUdR3qeZ0_1T7bkXJ7pi9RbMAEdFmb4p6lRG687p87lxJsweRiH5-1FCu1KY7-Ye6s1VKKdVos6DOI_GuFydS8OsDvm8VgukS6p&sig=Cg0ArKJSzNAmmTDfwoT6EAE&adurl=
Frame ID: 783E5A33F11651524573D608610209B6
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYpDEYvFPszmqLaacR4pPW0MoGoo6Mo68QxBgO8THfUfoiEFLZSfLxTYwBDFPBfE6wsqvW1R0wLIZ81r41OPRvPuRCLgPrXzm9YoqIKOvEVXGxc2vHrl5jxIrOmQk3zKpIyCuYRPOziXxwCh_L-PG9mETZf4qmsF-OC-7qENLWNBVgm27j6PR9mMciC6hKWi721chKWfIx-jwM8062n7x6EtYlVxB6ikudw0KqvWx-kXEHE8xbvUGnOCKJ4WmoD0IC4G64UUe4UrCjkUzm5YqOltw8myYy0ahECivXAVS0PPbgqirtVTVZDac&sig=Cg0ArKJSzPOt9kFQgMrzEAE&adurl=
Frame ID: 56DCF0424B424F745D54CE88B8A9E1A0
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNOGGVZYltPezVzPebP8vfav-xFsLX3Wxja4uWqX2XzA3q7og1852rj5Iv-fnlKgxK02crVD46mKX1rbhw_awO7usb4H6cWt2VZiQh-Xn46iMzY8FPCwm1MOljYiex9iiqy5rBcoVLd2V2WzX7TaofaBBZLjFp6PFbGDV14OSa5N3Ahjd87FjANy1jKHw14Sp9-oFTqP9uUXi6bqN1Uw4a6YrF6s-Osd8PbycP7IU6pnEB6YwW8zpP4swBGBu7VUphVRbHTPJ2ojU3oX3d8zNDErefUw0pkG7pj6dU9QS5ZawRlb1kULtDYA&sig=Cg0ArKJSzKvpvIB_IzdBEAE&adurl=
Frame ID: 38B277BE9E6A99873AEC2FEB3D77AF2B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaiuAs2DuwYC4kHEON_u40rEUDy1mQWSUWsc1TNN2cdPwMJ3vEXr_UaBi10pWjI3MWL33PTRGKd4nw8taDoXSNCGmf0deLzXMWZRlq2e9yQkdXqmahfzA2KY-Zi53O2t626Pkd9DNSb-swGJJ-Yaq_zhIvwmsNpHrk0ZAQaZUhqvOmGQRXMvz5SdWmvbnbEIHheLHsraLYXB5EccvFfYU_JEcjpztA4TVncdBlYp5cDG6h_SEfh97NoTNjaRdwsQ4cJ4jBtLwiGtliHQAeRUSJjHIUb0pt7eC3zVBM8LZYVZlgER1BX7gr1J4&sig=Cg0ArKJSzH4IQv3r6DlWEAE&urlfix=1&adurl=
Frame ID: 5E723A398B67675190DC0CE8F92055C1
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDYnCM8fGpNuLYcqexBZHRa7Ia7BvCUht22YdJyIRzb3Jbv-Uf1C55kMc7d2SpSOWL6BWv8iYyOa1la1yz5nHxmymTbjjLRpAohgMzAW2KZLwaSKTqn1BFMsCt4GyY2K4NMcCvzKZflwjIKj-bCGqL0royYhqHYgJovgX9lTJ7CvCoLfQbQ5j1I5qdd9hB3ekv0Du66yd_4Nf0-9bpNjXL7-BlB5HoYDP4f4xQD26EImEG6-BXgSY05XsoCrbr9L2vuOBtlcVKnQBzkDW9NNPdtWXdbI7rtxlPFBUGrdm-dN_rIi51G1BXMw&sig=Cg0ArKJSzL36BrFsBgEmEAE&urlfix=1&adurl=
Frame ID: 6A6FA1B0FCCE6E2AB22B8566CBDCB3EA
Requests: 15 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.55
Frame ID: BD169540B4A9084B77A52002E2FC6C74
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.55
Frame ID: CAC6E1DBEB7562C6B11F0DFC925B5166
Requests: 19 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.55
Frame ID: 5774997435E8F2F5CA4261079B913B3B
Requests: 17 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Frame ID: 84462315A0B19DED7BD44C168F77AEF4
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.55
Frame ID: 06AD5063A2ADC38E28F45391439FB74C
Requests: 19 HTTP requests in this frame

Frame: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 89FCA2697C9B470136027167E4820870
Requests: 7 HTTP requests in this frame

Frame: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 93C9C44C29DDEBFF7C1CD05D0635B089
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Frame ID: 85E3EBB05248D5D946E95EB0A640BEFA
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 7323C3FD6442C003234552E81093FFC5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F2938D08216E65CC01B46325251738D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Frame ID: 19BC3DE6C47E726412965864C1D67A6E
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D23EF1957EE033AD3E7C38FD363BE422
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323
Frame ID: 333F04FFEBE0633EC4807BFAB51F66B4
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: D8DD10462E582020A2E1025573B663B7
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 619BF86816E33E671DD20247A03E05D9
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 5F17D552577C995697D1C7C219775DD2
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 385F80759F8A6B92C4948677B128FDBE
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 1D959486A4D5517D372830CA8C3D5C39
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: DC20AD64E05C5D069EDCCC07B4454634
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 2A1082C2D977706ECEEE26297E50426E
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: F54CD8C443C36F5387BD4C9181DE9D31
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: E35A1831234D94535AA9D762F73AF86D
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
Frame ID: FD9B8C9BD6695706716D349C39F829D7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 413867B6A4B03479DBF1F705A6E687EE
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B561781B79F217414809CEC5E1F01487
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 196D437784E481444150AFA372D69668
Requests: 14 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9DF48C749E98CC1A7FC2319553E9EB26
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: 4570FBB309552D30B0C33EF9EF8E09C5
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: C524CF3BFF3A8906010DEB975BE7CB19
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
Frame ID: 05BDE7675707C8F2E3746A6805A41B87
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: A654BB9EB6CA8D4B65BC816AE252AA15
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4698E9AF2A5F064E38733AB622B366A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4086F4917303694BC9688A143CB2A6AE
Requests: 1 HTTP requests in this frame

Frame: https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Frame ID: C7C3DA0A28CB964F4107F381820FAE07
Requests: 5 HTTP requests in this frame

Frame: https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Frame ID: 1D961E7958C38F6DA0C6FB6422A63A7B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5526F363BA22FD50FDCBFA70D3E1D6E5
Requests: 2 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4778859144958710729
Frame ID: 54525029A1DBE4994FCC431ABA067AB1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7729143E15F9B7CF1A432C996CC32BB7
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: 80E03729918A6ED5E753DE9ED6341D61
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 9957B9A61529C6AD3B49B7EA06E97760
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Frame ID: EA916B4B7A473E94B538A5709320BA0B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: A8ED0CCB201856444BBE0B8DB7EA2BFA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 6998DE3930A9D5D65338E19A75B2067C
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: AFB70B1ADDF7BA2587BEFFA4D2232567
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Frame ID: 7EE9B0F63A1CEDE1F9AA44F439D9BCBF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 7BE21D7A1A299EEB9B5CE0FC3C495BF7
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Frame ID: E3AD9F871BFD6E887F068B0F544DB9C9
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265
Frame ID: 9A253C98D358E80BC1C6303B5E6E0494
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A0138B63D8CB0E83E617E747426A4F02
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 0F3FE084C52F2C539C94F2D4C8084330
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: E9C5D2DBBD78A82D3F4828881BE297B2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: A24B449856DB588B493ECA09D87D2941
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7334E8B54373A0B6A008410EEA609628
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A81A105674D4A1B7432F17A2B685D657
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B1D01A566FD03CF2EB723DE3E7B874D4
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282
Frame ID: 1E05BD9B0404BC49CCA457252A240DD9
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E48A9D3429E4C2A74C6BCEC01776F344
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: BA7692126549689E2E916D4423BA8798
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 5490C4119907583FC85A5220D8A11561
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: C276D5ACF8E9D5292473623C05694E6D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4F7A4469AA61F6B1203AEC8D7EDF0BD9
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C68E265C909F7BE79C3C65F1FE9BE68
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 72E38479DD91145FFC2C3306F6163558
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8932314486518883198
Frame ID: DE2BD870F709123CB6267C5139358203
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B91853DEDC34560AF7AEAF2A6347ABA9
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
Frame ID: 20087592A1C394A6747CDD04F7783704
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Frame ID: B66B55F3D57331E391F4EBF7E36EBBE3
Requests: 50 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Frame ID: 199EF1C6EE0DB3882CE3B89AC06D59EC
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
Frame ID: 34D7121FE696330E80839BD5F59168E9
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Frame ID: 00AA825A2AF5CF1D81569B80A837DAEB
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Frame ID: 82DD6EEFFE6B63E101E9E462091F1EE9
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8DE22CEAE6CD02C93C38B87B559426BB
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=05B19AC1-F068-4226-95F7-1BB01DB299C8
Frame ID: 36AE912CEF5A5683582E9E1DDA162078
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6956030677851764880
Frame ID: 3DE073BFE3845DD423F1DFB492578EBC
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 7CEBF8284A9A039F10BC47618286B9EB
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8A9DE9BE9BFA4E5765509839CF816392
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003
Frame ID: 02C26921F7B4882F6C61CADC744A0D94
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

952
Requests

97 %
HTTPS

38 %
IPv6

70
Domains

140
Subdomains

109
IPs

14
Countries

22320 kB
Transfer

48706 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc HTTP 307
  • https://gocm.c.appier.net/apnnet?haid=Wtu9feNo&hzids=Hhut9M-1%2CHhuo9M-1%2CHhu69M-1%2CHU9J9M-f%2CHhztWIOc%2CHhztWFOc%2CHUV6WFOc%2CHUV6H9Oc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=JT4ldV-ABtGHeMKSAMmIYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Request Chain 152
  • https://sb.scorecardresearch.com/b?c1=2&c2=20419801&ns__t=1619577089400&ns_c=UTF-8&c8=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1619577089400&ns_c=UTF-8&c8=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&c9=
Request Chain 207
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2701916%26time%3D1619577090622%26url%3Dhttps%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&liSync=true&e_ipv6=AQJnY6Pu8UwvlgAAAXkWUTc_D_f_g1DKy0cIcMBqD7OwaSmZZz8fBWw_quCLKxWZKfc2rwY6
Request Chain 214
  • https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
  • https://aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net/test.png
Request Chain 229
  • https://analytics.ad.daum.net/match?d=111&uid=40951584.1619577090134 HTTP 302
  • https://act.ds.kakao.com/match2?d=111&uid=40951584.1619577090134&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2240951584.1619577090134%22%2C%22t%22%3A%2220210428%22%7D%7D
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
  • https://adx.dable.io/pixel/google?google_gid=CAESEC4xKvBBOhXthmZMKYXm7oM&google_cver=1
Request Chain 506
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ud1FD3xxeUVuQXM4aEtHTHJReG1PdzgwUzN0WEpEQjFjSEVkTWI2TDkrZ2JMWnFFRWh3d01tR2JnVW9DaThlMGJLMWlUczFnNWVrSjJFcVJwN1RoNDNXZ2RyY0xBSFN0bVlHQ0Fja0EzZ1ZJWkJ1VkFVRWdUdXdkZjc0QWlLNDN1TTdJbnB4SHhNSytvUVk2WkFMQVU4U2xDRGQxaGwyVDc2QXphd2FBSGdFc2ZydFV2dzk0TE1zTnZwUWhJR3hhK09GcTl1VXRLQy96YTRkUTA5QmZxNXE1ZmxTSFFtVVNYbmUwNVFvTGpXNWxPMTlBPXw&cppv=2
Request Chain 527
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=HElxdXxyVUxaREtIRFY3SC9lVkJzRStCTHJJZjhUZkUzcHUydThEbHJXSDBEYy9MVWdrUzRIQ251UTUwNDl5S0Z5ZURoOE9LbVRWV0wyWmU0TFljUG5VVW9pUlpGVGthbU5MdS9ZQlUxSU94UDlVaVBxYW5WeGVISUFvZGEyTUxSRFM1Z29DT0FuSTJiSFhvWk95c28vMUp2Zy9wVWQ0MDBvY1RFbW8zbWZRNk5HTUVVeWhtR1ppSHpJQzhMRWc1MDVTcnVtMlVGZ2FiR1VtOHp5R2VlanpVc1hMTmNHSkx5eVBMNFFGU2ZPdVVjRE5FPXw&cppv=2
Request Chain 537
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Yo9c5XxWcURtMEhpb1ZCN1ZCZENZSXJ5ekR5ZTBxRGlJWTUwY1BCS3czMmJURzdlVkdZSG5mVHY4TWwwNnlNdmxHSlh0TURoS1BNS0ZFS1dOOHlXZnFGTUNqYi9hMnA2ZElxOVZHdjRpRnNUMkY5U3JjSnNlMXlzcnZBUzJNdU5rQ0x4dmJJdmpaTk9DMEt3bFVLTTc3SGJsdWNRT3RZdkZKKzVHV2kwY2V0RHpZdHBxVFFPM1JFOTloUC9PRzFxbzAwL0FBMEMzYW5acUsvODljZXRQM0I3K2hhY2preS92NEFnZXNzcHIrcE42cFNJPXw&cppv=2
Request Chain 565
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=E8Kqa3xhb2dmOExndjNPbFMrWkpKbDQvTStFUkF1NmtnUlluNEZaR0NudHBKa2RRWHhDWFBFem5xQUxhQTZWcjR3aHl6b3Z5TkxoTzVEYVl1L0FETC96VWRVTXJ2WDJsSUk0QTRicURZQ2FqNkpVVjJlZUhuWVh2Zi9PQnB2SXB2ZThpS3ZXeWx3NXpnZ2lrSm5VdE9qaWRUUEovV3c3d3RyY00xT1huTldNRUJQaStmRkNvR3p0WDE4bU9IZFlkMUZ2MHRheVFmZkZzN0RBUWU5b0VXcm80S0dIbzBJaGowMnJWWmV2K0xuTFE1T2tFPXw&cppv=2
Request Chain 645
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 647
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMTA0MjgxMDMxMzU3OTQzOTc%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
Request Chain 648
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 650
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA20210428103135794397 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Request Chain 654
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkYTc5OWMyMS1hN2M5LTExZWItYjBlOC0wMmVlN2QxZjY1ZWE%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEK60bEjuEpQQs2IxXXZKur8&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK60bEjuEpQQs2IxXXZKur8&google_cver=1&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
Request Chain 655
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1e7caf91-e7f4-4567-b840-75b9c88da817&_origin=1&gdpr=1&gdpr_consent=
Request Chain 656
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4 HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YIjJCAAAiToecQA4&_origin=0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YIjJCAAAiToecQA4&_origin=0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
Request Chain 662
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 665
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1FBMjAyMTA0MjgxMDMxMzU1MjU2MTY%3d&layout=js HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
Request Chain 666
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 668
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20210428103135525616 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Request Chain 695
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4778859144958710729
Request Chain 697
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bfWiNj1yQ4mP_j-NRjZ5LQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 699
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6DF5A236-3D72-4389-8FFE-3F8D4636792D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6DF5A236-3D72-4389-8FFE-3F8D4636792D&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 700
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&addseg=20
Request Chain 701
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkRGNUEyMzYtM0Q3Mi00Mzg5LThGRkUtM0Y4RDQ2MzY3OTJE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 702
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN4MLX0X_jEymRIrVU-9gcM&google_cver=1
Request Chain 704
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7caf91-e7f4-4567-b840-75b9c88da817
Request Chain 705
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1135618798091693640
Request Chain 706
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:842e6088-c908-4d00-a6ee-1d88608db1fb&gdpr=0&gdpr_consent=
Request Chain 707
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2937802500449247243&gdpr=0&gdpr_consent=
Request Chain 714
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20210428103135525616 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Request Chain 715
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 721
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e08e6088-c908-4500-8906-ab2ef72c48db
Request Chain 722
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVURXOUEtMVYtMURMQg==
Request Chain 723
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NiXRp46fb4kx1m1YIqFUZcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5862012657717731702
Request Chain 724
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiuqOWFY35BDTWMPgUmSHk&google_cver=1
Request Chain 725
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIjJCAAAiToecQA4
Request Chain 727
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO0UDW9A-1V-1DLB&sigv=1&esig=2~4f433c7a1a4361a14e3321b6724ad11864eb020f
Request Chain 731
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20210428103135525616 HTTP 302
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Request Chain 732
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 792
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 799
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 811
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtrsEDnWvTuuXRgqku-zuE&google_cver=1
Request Chain 813
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8932314486518883198
Request Chain 814
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b015964d-4d16-42ed-9fd0-c7d670a54dd3
Request Chain 816
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002175123204593149
Request Chain 817
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&gdpr=0&gdpr_consent=
Request Chain 818
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2773533202461637078&gdpr=0&gdpr_consent=
Request Chain 819
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbGawfBoQiaV9xuwHbKZyA%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbGawfBoQiaV9xuwHbKZyA%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 821
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=05B19AC1-F068-4226-95F7-1BB01DB299C8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=05B19AC1-F068-4226-95F7-1BB01DB299C8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 822
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=05B19AC1-F068-4226-95F7-1BB01DB299C8&addseg=20
Request Chain 823
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDVCMTlBQzEtRjA2OC00MjI2LTk1RjctMUJCMDFEQjI5OUM4&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDVCMTlBQzEtRjA2OC00MjI2LTk1RjctMUJCMDFEQjI5OUM4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 828
  • https://sb.scorecardresearch.com/c2/20419801/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 831
  • https://www.facebook.com/v3.2/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width= HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Request Chain 898
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6956030677851764880
Request Chain 899
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFON1kwN0JFWklBQUN0RmZfZ2t0Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 901
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7328887421 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/b015964d-4d16-42ed-9fd0-c7d670a54dd3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003
Request Chain 902
  • https://pixel.onaudience.com/?partner=214&mapped=05B19AC1-F068-4226-95F7-1BB01DB299C8 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=b015964d-4d16-42ed-9fd0-c7d670a54dd3&icm HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e865b87ac1a6f90ddc550133a0a5fd45
Request Chain 903
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d7846088-c90a-4800-ad47-1cdea6aba8c0
Request Chain 904
  • https://loadm.exelator.com/load/?p=204&g=71&buid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=71&buid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Request Chain 905
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=05B19AC1-F068-4226-95F7-1BB01DB299C8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7BXeyltE2uUg2cWvCvFtKbtvJZoIaGI-~A&gdpr=0&gdpr_consent=
Request Chain 906
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs
Request Chain 907
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ddb2e56-3b2c-424d-aa89-30b83be18fa6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 908
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2896681845941658827&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 909
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIjJDAAAiThXagA4 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIjJDAAAiThXagA4&gdpr=0&gdpr_consent=&_test=YIjJDAAAiThXagA4
Request Chain 910
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5ce03fae-a4c2-41c2-947d-5d8340b2f23e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 911
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

952 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3634588
www.storm.mg/lifestyle/ 		162 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c67a5e3d6fbd1acde50766699ebb4c9c1ed2228d412700afe197af4aae664e2d

Request headers

:method
GET
:authority
www.storm.mg
:scheme
https
:path
/lifestyle/3634588
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
cache-control
max-age=900, public, s-maxage=900
content-encoding
gzip
date
Wed, 28 Apr 2021 02:31:26 GMT
server
nginx
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
caf5qDA5kpEcqRa-Efp0P5z3s6RJlBMowxRQRpPg2pJzRHP3HBB0MA==
css2
fonts.googleapis.com/ 		356 KB
98 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85996bd026a2d1a1a78d9686cbaad97d9b734c5a1ea94ebd3a2865c6ee9715ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 01:18:15 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:27 GMT
icon
fonts.googleapis.com/ 		568 B
461 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 02:31:27 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:27 GMT
layout.css
www.storm.mg/stylesheets/ 		540 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a7f9dbb1f0fb13357f2813f984bde4abae3c78e379b72e380843e74b54875841

Request headers

:path
/stylesheets/layout.css?id=af88ebe212628833bca4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:04:25 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 00:15:03 GMT
server
nginx
age
1622
etag
W/"6088a907-86f24"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
7acrpnvotahacwMgxOp0rxoN3FxpexA7KQRIemLY2yPwKFDhBf0uTg==
expires
Thu, 28 Apr 2022 02:04:25 GMT
jquery-1.9.1.min.js
www.storm.mg/js/ 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/jquery-1.9.1.min.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

:path
/js/jquery-1.9.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:36 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
177
etag
W/"5a5ebc04-169d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
32772
x-amz-cf-id
c1ZvLWWWr_KL506SHpwDF6J-YKwIMZjO6-u4jgaz5mLC26GVlr9mgQ==
expires
Thu, 28 Apr 2022 02:28:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
cbb4c47c1c8ef22efb5eaa7b514338b98b47573cd2dabe1473a9b012129148c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 862 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21062
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		133 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38323e859973802ff3755a155f8ab5c6114591764e2c86aee07e7e8d50cad058
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48216
x-xss-protection
0
server
cafe
etag
8239039724222994226
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:31:27 GMT
browser_define.js
www.storm.mg/js/ 		1 KB
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/browser_define.js?id=e4e26315b3a912dabc4f
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3d278d324065ab89c5eef315040c5084d97db20be44db41440980c99988b3cf1

Request headers

:path
/js/browser_define.js?id=e4e26315b3a912dabc4f
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:23 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 07:16:59 GMT
server
nginx
age
1384
etag
W/"5f1fd0eb-498"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
432
x-amz-cf-id
XWZAI7l4sIQuI05QdZa-Q14NhyIllljDdKgSR4s7tQM7TJ_l92qkhg==
expires
Thu, 28 Apr 2022 02:08:23 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CString.prototype.padStart%2CObject.values%2CPromise%2CElement.prototype.append%2CURLSearchParams
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2325808
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Wed, 31 Mar 2021 17:54:37 GMT
date
Wed, 28 Apr 2021 02:31:27 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
pb.js
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain
  • https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
  • https://gocm.c.appier.net/apnnet?haid=Wtu9feNo&hzids=Hhut9M-1%2CHhuo9M-1%2CHhu69M-1%2CHU9J9M-f%2CHhztWIOc%2CHhztWFOc%2CHUV6WFOc%2CHUV6H9Oc&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js
  • https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=JT4ldV-ABtGHeMKSAMmIYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
537 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=JT4ldV-ABtGHeMKSAMmIYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
c3345a03ef3a8173ed822cd9b66614ea262e88bf47b4eb0c67830ee1e5d62acb

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
clear
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Redirect headers

location
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=JT4ldV-ABtGHeMKSAMmIYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
date
Wed, 28 Apr 2021 02:31:28 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
200
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
define.js
www.storm.mg/js/dfp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/dfp/define.js?id=e81d4b8a2ad079a69ad5
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11e5f6fcb0e9f167de2c70823137b29eab53c944c144a9e615ad0f92729db0ae

Request headers

:path
/js/dfp/define.js?id=e81d4b8a2ad079a69ad5
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:24:34 GMT
content-encoding
gzip
last-modified
Mon, 26 Apr 2021 20:16:34 GMT
server
nginx
age
413
etag
W/"60871fa2-1e6a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
2196
x-amz-cf-id
-RuNsntgYC8_0KgOZS3H6vp8WiCmGTDnQLDQHONnoxZIKP0iiw7OIA==
expires
Thu, 28 Apr 2022 02:24:34 GMT
tracking.js
www.storm.mg/js/core/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/core/tracking.js?_v=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6d9eaafc340c46807a31a00917fb95d51c33321d52f3bcf41297a84fccef4553

Request headers

:path
/js/core/tracking.js?_v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:23 GMT
content-encoding
gzip
last-modified
Fri, 07 Aug 2020 19:01:40 GMT
server
nginx
age
1384
etag
W/"5f2da514-5fe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
767
x-amz-cf-id
I52OtYSjG02d-3UvqzRGNRb6JeG4kY1nPP6QShNGdOTo3wW4C8kZCw==
expires
Thu, 28 Apr 2022 02:08:23 GMT
smg.js
www.storm.mg/js/core/ 		695 B
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/core/smg.js?_v=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ffcc0f5b5458b5e9eaa54a148c555593dde0d3e797314cffe8933e09fdb48586

Request headers

:path
/js/core/smg.js?_v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:03 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 06:26:52 GMT
server
nginx
age
1044
etag
W/"608268ac-2b7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
471
x-amz-cf-id
LsVHd7VQ6JipZjlpWq-oxhF62G-H67OIsGZ-KDGJseBX4KVT60YqrQ==
expires
Thu, 28 Apr 2022 02:14:03 GMT
unidata.js
www.storm.mg/js/core/ 		717 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/core/unidata.js?_v=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8afb4e8baa2ec27159a9f1b678e3c7b3287a354c679711e1d7a9e8cb0a0ae798

Request headers

:path
/js/core/unidata.js?_v=1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:04 GMT
content-encoding
gzip
last-modified
Fri, 03 Aug 2018 09:19:08 GMT
server
nginx
age
1043
etag
W/"5b641e0c-2cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
475
x-amz-cf-id
EgqumGxVtHImClbcHRhhR6BCHBc0MBY6OhAHsum3E0oKaaW6927zhA==
expires
Thu, 28 Apr 2022 02:14:04 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d498637d3729f9082115b547255e3741d328021543c3cc38814a1112a26901

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:27 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3528
etag
W/"d199313092146033fbc76e9fc961ead7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
646cdfde6c2f4a9e-FRA
cf-request-id
09b7ea3f0600004a9e50bb7000000001
expires
Sat, 01 May 2021 02:31:27 GMT
wsj_red_btn.png
www.storm.mg/images/premium/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/premium/wsj_red_btn.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
37184b5b0c26342b3e4182bb81377106d50067c096aa1b3ded2bd4739e3b5d82

Request headers

:path
/images/premium/wsj_red_btn.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Mon, 10 Feb 2020 06:12:46 GMT
server
nginx
age
582
etag
"5e40f45e-90e"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2318
x-amz-cf-id
FBUl7I2b5MYObahmUutzy1zfu6SlzHG_VAe9OB7NjByWOfZUIqisbQ==
wsj_red_btn_active.png
www.storm.mg/images/premium/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/premium/wsj_red_btn_active.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8320a5fa8b7e5b43abe1359be9de3e9d7e93256f27f4c0f812444be3eb2ee3af

Request headers

:path
/images/premium/wsj_red_btn_active.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Thu, 06 Feb 2020 06:42:26 GMT
server
nginx
age
208
etag
"5e3bb552-a40"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2624
x-amz-cf-id
ap9f9sZgdFIzVk07RBdApOQ7z1kP41JGrojRdWGE6ox1T2muCXIsPQ==
logo.svg
www.storm.mg/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/logo.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b50277b2389bfdda3bb9148d0c26c07324d1eb8db70a9c703d41325d66b4af6b

Request headers

:path
/images/logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
697
etag
W/"5a5ebc04-1d6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
s9DZU6DajdYEaL1mKJBdnByN5Vkk5xtiRBWEiCl0MoGIB_qCZKN9gQ==
expires
Thu, 28 Apr 2022 02:19:50 GMT
logo_CT.svg
www.storm.mg/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/logo_CT.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a2469b91c0bb4ca4f8f1d67b79f1ada540029e248827717b22e0e8333e18f818

Request headers

:path
/images/logo_CT.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:27 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
W/"5a5ebc04-e2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-id
-us0IgA1HehUqzeLHkKDNUndrFhc7w0xUr5WVBbuamvEepLcSysP8g==
expires
Thu, 28 Apr 2022 02:19:50 GMT
logo_new7_vip.svg
www.storm.mg/images/ 		14 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/logo_new7_vip.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
59a98beecaaa2055592d1fec998eeb157f138e6843ba05b61d068b69338b02e8

Request headers

:path
/images/logo_new7_vip.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Sat, 26 Sep 2020 07:18:12 GMT
server
nginx
age
443
etag
W/"5f6eeb34-37c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
h4C3D7hg96Ks06UvU7qiXSQ6tlSNg5DM9p0c8VW07VH_r1lOHOFTYQ==
expires
Thu, 28 Apr 2022 02:24:04 GMT
wsj_menu.png
www.storm.mg/images/premium/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/premium/wsj_menu.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
56ed88293bc3b19239d5c0fe26672cfd7b41ed3bad4d974970cab9a373f0be98

Request headers

:path
/images/premium/wsj_menu.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Fri, 22 Nov 2019 03:37:40 GMT
server
nginx
age
580
etag
"5dd75804-12c6"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
4806
x-amz-cf-id
ZPA4otJfpxxr9jtjp1bzlkPmrlYEFVFhVZCgWTtfkZaLeUHqCKX8DA==
wsj_menu_mobile.png
www.storm.mg/images/premium/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/premium/wsj_menu_mobile.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
b1ed587eda401e449edfe34318d55e185497ec21a52b907ee05cf6656e961d9f

Request headers

:path
/images/premium/wsj_menu_mobile.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Fri, 22 Nov 2019 03:37:40 GMT
server
nginx
age
579
etag
"5dd75804-11ec"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
4588
x-amz-cf-id
PhYyH6jPDVkiDhRs9WHOshRY2znZvz7wR9Gjn5quyqkbzS4ojhyKXQ==
search_btn.png
www.storm.mg/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/search_btn.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
df18f6d97724aedc00931593f05d46795219aba0c1a5c4c5f1e11c210a1f016f

Request headers

:path
/images/search_btn.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
222
etag
"5a5ebc04-6122"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
24866
x-amz-cf-id
geuUPg7EthUryXUARFAVAUESPF7PVLC2E_R2d_9LPGWEkrZW4K-4lA==
search_btn_hover.png
www.storm.mg/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/search_btn_hover.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
94787763c97e2505befdf1b883d5fde64c1f1df7547ec5d9c44db6aa5158c1c0

Request headers

:path
/images/search_btn_hover.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
208
etag
"5a5ebc04-6122"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
24866
x-amz-cf-id
wJagioXlGAaxW8Js2z8bXMFdceRTlSpr6o7l096VV8LPXLGRb9pCdA==
ajax-loader.gif
www.storm.mg/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/ajax-loader.gif
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6

Request headers

:path
/images/ajax-loader.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
440
etag
"5a5ebc04-1aa4"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
6820
x-amz-cf-id
uzFHuD35LJDVJgBuMCFVCGgA-bqvlt4Bzjq0nlfZ6uu2YZzKP3heEg==
account_detail.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/account_detail.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
cc64a742ead51c8d3c7ab29597287ffcfae6b93ff22d4d35fd646187ab6a4fde

Request headers

:path
/images/svg/account_detail.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 03:52:28 GMT
server
nginx
age
698
etag
W/"5a5ec87c-70c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
6hKTSwh2Xmt7iVCEheuQOEAE1HywQlWP69jj_SsSFTq6OWq7xXpbsA==
expires
Thu, 28 Apr 2022 02:19:50 GMT
member.svg
www.storm.mg/images/svg/ 		823 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/member.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
04b53924e054afe428a4482452f988f705775328c10a2e3432dfc95a4fd3a1fa

Request headers

:path
/images/svg/member.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 03:52:28 GMT
server
nginx
age
1154
etag
"5a5ec87c-337"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
823
x-amz-cf-id
0_6biVlQzPrqMveb7afOvrkhWpS2R_61gSMDNN4crniv3KJgyt8Dpg==
expires
Thu, 28 Apr 2022 02:12:14 GMT
premium_icon.svg
www.storm.mg/images/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/premium_icon.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
11f436a97bc0a6d6f2a7f171b8c1b89872e6af4d857af61db1c43235a5395ec0

Request headers

:path
/images/svg/premium_icon.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:05:34 GMT
content-encoding
gzip
last-modified
Wed, 30 Dec 2020 04:21:33 GMT
server
nginx
age
1554
etag
W/"5fec004d-40f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
pGJtYP-15R5BJM9oJFapb-h1AJUOyto_0Uh9DYA5wiRAbNw1aiVh7A==
expires
Thu, 28 Apr 2022 02:05:34 GMT
present.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/present.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d98d14669eb4616f42bc62d7af02f1b23925c61929f9a10736bab32fa2b5b87b

Request headers

:path
/images/svg/present.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:12:14 GMT
content-encoding
gzip
last-modified
Wed, 30 Dec 2020 04:21:33 GMT
server
nginx
age
1154
etag
W/"5fec004d-889"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
La3kf64cpflREsh1AIB5bE4CDbNFjp6gD1WANpUA92N0UFh14XmLXg==
expires
Thu, 28 Apr 2022 02:12:14 GMT
donation.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/donation.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3bad69264aefa45b3cf2c482d1e9de36e7a234292974a993f2469960d5756d22

Request headers

:path
/images/svg/donation.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
584
etag
W/"605d5959-77a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
idd8Z_6R9A5DeJkTvNGEDObsjgbUXpz3ozHl2uAlRwxAzb1lumCwew==
expires
Thu, 28 Apr 2022 02:21:44 GMT
donation_list.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/donation_list.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
034385d3ecf8a345dc53799aa76e9e600a8b321ab3fba473cd40f84cb68e30f8

Request headers

:path
/images/svg/donation_list.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
1154
etag
W/"605d5959-7ff"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
8FT4fE5qL_646CyyxiFvuZOORDK4ryv5bwS31hJSC8XKbbqigJ26YQ==
expires
Thu, 28 Apr 2022 02:12:14 GMT
author.svg
www.storm.mg/images/svg/ 		751 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/author.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
14c0cf3877366a725f5b3d7096ac33979dadc47af37e757fb69005a976651e6f

Request headers

:path
/images/svg/author.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 03:52:28 GMT
server
nginx
age
579
etag
"5a5ec87c-2ef"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
751
x-amz-cf-id
I4iyqBfr9yBBJeK4Cdhz8fPUuP2F1UTmKvNQ1kdQZStJm0X3gK9f9A==
expires
Thu, 28 Apr 2022 02:21:49 GMT
support_us.svg
www.storm.mg/images/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/support_us.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1b8d76df01f625c7664ded13227bc8aa61fa8065164b513ddd251d015bbd514d

Request headers

:path
/images/svg/support_us.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:19:50 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
698
etag
W/"605d5959-441"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
OkjatVhNSXYB-XnYRjTe1gkhJKmGB0MLi5s0AeL2Z9udSxeh8VFmKg==
expires
Thu, 28 Apr 2022 02:19:50 GMT
header-member_mobile.svg
www.storm.mg/images/svg/ 		849 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/header-member_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d605f1fb10b5ee49f59328d98df7757e135c1d247fe79392b1ce97afaf6e34ad

Request headers

:path
/images/svg/header-member_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
583
etag
"605d5959-351"
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
849
x-amz-cf-id
LBTOkVFahspT8j82SGGs2QqbQ4IURLyXIKAqEdOskfaacTu0evzUSQ==
expires
Thu, 28 Apr 2022 02:21:45 GMT
member_link_mobile.svg
www.storm.mg/images/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/member_link_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0d9f3d845fd24f8a8161da7c3d550ccee30980e52e4cecfacc09449d6731a248

Request headers

:path
/images/svg/member_link_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:43 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
1365
etag
W/"605d5959-47a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
_ZMAk3l8L7ASAA6lN9B7t9zcF-Y7elKfW8f-igIQjjxOA9AmrFdEuQ==
expires
Thu, 28 Apr 2022 02:08:43 GMT
present_mobile.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/present_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
496832b29c05d19987bcc3c825498d6d43edc8874026a9b5d5795ba9ce4bf7d3

Request headers

:path
/images/svg/present_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
209
etag
W/"605d5959-7c3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
U6OHkNiOzJf7GYl5RNG-_t3u0CkNbytcpMeHZTOOYqCIGo7uSfVcdA==
expires
Thu, 28 Apr 2022 02:27:59 GMT
header-coffee_mobile.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/header-coffee_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9a0d4f663cf14d5417afdc1b49cc230169f2c2b6c0c779ae1c768fb2ee416625

Request headers

:path
/images/svg/header-coffee_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:39 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
1368
etag
W/"605d5959-7a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
8-wiLrMsjmLNltzptYbA8o29gJVPUWntay4aTWZlCR59ijaEpkf3lg==
expires
Thu, 28 Apr 2022 02:08:39 GMT
donation_list_mobile.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/donation_list_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
76064ddd12bf9fe3cb8055771f4790d2a4a391a04e4e961bce6a6f3f89d6235b

Request headers

:path
/images/svg/donation_list_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
583
etag
W/"605d5959-63b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
CBY2qmBiNL_hc_ybFo_am1zpkoIqj8WWEcHI83066su13NVzNX7nQw==
expires
Thu, 28 Apr 2022 02:21:45 GMT
wsj_mobile.svg
www.storm.mg/images/svg/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/wsj_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1d938720aaf6d016c860c53d8842628dedd7196dae458d9da48103ec114e1846

Request headers

:path
/images/svg/wsj_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
1153
etag
W/"605d5959-646"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ssaWzj_T9_hxekUUTTGk_zlw9rw9_5PKDAy8BV5yAJWV5Qx1bikInA==
expires
Thu, 28 Apr 2022 02:12:15 GMT
support_us_mobile.svg
www.storm.mg/images/svg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/svg/support_us_mobile.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
dc46343f4589fedcba61b549d5c3877301846da5b4a40bd836619d0d6fb00df4

Request headers

:path
/images/svg/support_us_mobile.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
content-encoding
gzip
last-modified
Wed, 30 Dec 2020 04:21:33 GMT
server
nginx
age
579
etag
W/"5fec004d-46a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
bXTs_MvvD1TdsLfY6fMYShdKxAEuRFy_GyhsSFTLJcfj8fb3pD9aEQ==
expires
Thu, 28 Apr 2022 02:21:49 GMT
cht.png
www.storm.mg/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/cht.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4736abc878880e5e13b646bbd5b46e6470c91b2959c616a865af1f265928b621

Request headers

:path
/images/cht.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 15:37:23 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
"5cc5c8b3-8cd"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2253
x-amz-cf-id
eVVI9MDgciQV-f17WmlM0PlipSEYLA-1f0EEXlnGRfifIm7bJQ5ZMw==
cht_hover.png
www.storm.mg/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/cht_hover.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
cd68a6e55fe88aa4ec6dfce4a35ba9c3cd69a6954e5ecb4e3d091d819c4a5375

Request headers

:path
/images/cht_hover.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 15:37:23 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
"5cc5c8b3-91e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2334
x-amz-cf-id
ota2XAZewK3gvo0tuTpAEAzh-73kswJW0jD8vqYApUdo_TY77Kxmvg==
chs.png
www.storm.mg/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/chs.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a8b1d478b7bb9316d230f5be129aa063dee9c920b0151e64d9d8fa3a88ac6569

Request headers

:path
/images/chs.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 15:37:23 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
"5cc5c8b3-5b6"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1462
x-amz-cf-id
6P6LlTrONab7Ky1D0U4rTlWKBSxVJpN8MivUaPpux7L7v2QHq8KcrA==
chs_hover.png
www.storm.mg/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/chs_hover.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7e61f5417431e000124fbcf81b86ae6c08999e6f229f2ebffc748d82c2516ba4

Request headers

:path
/images/chs_hover.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Sun, 28 Apr 2019 15:37:23 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
"5cc5c8b3-661"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1633
x-amz-cf-id
1e7JAIoxMRoM4wyEN6h6at95oUMjHM1RPwlTMgUbrQ4ByX9T0QHvXg==
print.css
www.storm.mg/stylesheets/ 		2 KB
883 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/stylesheets/print.css?v=1.0
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d19d9de9bbafb40238e5d2b02a6ec1546158f7956dbc641a5f292befed381647

Request headers

:path
/stylesheets/print.css?v=1.0
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:04:46 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 00:15:03 GMT
server
nginx
age
1601
etag
W/"6088a907-9c2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
484
x-amz-cf-id
JRFt7Ots4SZw4ZojvQBGYOBa2TkfyH1i-ANol2CDiHP8tobAnmLw8Q==
expires
Thu, 28 Apr 2022 02:04:46 GMT
20210326-110924_U20525_M680607_e028.jpg
image.cache.storm.mg/styles/smg-800x533-fp/s3/media/image/2021/03/26/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.cache.storm.mg/styles/smg-800x533-fp/s3/media/image/2021/03/26/20210326-110924_U20525_M680607_e028.jpg?itok=TWdgGjTg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7c0bdade1d5e6e47bb8043701ecbf368a592475704ba1d554f180c501cf94d1

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:21:47 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified
Fri, 26 Mar 2021 03:09:28 GMT
server
AmazonS3
age
582
etag
"425f2234dce31ca70e582f2c4cd85e7c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
60018
x-amz-cf-id
tJe0uJnekJ4p4nkalmzzCentgoFrvEshipCbTcELp8H4RMJklQkWUQ==
20210311-115250_U4040_M677288_109f.jpg
image.cache.storm.mg/styles/smg-800xauto-er/s3/media/image/2021/03/11/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.cache.storm.mg/styles/smg-800xauto-er/s3/media/image/2021/03/11/20210311-115250_U4040_M677288_109f.jpg?itok=sJA6C5uK
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c939157a9a046d7384b09965481ad73b41db5964782cd4a4efe84ff30fb94ed

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:21:47 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 00:22:21 GMT
server
AmazonS3
age
582
etag
"6d54158a31dbe7580bda83e5f40d3bcf"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
29347
x-amz-cf-id
_KHU5mBWqlUh8bQMrSW5bDiJnHNc99rTT4yUEKjwNnZtDGRzm98AfQ==
20210325-112958_U20290_M680268_eab6.jpg
image.cache.storm.mg/styles/smg-800x533-fp/s3/media/image/2021/03/25/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.cache.storm.mg/styles/smg-800x533-fp/s3/media/image/2021/03/25/20210325-112958_U20290_M680268_eab6.jpg?itok=6YaL3etQ
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cebbc19e0feeebe142c76ec258d601b7df8f69af908b786610a474a315a40c59

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 03:30:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"8fb67d236a49c737f1fed4784ba119a2"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
content-length
72356
x-amz-cf-id
T-YWwzPiz41KhBEI_ZOn7J2PtHQZJx--xBB9WvQGmnhz0NXvDWa9TA==
20180425-095342_T49552_7e09.jpg
image.cache.storm.mg/styles/smg-150x150-fp/s3/author/image/49552/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.cache.storm.mg/styles/smg-150x150-fp/s3/author/image/49552/20180425-095342_T49552_7e09.jpg?itok=kmjsA-0V
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b31f0b11ef3bf1d226360b88af4292dcda2ee57292b9107beb0a618552de9891

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
last-modified
Tue, 17 Dec 2019 03:25:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"2c26c2e2a80d904293abb2921866ae41"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000, public, no-transform
accept-ranges
bytes
content-length
4131
x-amz-cf-id
NGmW6wWd7RuNZ45sLGzc60vVw2N07rrjp9gKFctFKf-VxX9JthzqDA==
gtm.js
www.googletagmanager.com/ 		251 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d17e337798056804093b014e6c1d8b371141742ec9df9408ea587a14f74e765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64096
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:28 GMT
plugin.min.js
static.dable.io/dist/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/plugin.min.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b7526219d7e242db2a370db23aa101dc51ba2ea4417f3fefbc31ee10fea31c2b

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.Eab3Z4t16BnWzQV8myUCLcWTtETtqNt
Content-Encoding
gzip
Last-Modified
Tue, 20 Apr 2021 07:44:25 GMT
Server
Apache
x-amz-request-id
HYTQYRVKCH4QAQXQ
ETag
"645cc3f7552f1c1dd8fd82c3cd5925d5"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:28 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29699
x-amz-id-2
C6Pacsk+lx8TsC9lbsFQ5ixkwe6auSBJN2qnX5ZtzvkEPkXYG/KAJahAs2QNRuu7XOjP0rVR29w=
polyfill.min.js
polyfill.io/v3/ 		72 B
174 B 		Other
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CString.prototype.padStart%2CObject.values%2CPromise%2CElement.prototype.append%2CURLSearchParams
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
2325810
detected-user-agent
Chrome/89.0.4389
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Wed, 31 Mar 2021 17:54:37 GMT
date
Wed, 28 Apr 2021 02:31:28 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:28 GMT
stars.png
www.storm.mg/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/stars.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fa4f6f67cae8ebdfb32ef792bfc98c325b1282de2db5fe0b59e8d332cd0b29fa

Request headers

:path
/images/stars.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:00 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 10:01:32 GMT
server
nginx
age
208
etag
"5e84667c-615"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1557
x-amz-cf-id
0W7yXKQMbmaVFs1D4PqHX9wczV4J1U_72ayvg_xwn6S3OmD71My18Q==
app-store.png
www.storm.mg/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/app-store.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4cbc4bd9900691ec730e24678b055b3c0768f52f879eeebff707616fe36696df

Request headers

:path
/images/app-store.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Thu, 06 Feb 2020 06:42:26 GMT
server
nginx
age
583
etag
"5e3bb552-bea"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3050
x-amz-cf-id
zSwpUsKPqJm_3v_qxOSr6Lg-y8XCgayTEBbqC8IWL_bF-xt5pOWucA==
google-play.png
www.storm.mg/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/google-play.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9c175d534cf98c238750824b23ac92954963b9edcddce8ccfc1e03f66e8dace2

Request headers

:path
/images/google-play.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Thu, 06 Feb 2020 06:42:26 GMT
server
nginx
age
439
etag
"5e3bb552-d44"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
3396
x-amz-cf-id
pP7PIGdmdZ3g1yookyumflbxrbrdz5knyf6A1xCZHOisuRe9OX8HNA==
footer_icon_fb.png
www.storm.mg/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/footer_icon_fb.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5b43311cd3b32f81df683cbe244aa8358d5834e09522946ae7f735ee1b8501e8

Request headers

:path
/images/footer_icon_fb.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Mon, 10 Feb 2020 06:12:46 GMT
server
nginx
age
208
etag
"5e40f45e-54a"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1354
x-amz-cf-id
WMHrYxFKhIq15lEh66ymuE_LOoJpSnNVAkNd6I6X98rb229W8J8CmQ==
footer_icon_line.png
www.storm.mg/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/footer_icon_line.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
957ccf45e2619f36e82c0418e1ef953dc3230da4c8c07dde0ca87f4fbb7152f9

Request headers

:path
/images/footer_icon_line.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:00 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Mon, 10 Feb 2020 06:12:46 GMT
server
nginx
age
208
etag
"5e40f45e-651"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1617
x-amz-cf-id
u9xYJvONb7Ev6psE83O5eUV-8HclIvK1MnkxqYH-Vnaa1cE86wZrSA==
footer_icon_ig.png
www.storm.mg/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/footer_icon_ig.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e4c0eec3f0a6bfb56273512939516c1bbf6feec940a74e64097d3df91d7a8c8d

Request headers

:path
/images/footer_icon_ig.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Mon, 10 Feb 2020 06:12:46 GMT
server
nginx
age
208
etag
"5e40f45e-8f1"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2289
x-amz-cf-id
ZodKc2wk_JGD8SL702k_CQZUq_JQnGA3SelHZP-a5AFIu6TgpNyN4w==
footer_icon_yt.png
www.storm.mg/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/footer_icon_yt.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
880ceba6ed002e0e4cfb47168aaff3735535e987795a13e145adeb9afef68acb

Request headers

:path
/images/footer_icon_yt.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Thu, 06 Feb 2020 06:42:26 GMT
server
nginx
age
208
etag
"5e3bb552-831"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2097
x-amz-cf-id
ErosoIOUX0-BoRQPEYq2uicWEpvhymyLmr7yI01DOfQ7_sPngQquEA==
footer_icon_telegram.png
www.storm.mg/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/footer_icon_telegram.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ffe1703d6adf284d92bfc1731706618610c977b81ba5f52c556559142648ee7c

Request headers

:path
/images/footer_icon_telegram.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 10:01:32 GMT
server
nginx
age
578
etag
"5e84667c-750"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1872
x-amz-cf-id
4doIr5a45AQk8HjD9YUHcqvjbtOlckmG-AhUgLpW1y0cLXKCEdtpfA==
footer_icon_storm.png
www.storm.mg/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/footer_icon_storm.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
25cad4f681bb5aa3451c189db0377ada0f1d05a7d415047831bc02f8d53e0d2b

Request headers

:path
/images/footer_icon_storm.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:08 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 01 Apr 2020 10:01:32 GMT
server
nginx
age
208
etag
"5e84667c-544"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
1348
x-amz-cf-id
qhi0lh5DVKKrjEJB16gMmw7HLx0-E6RxnY_CeYTkx0R6o9nci1KRnA==
slogan_ch.svg
www.storm.mg/images/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/slogan_ch.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d4d902f10380ef4cc0107aacc4eddcd7de75ac0fc989aca2faf91f9b2902eb80

Request headers

:path
/images/slogan_ch.svg
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:09 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
208
etag
W/"5a5ebc04-1200"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
ll5gKQgeOofs1RRgItyJCZ_S7bOFHQZyNdXCP5qNEkbWmJItJjjIjA==
expires
Thu, 28 Apr 2022 02:28:00 GMT
slogan_en.svg
www.storm.mg/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/slogan_en.svg
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4391e76b48e70dcb06afff7c4e2e21722a17e0f840c08e936249943cf637d57e

Request headers

:path
/images/slogan_en.svg
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:09 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
1552
etag
W/"5a5ebc04-10e9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
8QYlCpIYsu99shsE3FMV-zCcy2BNTzaNbyJlbPwpL58DU-o-hMPmZQ==
expires
Thu, 28 Apr 2022 02:05:36 GMT
bootstrap.min.js
www.storm.mg/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/bootstrap.min.js?v=1.0
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ede6c1a3c585742554555e636acc48d7008124e7726a000abf6bb4b627c62d38

Request headers

:path
/js/bootstrap.min.js?v=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:24:34 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
413
etag
W/"5a5ebc04-3307"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
3935
x-amz-cf-id
hLCOHBzTC7tJeubHtNZiKu4vWqE1O-AvsQCzmC4uoylwDnJgSuB9AA==
expires
Thu, 28 Apr 2022 02:24:34 GMT
jquery.animateNumber.min.js
www.storm.mg/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/jquery.animateNumber.min.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa

Request headers

:path
/js/jquery.animateNumber.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:25 GMT
content-encoding
gzip
last-modified
Fri, 15 Jun 2018 04:01:13 GMT
server
nginx
age
1390
etag
W/"5b233a09-56f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
738
x-amz-cf-id
dUtH1dXLvnM0BHaQW1V-egqXNmiWGGKqQ0n7f1ZoPjso81YBGv7Q8Q==
expires
Thu, 28 Apr 2022 02:08:17 GMT
jquery.cookie.js
www.storm.mg/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/jquery.cookie.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69

Request headers

:path
/js/jquery.cookie.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:04:27 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
1622
etag
W/"5a5ebc04-c44"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
1395
x-amz-cf-id
pIk2CcmTlHcCtUPjr6HVVmbtna-9GHr1adasRLeBEPXBmTWFOnF9yg==
expires
Thu, 28 Apr 2022 02:04:25 GMT
main.js
www.storm.mg/js/ 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/main.js?id=a0653a6130b8ae23591c
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
454188d1723ff7312116a31abd14303cdf7b05cff28effe73c570fbddeb6b332

Request headers

:path
/js/main.js?id=a0653a6130b8ae23591c
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:04:25 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 22:16:13 GMT
server
nginx
age
1621
etag
W/"60888d2d-66a0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
7206
x-amz-cf-id
-HCghTCkEEY-GLDmuIFMh_k1mvMm3u8LcXyJejEfpfUpGsP2eL-h6w==
expires
Thu, 28 Apr 2022 02:04:25 GMT
display.js
www.storm.mg/js/dfp/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/dfp/display.js?id=147d8595caf00e344a63
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2d02440e8d33ed422c8b81b46bcc4f98b8f34fd8bc76e61dec98ab379f5f913b

Request headers

:path
/js/dfp/display.js?id=147d8595caf00e344a63
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:24:34 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 00:17:04 GMT
server
nginx
age
413
etag
W/"6088a980-aad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
SWLDpeNB6Nql9Zb6Yjig4XuStwhejKWPig314fIrh2sSHZYJNUc4HQ==
expires
Thu, 28 Apr 2022 02:24:34 GMT
donation_message_list.js
www.storm.mg/js/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/donation_message_list.js?v=1.1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
31d52d16834e8b8c42cd19725d19a78de0841213640542e89781512630751beb

Request headers

:path
/js/donation_message_list.js?v=1.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:05 GMT
content-encoding
gzip
last-modified
Sun, 28 Apr 2019 17:32:50 GMT
server
nginx
age
815
etag
W/"5cc5e3c2-26d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
1986
x-amz-cf-id
_T7gfV93l6JW0MqDKPjKQ6c0GwecxwCbvDm0hr72ZQQC_w5F9l2PrQ==
expires
Thu, 28 Apr 2022 02:17:52 GMT
tongwen.js
www.storm.mg/js/ 		204 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/tongwen.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
51757ea0933827a15266d7fd6881a2d82c6c3462bf2927854ecc68c663b25587

Request headers

:path
/js/tongwen.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:29 GMT
content-encoding
gzip
last-modified
Fri, 07 Aug 2020 19:01:40 GMT
server
nginx
age
177
etag
W/"5f2da514-32ef2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
3Tyx_ZHVCj_-ORT71YnDtYtfSZPAo1NVo53dn5Ku6yh03On4U7zAGw==
expires
Thu, 28 Apr 2022 02:28:29 GMT
tongwen_control.js
www.storm.mg/js/ 		756 B
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/tongwen_control.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
32c787bb891e5830f3714a3284daec91cc3b1f229fed34f6378b96aae7099cd9

Request headers

:path
/js/tongwen_control.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:04 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
1043
etag
W/"5a5ebc04-2f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
404
x-amz-cf-id
_6tGteOwDHjJUSSIfKtWqKQEOZ75SwDTn5EaLGd7C_4OZDPBykFtGQ==
expires
Thu, 28 Apr 2022 02:14:04 GMT
app_deep_link.js
www.storm.mg/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/app_deep_link.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1f2e28d35b7d608a3d098d5ecac6bcd4d892c79eb0f6f9c4684b8adb1dd63191

Request headers

:path
/js/app_deep_link.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:29 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 06:26:52 GMT
server
nginx
age
838
etag
W/"608268ac-abe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
888
x-amz-cf-id
O6PJaKEv_8F_8kHqw0htpmKmYaRV2vF0WOp6ImUL59GNOlUATZccUg==
expires
Thu, 28 Apr 2022 02:17:29 GMT
article.js
www.storm.mg/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/article.js?id=90c61cc1982e114040a8
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
30abb66b6c9cc3e7a4c6eb0398a452d7b899d6f6e48cf85cd9df9fad14c21576

Request headers

:path
/js/article.js?id=90c61cc1982e114040a8
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:18:15 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 03:47:37 GMT
server
nginx
age
796
etag
W/"605d5959-43cd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
5483
x-amz-cf-id
T6Wjr-qkTqXgM-RMvtMdfTN0uEkRT5-9LSjadNwXdmMfsBngkw7-CA==
expires
Thu, 28 Apr 2022 02:18:10 GMT
clipboard.min.js
www.storm.mg/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/clipboard.min.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062

Request headers

:path
/js/clipboard.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:17:29 GMT
content-encoding
gzip
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
838
etag
W/"5a5ebc04-2aa5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
3395
x-amz-cf-id
iv25sh2i2VQVBj7pYVjubcbL8KEYejZh5JqlaQvdAEVo_1_PeedjFA==
expires
Thu, 28 Apr 2022 02:17:29 GMT
show.js
www.storm.mg/js/author/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/author/show.js?id=562303e839182853e6bc
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9e9ac9a4008262b7824e7c6b4668507db4ea3b69ec84f2516b535d4453c4c3cf

Request headers

:path
/js/author/show.js?id=562303e839182853e6bc
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:08:13 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 07:16:59 GMT
server
nginx
age
1394
etag
W/"5f1fd0eb-a24"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
898
x-amz-cf-id
Fds0JjDxeDmEyYR0wDUEoXmHCFkbZW4Vc3dKm7mH8JgmXbmn2INbgw==
expires
Thu, 28 Apr 2022 02:08:12 GMT
vote.js
www.storm.mg/js/vue/polls/ 		580 KB
177 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/vue/polls/vote.js?id=ea5dd6a6272719e8c4cc
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
01a47da5ff270f45275a8e206f691137ed5be68ecc07f624c14a4c5553e4af45

Request headers

:path
/js/vue/polls/vote.js?id=ea5dd6a6272719e8c4cc
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:26:14 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 06:29:51 GMT
server
nginx
age
313
etag
W/"6082695f-9108d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
uX2Vjc9E4AxzcEa-ErN2cUMvE8AWFj1Qiz_Uu7lY-tq7f_2UCzkmOQ==
expires
Thu, 28 Apr 2022 02:26:14 GMT
sidebar.js
www.storm.mg/js/vue/sidebar/ 		102 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/vue/sidebar/sidebar.js?id=add9aaa088f6d7fa2340
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
df58290cf86ae01f1520480069489b2f49df743f0030f489248facd006104eb1

Request headers

:path
/js/vue/sidebar/sidebar.js?id=add9aaa088f6d7fa2340
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:04 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 06:29:26 GMT
server
nginx
age
1043
etag
W/"60826946-198ab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
fOIvt-mgQSt642Dvf0CvS-T-Fb21CXvoshH2wZCWGlR-x5rqAyZ7CA==
expires
Thu, 28 Apr 2022 02:14:04 GMT
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@11.0.5/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@11.0.5/dist/lazyload.min.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
482f7aadd7dbfec9f7d97f2ecce024dbc5e057c94acba64f2be497ba54c3eddf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6665536
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
2053
etag
W/"1485-rGzSwmUcJwRwTKvOZSESJn6cQYs"
x-served-by
cache-fra19122-FRA, cache-hhn4021-HHN
date
Wed, 28 Apr 2021 02:31:28 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/ 		223 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84531
x-xss-protection
0
server
cafe
etag
18044138429448666955
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:31:28 GMT
pb.bid
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 		2 KB
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=JT4ldV-ABtGHeMKSAMmIYA&haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Requested by
Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=Wtu9feNo&hzids=Hhut9M-1,Hhuo9M-1,Hhu69M-1,HU9J9M-f,HhztWIOc,HhztWFOc,HUV6WFOc,HUV6H9Oc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
7efe5fbd74b183b583f0c7cf328ff613dbbbf971ccbabbbbe2a8450f619c9e4c

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
via
1.1 google
server
nginx/1.19.0
content-encoding
gzip
alt-svc
clear
content-type
text/html; charset=utf-8
smg.js
track.storm.mg/js/core/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.storm.mg/js/core/smg.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/core/smg.js?_v=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.248.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
38865b5a217b514dd4dab8928c80964c0d608b499997609d54966f8a14677eb2

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
gzip
etag
W/"15c0-1730dae042c"
last-modified
Thu, 02 Jul 2020 03:59:34 GMT
x-powered-by
Express
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
public, max-age=0
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
unidata.js
track.unidata.ai/js/core/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.unidata.ai/js/core/unidata.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/core/unidata.js?_v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f783e92bc337bf9296313dfab3632ee0c4d2f63e989fd7b8b59b9975a0db9fd

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 07:30:09 GMT
content-encoding
gzip
last-modified
Mon, 16 Jul 2018 03:46:23 GMT
server
AmazonS3
age
68480
etag
W/"d47fc24b3f4e6cb5127b22a724d33abd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
J2kY3dp-OrrRZgjdL_FP26dJisBlcZdWpXdVoFVbHUW8ZsHFZx2S3A==
bwtmOver.js
img.scupio.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/bwtmOver.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
e64cd3d63467a570ac7dcc5dc9925a9d37f846a6bbfa7b11abec507bbc4cc53f

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:28 GMT
content-encoding
gzip
last-modified
Mon, 11 May 2020 03:07:32 GMT
server
nginx/1.12.1
x-amz-cf-pop
MAD50-C1
etag
W/"5eb8c174-2149"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200
x-amz-cf-id
RDjF9b_i1i8ZgnReXYLWspOnWR6PxDpcd1ANHL3WRQUlX-zgCtUEWQ==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:48:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/ Frame B8BE 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210422/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210422/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 27 Apr 2021 19:22:05 GMT
expires
Tue, 11 May 2021 19:22:05 GMT
content-type
text/html; charset=UTF-8
etag
10446291943670460780
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4644
x-xss-protection
0
age
25763
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55a78e38cdd095b28dbeacfa443bfecdb91046511f1cdef4a41c4128a20c0761
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XCEBYvLMxg2pc8V26/Khdw==
cross-origin-resource-policy
cross-origin
expires
Wed, 28 Apr 2021 02:44:42 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
VJwfnajD/K6anLdRfUkxi4vu1hfXnvK7MpnhIKifL/giFTBcmNukeGxpPi3EqDcSuH/uWqbHhpadAZJG1g1TCw==
x-fb-trip-id
2050670934
x-fb-content-md5
c3a45f3895654da43b91dc1a42071d01
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 28 Apr 2021 02:31:28 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c4996d0153d9304ebdd608c234dec926"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:29:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
age
255714
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:29:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
age
471335
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 22:06:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
447908
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
expires
Fri, 22 Apr 2022 22:06:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
470846
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
age
471319
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:09 GMT
sprite.png
www.storm.mg/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/sprite.png?v=1.0
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
66289bde64db020d57ccfdf3b595e4bd89c95a1f81865bf8a2e80ec12472408c

Request headers

:path
/images/sprite.png?v=1.0
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:29:21 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 15:18:10 GMT
server
nginx
age
127
etag
"60882b32-16a91"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
92817
x-amz-cf-id
TQJO-hNx9ceEJI2A4C8P2RS22eGrKsZYW7PhrKoCyHfxBpFl8bOe9A==
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff9dd2020328ceb632372acc069ca580300ae28e8a6c338e968c977ee7705adf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:06:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:07 GMT
server
sffe
age
231902
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47960
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:06:26 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6ae3eb1be0bf3b77b26fde2cf511bb009f7c577c14f8aa606546673b2246b57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:59:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:58 GMT
server
sffe
age
246747
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25600
x-xss-protection
0
expires
Mon, 25 Apr 2022 05:59:01 GMT
glyphicons-halflings-regular.woff2
www.storm.mg/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-fetch-mode
cors
origin
https://www.storm.mg
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
smg_uid=1619577088572915; uid.v=1
:path
/fonts/glyphicons-halflings-regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.storm.mg
referer
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.storm.mg
Referer
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:22:54 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 02:59:16 GMT
server
nginx
age
518
etag
"5a5ebc04-466c"
x-cache
Hit from cloudfront
content-type
application/octet-stream
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
18028
x-amz-cf-id
60csoMlupJkDGXjxqxO0B-_JjBGOSvYEmffgq4KWjAjAWIZP3F7Rdw==
expires
Thu, 28 Apr 2022 02:22:50 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc4b9bf8e422c97cea924a04b673a14ead515cabf0be3da77fea3beb4a90dea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:19:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:10 GMT
server
sffe
age
256314
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44784
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:19:34 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff48734d304a507bbb0c11a2664b0a0f45bdbd39f935863a8f357b4b537942bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:54:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:18 GMT
server
sffe
age
20193
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43952
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:54:55 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c19a43c3cbd95939921f06bdb9fee7cf89eab36ed21f52b71bc344bf7823da3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:41:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:59 GMT
server
sffe
age
255024
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:41:04 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdbe8d58f0533f6d5be3c57ee68f06db56d4e6c8c8178618f08c517e809d4b2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:45:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:55 GMT
server
sffe
age
470775
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53324
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:45:13 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad9fdfac0e1db77fc2dac89227102ccba3bbd01604c75a11127fea77f648eec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:48:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:15:52 GMT
server
sffe
age
488586
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52224
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:48:22 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c3b45883391f9bee5d62253976f509d35d0ce09466f09a9e0f036f51fa48a2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:45:13 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:15:49 GMT
server
sffe
age
470775
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53476
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:45:13 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09e0498d34b2d12792bac483b39957e41b3b7212b01f8c43fed8865637037b63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:14 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:20 GMT
server
sffe
age
471314
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56456
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:14 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af391daab639e9edca60f1da104865061f97adca1969f92ab786507d58accaef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:35:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:11 GMT
server
sffe
age
489366
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53340
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:35:22 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:20:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:02 GMT
server
sffe
age
94282
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54000
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:20:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:08:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
age
87775
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:08:33 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
21414
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:34:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 21:36:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:59 GMT
server
sffe
age
449678
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56272
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:36:50 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:31:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
489610
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48324
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:31:18 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:13:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:07 GMT
server
sffe
age
519454
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44828
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:13:54 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:07:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
519851
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:07:17 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
471313
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:47:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
age
247440
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52988
x-xss-protection
0
expires
Mon, 25 Apr 2022 05:47:28 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1817454b4d24a71e5f7d419c298a3bac9c08d832b99900059bd6ab86b648bcc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 23:35:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:10 GMT
server
sffe
age
96949
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25756
x-xss-protection
0
expires
Tue, 26 Apr 2022 23:35:39 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce0b837dd2586f5f77a0802fbcce5c9c591c1834131d7d7a9c02e86c5a8efd09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:58:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:15 GMT
server
sffe
age
88405
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49124
x-xss-protection
0
expires
Wed, 27 Apr 2022 01:58:03 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb659fdd4ff3fab5e762c667f05841ea8c82b858cfa5942b7e193e8425b4fd37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:20 GMT
server
sffe
age
471269
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53604
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:59 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c14811543c43177335c8ba22be194d26067fa76bcf0c1b12bb4c0bdab9f6397e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:54:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:13 GMT
server
sffe
age
250624
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54312
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:54:24 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96a8198d0b92c175322a1cf167c65f8f410a46758ad62c0ed614baa635a55022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 23:34:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:05 GMT
server
sffe
age
442632
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53252
x-xss-protection
0
expires
Fri, 22 Apr 2022 23:34:16 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25b42b2e8792ff69c5e67b90ae7ec610405eaa1a1d17e2b32aa635dc1b993181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:12:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:19 GMT
server
sffe
age
231566
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55100
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:12:02 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9dbb676c4a844ee34b38c48b41a16f2ee145a6135d72d42d9fc9ec9abb2355c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:52:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:52 GMT
server
sffe
age
88735
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57836
x-xss-protection
0
expires
Wed, 27 Apr 2022 01:52:33 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca66e264d4906c08646740254c325851bf0d83e203369d776d82202ec3c04c65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:17:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:14:26 GMT
server
sffe
age
519212
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54492
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:17:56 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:41:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:43 GMT
server
sffe
age
251383
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48552
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:41:45 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.60.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.60.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e01ed48b46ba66a795b7b6357ae5ffe11591108af156d8fd9067dec5b06a8265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 23:56:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:21:47 GMT
server
sffe
age
95688
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24480
x-xss-protection
0
expires
Tue, 26 Apr 2022 23:56:40 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3a6edac4585c512e36c35202b1a96b92743a91ec00d327398ca20580bccee1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:13:12 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:15:55 GMT
server
sffe
age
231496
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53268
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:13:12 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:49:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
20542
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:49:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.100.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:58:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:14:44 GMT
server
sffe
age
91954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46808
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:58:54 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:14 GMT
server
sffe
age
470822
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57968
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:26 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 04:37:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:58 GMT
server
sffe
age
510823
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46208
x-xss-protection
0
expires
Fri, 22 Apr 2022 04:37:45 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
314c6b7c95012c5646ac120abbf788b1b2fca067dcb877a69596bbbeb380a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:11:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:20 GMT
server
sffe
age
519605
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55956
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:11:23 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a37d66d3140138e52fbd57f8fa1164bac0ce1fd049acb4e5b0b68b189c83938
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:27:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:14:26 GMT
server
sffe
age
489835
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54372
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:27:33 GMT
-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9gwQvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9bf6939a73061027ee157fe8a6febe3f62d88e060837f81c3dffbdcc331b6a77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:07:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:15 GMT
server
sffe
age
95033
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54252
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:07:35 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:05:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
231953
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50856
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:05:35 GMT
coffee_plus_A.png
www.storm.mg/images/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.storm.mg/images/coffee_plus_A.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4df23d9a8cd6462ea12f1a2dab724715a347066d0e638de411dc69e6f0efc77f

Request headers

:path
/images/coffee_plus_A.png
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.storm.mg
referer
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/stylesheets/layout.css?id=af88ebe212628833bca4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
last-modified
Wed, 17 Jan 2018 03:52:28 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
"5a5ec87c-6a9c"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
27292
x-amz-cf-id
2OP-xe3bX16Prnz14537Dlg8dnBJqWScsdUqPxzhliMckNvAZ8ZjKw==
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.74.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.74.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d05926362e43abfab6f30edefa30cb5877f0786d58095b8c03d788748d8040c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 01:35:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:16:34 GMT
server
sffe
age
521748
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41620
x-xss-protection
0
expires
Fri, 22 Apr 2022 01:35:41 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.77.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.77.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b95161460d1f4437aa714cfa1876d0419defa2c6ea42a2fbc78dd487900a1d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:08:29 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:49 GMT
server
sffe
age
519780
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26188
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:08:29 GMT
sp.js
track.unidata.ai/js/snowplow/2.9.0/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.unidata.ai/js/snowplow/2.9.0/sp.js
Requested by
Host: track.unidata.ai
URL: https://track.unidata.ai/js/core/unidata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b17322c9274aeada4df3efd7b68f1ad1ccb677b24f76caaac9f7adcc9f3eb137

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 00:33:24 GMT
content-encoding
gzip
last-modified
Mon, 16 Jul 2018 03:46:23 GMT
server
AmazonS3
age
82107
etag
W/"9b55c285adb6598050de5d907873455f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GzkyWrDaLjWTAMfIRT2nC8HJL4BEfKZsbRKdkrB683IMgmUhb2Uz5g==
cookiemap.html
track.unidata.ai/ Frame 4A65 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTk1NzcwODg1NzI5MTUiLCJtZW1iZXJJZCI6bnVsbH0=
Requested by
Host: track.unidata.ai
URL: https://track.unidata.ai/js/core/unidata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fac37d72be5f38ca147c85ba0921206d661cff46d14612d6a0029ffd332a68f3

Request headers

:method
GET
:authority
track.unidata.ai
:scheme
https
:path
/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTk1NzcwODg1NzI5MTUiLCJtZW1iZXJJZCI6bnVsbH0=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-type
text/html
last-modified
Mon, 16 Jul 2018 03:46:23 GMT
server
AmazonS3
content-encoding
gzip
date
Tue, 27 Apr 2021 14:49:57 GMT
etag
W/"bdda7e756f856c0b9fc886ac8753cfd1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
wluqJHhfFLAEGS38I4pL9OV2srr6aOQotn46L65XdscZR_AoFrsHPQ==
age
42093
sdk.js
connect.facebook.net/zh_TW/ 		212 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a210e1ad2e4ae8010dbe5f9ac8b5291a26cd6ebb7a4851cb0b977092289c0413
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.storm.mg
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
I6H5kMoYlY1yHpE11cM+5w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
63960
x-fb-rlafr
0
x-fb-debug
d4207C4U+q1EnVqSrDI74GtM8gM+YlE1AUCI0KkuErrhQ0Ap3xpoF/cnhOTXw3ZgThWJsBXgM5UBx1G5IEAPdA==
x-fb-content-md5
b50dc5b3a98706118edcfd94cea735e3
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:31:29 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"57a4bff4b3f60c4581c885ef5b85b1d0"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Apr 2022 01:24:13 GMT
prefs2
api.dable.io/plugin/services/storm.mg/ 		603 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/plugin/services/storm.mg/prefs2?cached_uid=&callback=dbljson1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
cebf8f32a230d27c7a1564af0de7e56697391e99356c143ff3924d154ac9b619
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"25b-M/52OGstVi4UiECmLL1y0Wb64xM"
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
348
cookie.js
partner.googleadservices.com/gampad/ 		198 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.storm.mg&callback=_gfp_s_&client=ca-pub-8022331377991686
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ebee68be41e07a6a7ee0218311f4fbced58f41020507ef6eae08ef7f029d2d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F9BA 		54 B
56 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8022331377991686&output=html&adk=2801219079&adf=3163849507&lmt=1619577089&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619577087360&bpp=1282&bdt=278&idt=1748&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8055969750184&frm=20&pv=2&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060828%2C21065724&oid=3&pvsid=2656981039981739&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1786
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8022331377991686&output=html&adk=2801219079&adf=3163849507&lmt=1619577089&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619577087360&bpp=1282&bdt=278&idt=1748&shv=r20210422&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8055969750184&frm=20&pv=2&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060615%2C31060828%2C21065724&oid=3&pvsid=2656981039981739&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1786
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 28 Apr 2021 02:31:29 GMT
server
cafe
content-length
34
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Wed, 28-Apr-2021 02:46:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:31:29 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:29 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
847240dd4e1c45b3091ed30ce53ba4a8ddd9dbe5babffe1f9b161c8021d9e2d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:14 GMT
server
sffe
age
471314
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54220
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:15 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f5da442d9e3c2f3fac68541006605f2d05906cb492847087abdabcc92233b97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:14:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:08 GMT
server
sffe
age
231416
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58272
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:14:33 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=1836444561388680&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_T_970250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C336x280%7C300x250%7C1x1&prev_scp=category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%2C%25E8%25B2%25A1%25E7%25B6%2593%2C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%2C%25E9%2587%2591%25E8%259E%258D%2C&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1619577089&dt=1619577089276&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=325&adks=2004118907&ucis=1&ifi=2&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1150x250&msz=970x0&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=132&ohw=970&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
606f6930bdc73eb61aa10b7d5ce7765f24055621b63067a4a9fef4f76b758b67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12747
x-xss-protection
0
google-lineitem-id
5677360717
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138348098500
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ 		152 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-03WGSX0KD1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e8302fd5182f82cc4a5c075f501ab1d4de04d39d70dd14fae4014c885c0b9043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57014
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:29 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3056
date
Wed, 28 Apr 2021 01:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Wed, 28 Apr 2021 03:40:33 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MRQJ4NV
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=39098
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
atrk.js
d31qbv1cthcecs.cloudfront.net/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-119.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
30243
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 95f1b7018f5640d0a596bfddfbb25f68.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
MAD50-C1
X-Amz-Cf-Id
gLFDI7wNCKHCHbCp5635_VYlaZuW4uXZzJBMLSASxVpxgyIncqVJgg==
fbevents.js
connect.facebook.net/en_US/ 		92 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23961
x-fb-rlafr
0
pragma
public
x-fb-debug
v4mQxQnw7WQulMC2i7sk5WjfqcT7BK9+huvtN0tanu9UXygzIcdjHGjgs11a1msouiOcSns+NR3+cASTZe02vg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:31:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=20419801&ns__t=1619577089400&ns_c=UTF-8&c8=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1619577089400&ns_c=UTF-8&c8=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1619577089400&ns_c=UTF-8&c8=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&c9=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-29.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
u8OugeH2TTgIBNzd1gH3hA1rGh-VflMwr3sQvXCbbatakkJVjMzj4Q==

Redirect headers

date
Wed, 28 Apr 2021 02:31:29 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=20419801&ns__t=1619577089400&ns_c=UTF-8&c8=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&c7=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&c9=
content-length
529
x-amz-cf-id
XgM7wjxtl4J6C68ftxPH_o2_g3OTZkXwQQbbq7wFx0HsUK8RcmdfoQ==
gtm.js
www.googletagmanager.com/ 		80 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NDBVCQ5
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/bwtmOver.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
737b549f7deacd95e92ea4b0b0e2ecd208e17eecf05b1b241b021492ffc18658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31826
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Apr 2021 02:31:29 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.75.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.75.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7422e8f025032bbe6f4cf2063b738f19a8c6038b8f4804490d18ee2178e1c12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 10:14:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:23:15 GMT
server
sffe
age
404202
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28628
x-xss-protection
0
expires
Sat, 23 Apr 2022 10:14:47 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5af4fc508d900876f8a13db0104bfa864c9aa17be11914045813ac9cf3317de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:21:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:11 GMT
server
sffe
age
90573
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48404
x-xss-protection
0
expires
Wed, 27 Apr 2022 01:21:56 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.30.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.30.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52f088b577901ceb0f4543cef3fd89dce338980d1790d041d2358ff6246f6e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:15:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:11 GMT
server
sffe
age
90978
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33160
x-xss-protection
0
expires
Wed, 27 Apr 2022 01:15:11 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.22.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.22.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c461bde258551f192898f0dcbd6ac484493f753660153a97d96b5ff3fb298dad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 10:14:47 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:17:44 GMT
server
sffe
age
404202
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28556
x-xss-protection
0
expires
Sat, 23 Apr 2022 10:14:47 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.19.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.19.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2419c33f4c493d40a3be87a124ff55e49ebb426c2165a424525418f33f02be75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 10:17:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:20:29 GMT
server
sffe
age
404033
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27004
x-xss-protection
0
expires
Sat, 23 Apr 2022 10:17:36 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c088e0a33db26229df70d6fef18c9fa1a7503fa38d265845f3977a97b349de41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:06:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:16 GMT
server
sffe
age
231876
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51116
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:06:53 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2db84904c133623cf6c14bbf915c09c4f3bf5b7456f80e6ea61b30a2cc8ede79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 22:51:24 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:08 GMT
server
sffe
age
13205
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52916
x-xss-protection
0
expires
Wed, 27 Apr 2022 22:51:24 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.63.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.63.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f90e7568b57ed05279115c74d859451f01003444ccf1777450475ca11d65a4bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 12:27:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:57 GMT
server
sffe
age
396235
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25732
x-xss-protection
0
expires
Sat, 23 Apr 2022 12:27:34 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.51.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.51.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c373948c00ea2211bd9a9282ed0a0731b73d79d8b2c0051f2de9434c116d3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 11:00:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:23 GMT
server
sffe
age
401473
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31084
x-xss-protection
0
expires
Sat, 23 Apr 2022 11:00:16 GMT
page.php
www.facebook.com/plugins/ Frame 4B2F 		97 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f9ea46aa1149113f9ba1f0912ec90809f852870308b0f716701ead9ce5d0ada
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

vary
Accept-Encoding
x-fb-rlafr
0
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-xss-protection
0
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
QkjZVXmFebkpS6IXO/gZOLg9SJI9ALfPrJB85TviLtRe82jCfVCda4zU0VhBCFEqKyAxyy1gqSQh6AfkkQ8TiQ==
date
Wed, 28 Apr 2021 02:31:29 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
802fa850549fbc67d45600c105c26b9a422bde2764752e1bd2d999b16f1aff6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:56:59 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:08 GMT
server
sffe
age
470070
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45332
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:56:59 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.74.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.74.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a0ea87a3db6a51a139d6715810e32d48c6e89fc4e32cfc07ebaa13cf8b2b9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 03:21:49 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:41 GMT
server
sffe
age
515380
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42680
x-xss-protection
0
expires
Fri, 22 Apr 2022 03:21:49 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.35.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.35.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95bcb6d696911beec2943cf8333b6d926ef3dd3f872dffa02d1c7a8747be4de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:28:31 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:16:55 GMT
server
sffe
age
489778
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32056
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:28:31 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.25.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.25.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07f5f2f66466d0a3765c3da154554f55dfebeef3b5c6fc67eabacfea839d9e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 16:03:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:17:48 GMT
server
sffe
age
469704
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32688
x-xss-protection
0
expires
Fri, 22 Apr 2022 16:03:05 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.32.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.32.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18462eef1587a0d71d8c0f200753595708bf3a16e025142217472460a37edfad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:12:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:11:26 GMT
server
sffe
age
519519
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38988
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:12:50 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed493954dc29f271b07eab86f6c032ddd2f20b8ee39f0cf6ee54498e78dd5fd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:42:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:06 GMT
server
sffe
age
524912
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51152
x-xss-protection
0
expires
Fri, 22 Apr 2022 00:42:57 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.38.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.38.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6df0e7d5050a9282bfb675e5a9ef30b4d6c9815cfb8240a570840172dbb11d8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:18:39 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:35:23 GMT
server
sffe
age
87170
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32524
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:18:39 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.64.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.64.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01026883c36e63897d9df97cc68acdbc90410a50278d60165450a48d2238d007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:11:19 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:02 GMT
server
sffe
age
19210
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23376
x-xss-protection
0
expires
Wed, 27 Apr 2022 21:11:19 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BF61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbFCRB73lWbxlyxAVm5vNvkxHrpe2ThTe7P-b6fdMoVlcY9030Dl3ylKX698Obvt14wPFG69oWumCjdDK6tdY9O_QU0zW6z4GSSK2gYuZwZvKnITynrf2-U6aUNBMja2ZKTUc89XrCnDlAp31fm9Q5TEXmui6o8Ln8GBf54AUR_4JvVVXLkELrVPDxn9O0DutYv-wf9azP7GAeKNVunnmXFkwro8gccsNNKt8arA-KyGvp2QSHoD3VsJcqb5AfbxKseqVKtZOYa3saRzyQhd5cGxb0luFX1YyhzYxsv6TkQQjZYhs7hs8Y&sig=Cg0ArKJSzAZziE5x9qImEAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame BF61 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame BF61 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2565
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BF61 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:29 GMT
13632870876606415342
tpc.googlesyndication.com/simgad/ Frame BF61 		616 KB
616 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13632870876606415342
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251991bbb69aceee7ddfc42109a8a3ed9df2bf7724db21bc3b048ff7643a2bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 19:18:36 GMT
x-content-type-options
nosniff
age
25973
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
630570
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 13:27:46 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 19:18:36 GMT
i
track.unidata.ai/ 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.unidata.ai/i?stm=1619577089972&e=pv&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&page=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&tv=js-2.9.0&tna=fc&aid=5c6e1a&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=5f02f718-20c4-4a49-be51-da7c09ccc407&dtm=1619577089961&vp=1600x1200&ds=1600x13932&vid=1&sid=0ba5cfb4-9c23-485c-8d33-e361166a6067&duid=85c84aba-fc1e-4986-aa57-a0d08079a8d2&fp=1072425006&uid=1619577088572915%3B&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%225ed02ae6-77e9-47b3-8541-298b48fa69c3%22%7D%7D%5D%7D
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 00:51:17 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jul 2018 03:46:23 GMT
server
AmazonS3
age
7216
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
zkaRMuUP8etRL1-AbMgpmdXceEAvqC4b1ync-DXTLSqgJt4yvEdn6A==
/
www.storm.mg/api/v1/polls/vote/ 		65 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/api/v1/polls/vote/?channel=lifestyle
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/vue/polls/vote.js?id=ea5dd6a6272719e8c4cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
05c7f3eb439f302c50256d83fd1e4077ba8d340af9da81754f2fe508cff4b434

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
smg_uid=1619577088572915; uid.v=1; _sp_ses.80f4=*; _sp_id.80f4=85c84aba-fc1e-4986-aa57-a0d08079a8d2.1619577090.1.1619577090.1619577090.0ba5cfb4-9c23-485c-8d33-e361166a6067; __gads=ID=b1c417d68813cf46-22ebc824f6c7008d:T=1619577089:RT=1619577089:S=ALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ
:path
/api/v1/polls/vote/?channel=lifestyle
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://www.storm.mg/lifestyle/3634588
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
81
access-control-allow-origin
*
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
no-cache, private
set-cookie
laravel_session=eyJpdiI6ImZ3dzV1MEpxSkptdjBSMUYraW44anc9PSIsInZhbHVlIjoielwvV0s3V3R0Sm1EdFNYYVJLZjZWXC9vRXFcL1QyMVVET1h1ZHdRZVFvTjZzK2JXenVcL1cxYVpJTldNcERBT3FacVJKeVdDcndjV3VBNVY1aW81VXk2SGF3PT0iLCJtYWMiOiI5ZjM5YzZjZTE1NzVlZjRkZDE3ZGJkMzgzMWU3ODY3MzJmYjMyMmM3MDcwZTYwZjU3ZjFiYjQxZjZiYjUzNzZlIn0%3D; expires=Wed, 28-Apr-2021 02:36:30 GMT; Max-Age=300; path=/; HttpOnly
access-control-allow-headers
X-Requested-With, Content-Type, Accept, Cookie, Host, Referer, User-Agent
x-amz-cf-id
yRvqakAugCr6K8lyd0P2i05ysX2NAg-zh_m_1gmWKo86UJhoF2RNmg==
hot-top.0e0234778ebbb416bb5d.js
www.storm.mg/js/vue/sidebar/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/vue/sidebar/hot-top.0e0234778ebbb416bb5d.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/vue/sidebar/sidebar.js?id=add9aaa088f6d7fa2340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
efba10b7c8dbd37216f0269338f49892f8c6215cc6f239d98dea601873dd0934

Request headers

:path
/js/vue/sidebar/hot-top.0e0234778ebbb416bb5d.js
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1; _sp_ses.80f4=*; _sp_id.80f4=85c84aba-fc1e-4986-aa57-a0d08079a8d2.1619577090.1.1619577090.1619577090.0ba5cfb4-9c23-485c-8d33-e361166a6067; __gads=ID=b1c417d68813cf46-22ebc824f6c7008d:T=1619577089:RT=1619577089:S=ALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:21:47 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 00:16:56 GMT
server
nginx
age
583
etag
W/"6088a978-6b6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
x-amz-cf-pop
FRA56-C2
content-length
748
x-amz-cf-id
WHAZP5xy3AmcVB1E1ipKGwfsAsYlGMHDTd02AaP3UrEws4jYlTrVqA==
expires
Thu, 28 Apr 2022 02:21:47 GMT
sidebar-content.3c92008587b1656019b8.js
www.storm.mg/js/vue/sidebar/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/js/vue/sidebar/sidebar-content.3c92008587b1656019b8.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/vue/sidebar/sidebar.js?id=add9aaa088f6d7fa2340
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6e905b2cc29716efef4d99106597fbae4e72030e60d7acbda798d453390dfa0f

Request headers

:path
/js/vue/sidebar/sidebar-content.3c92008587b1656019b8.js
pragma
no-cache
cookie
smg_uid=1619577088572915; uid.v=1; _sp_ses.80f4=*; _sp_id.80f4=85c84aba-fc1e-4986-aa57-a0d08079a8d2.1619577090.1.1619577090.1619577090.0ba5cfb4-9c23-485c-8d33-e361166a6067; __gads=ID=b1c417d68813cf46-22ebc824f6c7008d:T=1619577089:RT=1619577089:S=ALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.storm.mg/lifestyle/3634588
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 19:39:46 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
W/"60886882-9af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=31536000 public, no-transform
content-length
1010
x-amz-cf-id
m13x7rwl5uUhgUkzY3JtFVEe_3_3qLUP-1_xwl04lM2VT3uwmbmvIQ==
expires
Thu, 28 Apr 2022 02:15:29 GMT
finance_data20210428.json
resources.storm.mg/ 		1 KB
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resources.storm.mg/finance_data20210428.json
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
593960f2bab85e8957e7c0a6397454a3565511b5e86e0b72a1698509da74c838

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 02:31:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"9646949992d8add0d440227a6de3cdd4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
x-cache
Miss from cloudfront
x-amz-cf-id
2E2VVPNaZ9X4hUK9U6trUJNcSLxc5d8j3xGnv61hATusPCw54Fs_MQ==
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
0
www.storm.mg/api/v1/donate/message/article/3634588/ 		97 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/api/v1/donate/message/article/3634588/0
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3f548f3aba9560e8889c5f16ee0dd5dd30ad706fbfa9cc1e346df2631f08aae3

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
smg_uid=1619577088572915; uid.v=1; _sp_ses.80f4=*; _sp_id.80f4=85c84aba-fc1e-4986-aa57-a0d08079a8d2.1619577090.1.1619577090.1619577090.0ba5cfb4-9c23-485c-8d33-e361166a6067; __gads=ID=b1c417d68813cf46-22ebc824f6c7008d:T=1619577089:RT=1619577089:S=ALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ
:path
/api/v1/donate/message/article/3634588/0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.storm.mg
referer
https://www.storm.mg/lifestyle/3634588
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://www.storm.mg/lifestyle/3634588
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
101
access-control-allow-origin
*
server
nginx
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
cache-control
max-age=1728000, public
set-cookie
laravel_session=eyJpdiI6InBFVHVxVFcyKytmcFEya1dyRHJVNGc9PSIsInZhbHVlIjoiMjFrbTNRc3pUWjJzQkpabEc2R3FCUk5NSkFTS242M3N0R2RjNE5lUjF3a1FsTHdzNTBabG96aFpyeUJTVEs0UEx1UEhVUlFsUldoZjgwYm5PWUlQMWc9PSIsIm1hYyI6IjgzMGFiZDhhZWM0ZWM3NDE5OTUxOWViOWE1ZGU0Y2I0OWE2NTdiZWVjMzIwN2ZlZGY5N2E1MDgyNjMyZmIwNTMifQ%3D%3D; expires=Wed, 28-Apr-2021 02:36:31 GMT; Max-Age=300; path=/; HttpOnly
access-control-allow-headers
X-Requested-With, Content-Type, Accept, Cookie, Host, Referer, User-Agent
x-amz-cf-id
0Xxa40cGWQgmVoa4vsxAX5QsvPWBjGAjtk-qYL8XyI5nKaWDBUHJLQ==
/
service-pvapi.storm.mg/pvapi/record_pv/ 		6 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service-pvapi.storm.mg/pvapi/record_pv/
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.63.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-63-232.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
58bf5b5478e5d1fb7441daeff9fd1ed60a4ad5fbfabc64715cd8608f3f59f6da

Request headers

Accept
*/*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:31 GMT
x-powered-by
Express
etag
W/"6-7bf20b6a"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
content-length
6
expires
-1
integrator.js
adservice.google.be/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		436 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=759802186383925&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_header_logo_R_11660&enc_prev_ius=%2F0%2F1&prev_iu_szs=116x60&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090448&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1034&adys=46&adks=4066611204&ucis=2&ifi=3&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=116x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=132&ohw=116&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
83cd2cbe493ce7473825a2d628b6cdeeceea0632dd5e6c253fc57e1b2cf9e798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=4150867984220884&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_M0_72890&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x100%7C320x100%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090456&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=225&adys=1234&adks=3337164849&ucis=3&ifi=4&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=820x20&msz=820x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=820&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
739ccd1c7967a0521b879f45f6099deb14f85f8894f287dab6d7b76748415c71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4071
x-xss-protection
0
google-lineitem-id
5322429028
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305660445
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=863853185018374&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_M_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090459&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=1446&adks=1813256291&ucis=4&ifi=5&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x280&msz=336x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=336&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
698dd94683a3239ed641af1eb7f987b862a0e87f67d85851845603e1f45e04e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13047
x-xss-protection
0
google-lineitem-id
5662159082
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138345529842
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3181726499520271&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_M5_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090462&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=2616&adks=3852452294&ucis=5&ifi=6&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x280&msz=336x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=336&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
68b87cd327e2feeafde16f81a9d86e5e9b5d451e3e6d6e590535558eaf44721e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12836
x-xss-protection
0
google-lineitem-id
5325495111
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138320682878
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=97551861262942&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_M_300250_ppap&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090467&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=3905&adks=3500025007&ucis=6&ifi=7&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=366x280&msz=336x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=336&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d8ba9fb2de0b8e4fd095428c12c70f58c181366598c3e2813022ae05108bb2ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4162
x-xss-protection
0
google-lineitem-id
5307291486
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138304217107
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		442 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=2558836892532902&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_native_ad_bottom_links&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D1%26article_type%3Dlifestyle&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090469&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=4948&adks=3367075738&ucis=7&ifi=8&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x120&msz=700x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=820&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1e098854824b451813a520296891fb4812308917ad015e3303fc169c7bf7ef64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		519 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=1353554564554197&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_native_ad_bottom_links&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D2%26article_type%3Dlifestyle&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090472&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=4948&adks=3367075737&ucis=8&ifi=9&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x120&msz=700x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=820&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
babbcc6a2a621b34b0c46e47970998e0a08053b8b1ca6614abadb0970d908863
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60592
x-xss-protection
0
google-lineitem-id
5677341106
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138348073810
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		516 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=593556419364699&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_native_ad_bottom_links&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D3%26article_type%3Dlifestyle&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090475&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=285&adys=4948&adks=3367075736&ucis=9&ifi=10&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=700x120&msz=700x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=820&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bdab32d46bcfb16404852800eee580017a130d12791874d685bcc01446fd6ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59364
x-xss-protection
0
google-lineitem-id
5678504309
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138348117670
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3964897205790783&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_FB_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090479&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=287&adys=5356&adks=483309130&ucis=a&ifi=11&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x290&msz=336x280&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=336&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
130a271a37e2485e80f277c813cdfb68a761f4e35d7b378e69c72ac6aab7ebca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12679
x-xss-protection
0
google-lineitem-id
5675893092
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347616408
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=1307479603540404&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_FB2_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090483&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=647&adys=5356&adks=1746931794&ucis=b&ifi=12&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x290&msz=336x280&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=336&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1a12eed3b9ceec96109aa7fb93c6647be2bf0153cdf8e5471e60371e2fbb45be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5029
x-xss-protection
0
google-lineitem-id
5244322756
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138306282163
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3378317883819242&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_native_ad_top_select_text&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D3&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090486&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=680&adys=6246&adks=3800283137&ucis=c&ifi=13&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=820&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
06a46a74522d0403af3e4d8cfd87e21b3f4a23b81f0332fd2706fe0de66a1f2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		445 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3136918602733653&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_native_ad_top_select_text&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D8&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090488&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=680&adys=6563&adks=3800283164&ucis=d&ifi=14&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=340x0&msz=340x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=820&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8adbd2dbbc75e843b43c81760fa11dfc0399efc139182b3a7f500528fdf11bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		435 B
251 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=1292674147828026&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_float_button_80120&enc_prev_ius=%2F0%2F1&prev_iu_szs=80x120&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090490&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3738807302&ucis=e&ifi=15&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=80x-1&msz=0x-1&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=644&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
db4300a98dbe2244a5465b49d09a24a1a317c7c1795568cca7fd075e8d504efc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
222
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=2416693511890668&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_sticky_slide_pc_160600&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090497&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1440&adys=1200&adks=717600276&ucis=f&ifi=16&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=644&ohw=160&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e6d0d8b5a3762e6ff40145806256d29effc0b512f794d7f4ed08aa457b224c63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4562
x-xss-protection
0
google-lineitem-id
5244712694
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138297308549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		452 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3565930979443926&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_sticky_bottom_mb_336280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C320x50%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090501&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3067777558&ucis=g&ifi=17&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=644&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0158605fb682a3ad8fa24a5c85517938fada7b1bd32bfa1ebb25327eb9d2b7c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=2609243550629651&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_sticky_bottom_pc_970250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090503&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1200&adks=4267075666&ucis=h&ifi=18&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=644&ohw=970&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4bbab60f12d147ee4454b2e4aac9c5ca4c75f39910bd87540eaa40802ca55dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13092
x-xss-protection
0
google-lineitem-id
5672676134
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138346853748
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		434 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=755963879708992&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2CScupio_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C320x480&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090506&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=1636660090&ucis=i&ifi=19&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=644&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
80e628671fae196d14078f3a827cd2dbcc049ee3b5c80c9ad9b8b708e8ef4218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=1496639830715513&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_popup_LB_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46-22ebc824f6c7008d%3AT%3D1619577089%3ART%3D1619577089%3AS%3DALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090508&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3536571536&ucis=j&ifi=20&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=644&ohw=1600&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
381daba80d5e3f8b95875b65e5dee27786d6de343ccb6507342edec0e32688d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4141
x-xss-protection
0
google-lineitem-id
5040912841
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339940100
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.js
track.storm.mg/js/snowplow/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.storm.mg/js/snowplow/sp.js
Requested by
Host: track.storm.mg
URL: https://track.storm.mg/js/core/smg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.248.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
715263829d8eab12dcfedf56a208b1e6c958995413a47cddb3ed532d75aca6c8

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
etag
W/"12a57-1730db5bd3d"
last-modified
Thu, 02 Jul 2020 04:08:01 GMT
x-powered-by
Express
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
public, max-age=0
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
cookiemap.html
track.storm.mg/ Frame 516E 		417 B
691 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
Requested by
Host: track.storm.mg
URL: https://track.storm.mg/js/core/smg.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.248.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
86647e9774d23e7f7ea8c262399a56016b0ea394027a1cb0590d1bacb3674e51

Request headers

:method
GET
:authority
track.storm.mg
:scheme
https
:path
/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
smg_uid=1619577088572915; uid.v=1; _sp_ses.80f4=*; _sp_id.80f4=85c84aba-fc1e-4986-aa57-a0d08079a8d2.1619577090.1.1619577090.1619577090.0ba5cfb4-9c23-485c-8d33-e361166a6067; __gads=ID=b1c417d68813cf46-22ebc824f6c7008d:T=1619577089:RT=1619577089:S=ALNI_MZpD3JXs-giyHXjPaeSiNmZp7hQxQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-type
text/html; charset=UTF-8
content-length
417
x-powered-by
Express
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
accept-ranges
bytes
cache-control
public, max-age=0
last-modified
Thu, 02 Jul 2020 03:59:34 GMT
etag
W/"1a1-1730dae042c"
vary
Accept-Encoding
js
www.google-analytics.com/gtm/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TFH5R68&t=smg_tracker&cid=1389265324.1619577089
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23a57e9dd3af1dab2159fcec6163290475a1053ae39861177db8fbafe77a32dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34851
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Apr 2021 02:31:30 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2701916%26time%3D1619577090622%26url%3Dhttps%253A%252F%252Fwww.storm.mg%252Flifes...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&liSync=true&e_ipv6=AQJnY6Pu8UwvlgAAAXkWUTc_D_f_g1DKy0cIcMBqD7OwaS...
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&liSync=true&e_ipv6=AQJnY6Pu8UwvlgAAAXkWUTc_D_f_g1DKy0cIcMBqD7OwaSmZZz8fBWw_quCLKxWZKfc2rwY6
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-14.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-edc2
content-type
application/javascript
content-length
0
x-li-uuid
W0Y64MjkeRYA3FpsQCsAAA==

Redirect headers

date
Wed, 28 Apr 2021 02:31:31 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2701916&time=1619577090622&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&liSync=true&e_ipv6=AQJnY6Pu8UwvlgAAAXkWUTc_D_f_g1DKy0cIcMBqD7OwaSmZZz8fBWw_quCLKxWZKfc2rwY6
x-li-proto
http/2
x-li-pop
prod-esv5
content-length
0
x-li-uuid
GLXpv8jkeRaAcu4YNysAAA==
collect
analytics.google.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-03WGSX0KD1&gtm=2oe4e1&_p=2038933004&sr=1600x1200&_gaz=1&ul=en-us&cid=1389265324.1619577089&_s=1&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&sid=1619577089&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03WGSX0KD1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-03WGSX0KD1&cid=1389265324.1619577089&gtm=2oe4e1&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-03WGSX0KD1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-03WGSX0KD1&cid=1389265324.1619577089&gtm=2oe4e1&aip=1&z=207211491
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridgeUid
www.storm.mg/unidata/ Frame 4A65 		5 B
690 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.storm.mg/unidata/bridgeUid
Requested by
Host: track.unidata.ai
URL: https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTk1NzcwODg1NzI5MTUiLCJtZW1iZXJJZCI6bnVsbH0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-3.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

:path
/unidata/bridgeUid
pragma
no-cache
origin
https://track.unidata.ai
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.storm.mg
referer
https://track.unidata.ai/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://track.unidata.ai/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
FRA56-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://track.unidata.ai
cache-control
no-cache, private
access-control-allow-credentials
true
set-cookie
laravel_session=eyJpdiI6IkVmOHh4UzAxSjFyMFVUNHJOaUk0T3c9PSIsInZhbHVlIjoiMll1Tk54OFVSSkxOalhxSDMxR0lHbkFEc0dCaDZuZUxPRWJSQldGWTJjN2JnU2dxZXV3MndzdjRIVjRcL20ycnlwU1hnYzZwZjYrZXZKR3FqVlhjeGhnPT0iLCJtYWMiOiJlNDgyNzljNDM5YmQwNWViYzdiZTMyOTBjODdkZjE5M2E0NjRhNTkzMGMwNjhjMTlmNzI0NzIwNmQ5Yzg5YmIyIn0%3D; expires=Wed, 28-Apr-2021 02:36:31 GMT; Max-Age=300; path=/; HttpOnly
content-length
25
via
1.1 13140684c599ca32163cf7ec1871cebc.cloudfront.net (CloudFront)
x-amz-cf-id
fHNp3taWgHLsi5Kz0w1Sb1bdxVtvGaqWuioWdADaW-z_Vpawz4i93A==
2391556904443355
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2391556904443355?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dfdd5a406ceb45adfb9be6532281486fc85f58a7eb09ecdf37886bfb94f879ff
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
fErAPVwFlokrHq0K60MRJpQFdZnVbPdol/n8lANT+iRSmAU146R6m+iRfFye9V7B5AQRAKVxEAqRUZj6JCpXSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:31:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
atrk.gif
certify.alexametrics.com/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&time=1619577090720&time_zone_offset=-120&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&random_number=11929279305&sess_cookie=6b0ac6e01791651329f20030584&sess_cookie_flag=1&user_cookie=6b0ac6e01791651329f20030584&user_cookie_flag=1&dynamic=true&domain=storm.mg&account=qQQmk1a0Sn002n&jsv=20130128&user_lang=en-US
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-110.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:03:29 GMT
Via
1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
1681
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
MAD50-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
rPW9x0s3i1R4rB6ZJGKF-6b4yhdn5lOWT1uCzr9LyXkYSpKhqJ3LhQ==
test.png
aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net/
Redirect Chain
  • https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
  • https://aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net/test.png
58 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net/test.png
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.51.212 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-51-212.phx50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:31 GMT
Via
1.1 42df444178a478ec52679a67d89d7626.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
Jx9g6XwNyGrRoGD7RWoUxBP8VOgmEQRfaLz1nojroUq0qCRzCT6Z5w==
Expires
Wed, 28 Apr 2021 02:31:31 GMT

Redirect headers

location
https://aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net/test.png
date
Wed, 28 Apr 2021 02:31:31 GMT
server
Server
access-control-allow-origin
*
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame BF61 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYa4WMqT_qNu-DmlH2Q4laXHZqnN8rGY8D_-VvlQwGhWJkqf960F8sqFD7JGB0dLjw-ccvkpnRiBK6YDJpSkN14Ha_OoawXmgFKBXllYTm9C3s76UNOrCVin4jeIr0cBSsz72Q1eJy9a6hYugFaAI8aKg7QrbaihLLU3XZw6hIr-GceiXyBMqZRFhT7ZfnLNMtSHo98xLxm7OyPX8NzfR9aztjX5wSSg6KsuI5_pinzzwjTo_RlaiXAxcIFht7ugQx4NsYswxVx4OHOQEP4l7pnBr0hdMWAN3Xgqw_ZyMprvw-Zljdrr3miPo&sig=Cg0ArKJSzLtPGxCKldzdEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:30 GMT
truncated
/ Frame BF61 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df3a65774238efc1c607c9d2c5a28f5c915060a0031a35876db416a22f45b000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel.js
img.scupio.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/pixel.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
a1cbb4274973c20c76835fe1988bb587775b9dcd4359b8d5f3fd2e3ec643e47d

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
last-modified
Mon, 12 Apr 2021 02:24:18 GMT
server
nginx/1.12.1
x-amz-cf-pop
MAD50-C1
etag
W/"6073af52-c31a"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1200
x-amz-cf-id
ycYJbK-Z5MpbBZsjS6WE_5lts1LGTgSbVOHlf7pRYVWhMBsNfx4b5w==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:51:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7618 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkfvMZ18RT7f46rC05JEYzu-q9JySBpitsuUmYnKeZNK_cXxsAluEOC5d_ub775hlbNtv38DYMrLW2kufwLzEvCVvphK9xXt6Mees7iEA8W3bZQzK7LDDjUkjvS8T-xKphL_bjh7J7wiMF13PfLyARwP327gnw1LUUCmpvLBajVgYTHp9MTFUm-u53G75V_z1hl0X6Hud_5xjzb7qUS0MfXTXaIQshIfHlasGUkTD-Wfhaxt1FxdzQ-044zdnszOhtKBCRuKE8qsayuORq4x1Sw21QosnhRSHQVGWClaD_MIWS3MvTnx0&sig=Cg0ArKJSzJkHoZChrv7XEAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad.js
img.scupio.com/js/ Frame 7618 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d6f8735ff725fbb0c014df86972e858f749a01f581798fccf0511c0b79eb3d2b

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 07:47:32 GMT
server
nginx/1.12.1
age
362
etag
W/"607fd894-a4a4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
TW1GXjvGTAnDujXHTgM4tEZzkPFNKxuxd_cO-T1NYOdLU6TuaX09cA==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:40:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7618 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9177 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssWwSLrt45xE_phzT1ShHkDCQ8nnwJ88bQttjMPQfzN7cqYr1TwqNaUiOwvEQJXwUN4nWQNIQt0aPX0VYtqXESn185hQ437IbdMYnefdNpZ4TBR2ZzrR1qjeIKSP-g60YAp-sgTGkr9YC66kO6lW3ZekOXf9KtP_P4_LcZ7mfnkoPDTmwRvAOcFaLA0_d7Dv7IX-3GCvayK9PR9dopFxjTD5dkMegCD0Jq38bUTl7L0ig_1ySE_PVquLa8ppgclY1WYXBMo44BDgUhzcez5x7j5w2tYTniIezDhrXeSPGxh3M5r31vAHqTD&sig=Cg0ArKJSzLlzZUQLeu30EAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
player-storm-desktop.js
tags.viewdeos.com/storm/ Frame 9177 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.viewdeos.com/storm/player-storm-desktop.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:f48:2000:1023::3 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-481 /
Resource Hash
c1cbcd6a92e442332195ef40b66f2fb869596d5fdd012f3428c4c27082e21af7

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
cdn-edgestorageid
481
access-control-allow-origin
*
cdn-storageserver
DE-51
cdn-cachedat
2021-04-26 17:56:25
cdn-pullzone
105836
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
last-modified
Thu, 21 Jan 2021 08:44:30 GMT
server
BunnyCDN-DE1-481
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=0
cdn-uid
a2791f1d-070e-4cd3-b198-d0c26d1dc5f1
cdn-requestid
2ee9ac0407abdd29fa20e8171b04bce6
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9177 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:30 GMT
view
api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/ 		54 B
285 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/view?url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&lang=en-US&items%5B0%5D%5Bid%5D=3634588&items%5B0%5D%5Bc1%5D=%E9%A2%A8%E7%94%9F%E6%B4%BB&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cid=40951584.1619577090134&z=891408&callback=dbljson2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Connection
keep-alive
Content-Length
67
Content-Type
text/javascript; charset=utf-8
40951584.1619577090134
api.dable.io/widgets/id/y74wWAoV/users/ Frame FFD7 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
dc112845e0332dba03a6f95e82748b2ba96cd61298a904a9828255df94320a1c

Request headers

Host
api.dable.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uid=40951584.1619577090134; _skp=1; _gg_ck_match=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:31 GMT
Server
nginx
Content-Length
4859
Connection
keep-alive
40951584.1619577090134
api.dable.io/widgets/id/1oVpxdlP/users/ Frame 1929 		20 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
9414f596af0c8d3e7475b9cfb0eeda088145158fd58cae722bf2ee07203d730f

Request headers

Host
api.dable.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uid=40951584.1619577090134; _skp=1; _gg_ck_match=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:31 GMT
Server
nginx
Content-Length
5330
Connection
keep-alive
40951584.1619577090134
api.dable.io/widgets/id/KoEeAWoB/users/ Frame DBC8 		72 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
216048dc3bdd248cd52a95707dac476c5db642dec3c52dbf5687b10619776bed

Request headers

Host
api.dable.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uid=40951584.1619577090134; _skp=1; _gg_ck_match=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:31 GMT
Server
nginx
Content-Length
11548
Connection
keep-alive
sendid
ace-sync.toast.com/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ace-sync.toast.com/sendid?sid=dable&uid=40951584.1619577090134
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
115.88.123.125 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:31 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Content-Type
image/gif
Access-Control-Allow-Headers
Content-Type,Accept
Content-Length
43
Expires
Tue, 01 Jan 1980 09:00:00 GMT
match2
act.ds.kakao.com/
Redirect Chain
  • https://analytics.ad.daum.net/match?d=111&uid=40951584.1619577090134
  • https://act.ds.kakao.com/match2?d=111&uid=40951584.1619577090134&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2240951584.1619577090134%22%2C%22t%22%3A%2220210428%22%7D%7D
0
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.ds.kakao.com/match2?d=111&uid=40951584.1619577090134&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2240951584.1619577090134%22%2C%22t%22%3A%2220210428%22%7D%7D
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
211.231.100.211 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software
analytics /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:33 GMT
Server
analytics
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Type
image/avif;charset=UTF-8
Content-Length
0
X-Application-Context
analytics
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:31 GMT
Server
analytics
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Location
https://act.ds.kakao.com/match2?d=111&uid=40951584.1619577090134&DSPR=%7B%22v%22%3A1%2C%22dr%22%3A%7B%22u%22%3A%2240951584.1619577090134%22%2C%22t%22%3A%2220210428%22%7D%7D
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
0
X-Application-Context
analytics
Expires
0
google
adx.dable.io/pixel/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
  • https://adx.dable.io/pixel/google?google_gid=CAESEC4xKvBBOhXthmZMKYXm7oM&google_cver=1
35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.dable.io/pixel/google?google_gid=CAESEC4xKvBBOhXthmZMKYXm7oM&google_cver=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.35.111.161 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-35-111-161.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
server
nginx
content-length
35
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adx.dable.io/pixel/google?google_gid=CAESEC4xKvBBOhXthmZMKYXm7oM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
287
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
813e44281bc30d24c69706ba9de28a356111cf651fba494ee024dc655615347c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:05:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:12:56 GMT
server
sffe
age
249935
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48728
x-xss-protection
0
expires
Mon, 25 Apr 2022 05:05:55 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.37.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.37.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
567b483e36f71896e827f0b7afbfe4182644e6d67075d2393ac80946057a81fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:58:41 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:21:00 GMT
server
sffe
age
469969
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39492
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:58:41 GMT
-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.100.woff2
fonts.gstatic.com/s/notosanstc/v11/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nFkOG829Oofr2wohFbTp9i9ywIvDrVO3cuHnQmVtV4N3QDXzPiowFVyhy21F93pzxLWunL8lQ.100.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500&family=Noto+Sans+TC:wght@400;500;700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03e69b8346e0fbb40d1c0d669e813b573d1517ba74f4db22e198a63d94188766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.storm.mg
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:54:16 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:04 GMT
server
sffe
age
470234
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46724
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:54:16 GMT
integrator.js
adservice.google.be/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3409546866979039&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RTT_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090898&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=621&adks=228286965&ucis=k&ifi=21&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x15&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
411706da515591bc27df3eed07581439bf5b7a37ef094f795ce3655e48299a82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12769
x-xss-protection
0
google-lineitem-id
5677366984
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138347656605
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=2735646273585462&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RT_300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090901&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=700&adks=1298642933&ucis=l&ifi=22&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1c2bbeefd7521fe2c51f0a277af305d3e95bc4a08213e6fa3f6e6eecf5bc319b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12756
x-xss-protection
0
google-lineitem-id
4781873185
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138311039234
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		349 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=3159851416570033&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RM_hotnews_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090903&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=1463&adks=4073605895&ucis=m&ifi=23&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x929&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8020b1e882b7a30f74626c155842fd4f4d5b20e238c31a34d9f83b9eea542550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=977018689850793&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RM_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090905&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=2008&adks=1309772606&ucis=n&ifi=24&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
910be6b777cdf2764581d6bb526c92fbc6b4bece8b81aeae46390c3cf5596744
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3993
x-xss-protection
0
google-lineitem-id
5058549110
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138269464313
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		341 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=2580339626543032&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_native_ad_hotshare&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&prev_scp=position%3D2&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090908&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=2385&adks=2231805414&ucis=o&ifi=25&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x929&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4e0eaa9adcdff76abd7dfd7535d653d1a64c295005ab32c688a86c8584461642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
141
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		350 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=314076842423481&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RM_hotshare_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090910&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=2754&adks=650721082&ucis=p&ifi=26&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x929&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
773d1ef672f8d86b6a73e58d29ea656b3b2a6db3baa031ed5084c88b7b37312f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
149
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=1096222616378736&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RB_300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090913&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=3244&adks=3416982431&ucis=q&ifi=27&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9aaf95bff49ded25af2864e357e18663e7921a178fcb0d7bd00c47e0e03fe5c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4008
x-xss-protection
0
google-lineitem-id
5326187272
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138306149819
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2656981039981739&correlator=4285407697196940&output=ldjh&impl=fifs&eid=31060747%2C31060788%2C31060789%2C31060841%2C21064367%2C31060735%2C31060825%2C44741898%2C21065724&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_RBB_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600%7C1x1&eri=1&cust_params=path_name%3D%252Flifestyle%252F3634588%26category_name%3D%25E9%25A2%25A8%25E7%2594%259F%25E6%25B4%25BB%252C%25E8%25B2%25A1%25E7%25B6%2593%252C%25E4%25B8%258B%25E7%258F%25AD%25E7%25B6%2593%25E6%25BF%259F%25E5%25AD%25B8%252C%25E9%2587%2591%25E8%259E%258D%252C&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&bc=31&abxe=1&lmt=1619577090&dt=1619577090916&dlt=1619577087082&idt=2113&frm=20&biw=1600&bih=1200&oid=3&adxs=1075&adys=3494&adks=4229238645&ucis=r&ifi=28&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x0&psts=AGkb-H_h6bVYdyUjI_uTmFmG8YArK__eibeV9rodFmOIommUqXOnpsTVmY5a5fOOCM_RhyhyeNTCGilJBzKi%2CAGkb-H_T6aqmoWNdmZqLbN2KRpXWeiDhCjhm9jmvXiYlpHPhjx7PGkt_UziUuX_vctpS_JRD1IKkHabvQ7o%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H-8vzU0rpBkwafmT7j5kkOGcPjbLWc4QDIeOdy9j5aNca7hfYuQswwwjZzWybK0RW3vZkRHvYnw1X1v%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1389265324.1619577089&ga_sid=1619577089&ga_hid=2038933004&ga_fc=false&fws=4&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8765d36f78db0ac4b1202bfb64d7f13abed6e7889c5503200ef6d9972ff35535
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4059
x-xss-protection
0
google-lineitem-id
5257518715
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138339939473
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sSUppTT8x2r.css
www.facebook.com/rsrc.php/v3/yW/l/0,cross/ Frame 4B2F 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yW/l/0,cross/sSUppTT8x2r.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63dcc4ba7cdaf9808806eb018a10cdb871bb17e0dc45e172a8b7c8d31db5ad07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:00:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jGmpBzh0NuHyTYgT2UQ1Ow==
cross-origin-resource-policy
cross-origin
content-length
6094
x-fb-rlafr
0
x-fb-debug
swdvvIFACHRA7nL6BJByDll0JxupO05QgT6ZTjk/BSseNEwNuDav3oitDdTOJ077J5FzYP5Sgx8YwaVADVXw6Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 21:00:40 GMT
UG5hFH3OnGZ.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame 4B2F 		36 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/UG5hFH3OnGZ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EdrE11NR23Bfi5e1q30Fuw==
cross-origin-resource-policy
cross-origin
content-length
7078
x-fb-rlafr
0
x-fb-debug
W5vWI6BzAo3WbMqPyL4FyFI3LbPwIpSGFuUduQZApltZpvwP9hWmyrk0aqzV1aN3djPn++yvxE5ztE5gY8QDzQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:52:52 GMT
s42o5npKlRj.js
www.facebook.com/rsrc.php/v3/yM/r/ Frame 4B2F 		272 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 15:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy
cross-origin
content-length
73923
x-fb-rlafr
0
x-fb-debug
wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 15:10:55 GMT
-T_3VWEC8Ch.js
www.facebook.com/rsrc.php/v3/yS/r/ Frame 4B2F 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yS/r/-T_3VWEC8Ch.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b37b99b0ba27589ff83639f4ab1b922e9fcdf3e695456a3aab0e6004fdd49f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 21:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yIJfmpLhqviYATRcL7OHpQ==
cross-origin-resource-policy
cross-origin
content-length
19634
x-fb-rlafr
0
x-fb-debug
v/H+oSurC5bhyPcTCMI+Nu02JcZ50WvR7vkTG8RQ+Y6wFLQphLJkeq5yvDTqYh7RdBH8mVwNLJE7pUYgcHTjMQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 21:19:18 GMT
N1Ujot6efHX.js
www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/ Frame 4B2F 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fddf9e42ec2c42150e0396945088c41b1291104d971e817b4a7551a6aee949e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 04:58:19 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
WwNmYOIR3n9K79uj4TWCaQ==
cross-origin-resource-policy
cross-origin
content-length
36443
x-fb-rlafr
0
x-fb-debug
Ivcjp/7v9pXU8LzFS8rLyZ8/1TwA4Bm8MflfoGcuenUH5aBpgVh92gb5mZJugm0WfCrAOPN3r5M1Ge1Hc2bNTQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 04:58:19 GMT
oYH4_Q4OBVP.js
www.facebook.com/rsrc.php/v3/y3/r/ Frame 4B2F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y3/r/oYH4_Q4OBVP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SNHyGmMRoqgA28EMocpyhA==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
content-length
1723
x-fb-rlafr
0
x-fb-debug
RHAzMWnFwFPh8Jma5wcShdxmcST0lztSwZxneJz3mK6Y3mlUbF72Otf24zCBCD/99ejjwxRRDERTV37CM2T5cA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 17:04:23 GMT
KMa6-js1idc.js
www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/ Frame 4B2F 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iLl54/yN/l/en_US/KMa6-js1idc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 15:43:10 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BugT2GA+FK1ULXN+N8Xqsw==
cross-origin-resource-policy
cross-origin
content-length
9028
x-fb-rlafr
0
x-fb-debug
F1s2pPDsq04IrjdDeKuNKXT+KVd0IZeTq2qDlE0UG9ysMWzPrCT1s+nhcb1U29OXwR3hVh/8+LQenD77k2YZzQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 15:43:10 GMT
W53IlTPA67J.js
www.facebook.com/rsrc.php/v3/y9/r/ Frame 4B2F 		159 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y9/r/W53IlTPA67J.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2a2fae052ec59eaf3ab6d15de7e4f0fbff178c1b990c34a669320285507db0b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 17:23:17 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xoAB/eLBsoVH2MEdsOlNfw==
cross-origin-resource-policy
cross-origin
content-length
47597
x-fb-rlafr
0
x-fb-debug
fLEeDEdUpn2HM2t6DTEWv5kRAC38Encs+aYLll4aEWpEoBEGqSfD798ilkYF1m1XZKBJz7ijfKoowrF/6/L0Dg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 17:23:17 GMT
2hT1Y7hz2Do.js
www.facebook.com/rsrc.php/v3iaOs4/ye/l/en_US/ Frame 4B2F 		420 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iaOs4/ye/l/en_US/2hT1Y7hz2Do.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ada6a46c05d36ec3154aeac6ab2cac34563031441f1af2aabe59e107a64ef28
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 22:46:44 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qgO/gC+oX4w/PFTzsQuPFA==
cross-origin-resource-policy
cross-origin
content-length
102694
x-fb-rlafr
0
x-fb-debug
gx/RanvHExs0UJrsEMoebwIYUdwWWKsVhpXhkm1vZERTaY4Km7pAPrR4utAnyO2lViZZkmwlamE17Y9dRZ66QA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 22:46:44 GMT
NAbxrfiREAq.js
www.facebook.com/rsrc.php/v3/y7/r/ Frame 4B2F 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y7/r/NAbxrfiREAq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2812c4e6fb5db18c9a70640654c4bdb973427c4df56b96ec78bc1da5c6c443cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:51:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
m97NipW9KPp6AhOWxb7GgQ==
cross-origin-resource-policy
cross-origin
content-length
26095
x-fb-rlafr
0
x-fb-debug
m/4q6e5RKhpV2dTbmLGRevxZSFX3udeq1PnQWxV7UIT4xEpc+5XdIUEYpoVu9+yTYe0NTigoLHxw5ynzUe/GxQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 25 Apr 2022 05:51:01 GMT
oH6ub2-EfEU.js
www.facebook.com/rsrc.php/v3/yT/r/ Frame 4B2F 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yT/r/oH6ub2-EfEU.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
12c555dd9feb86296b6e8ea8e8d03a373bc0dbc403800bb43d85de1bf6db1bf2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 17:29:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Inx9SEXpjCkgzdxdGcM9YQ==
cross-origin-resource-policy
cross-origin
content-length
6020
x-fb-rlafr
0
x-fb-debug
LopfWQW6Z3SVA4Ltp55C/5Tov0T1ggghINhkLcp6aTM9D6eX5L8wp6YMNfEYVHykWqVXv9B6/SbGpuSEJGqWqQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 17:29:57 GMT
1usRqtZVbfO.js
www.facebook.com/rsrc.php/v3/yo/r/ Frame 4B2F 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yo/r/1usRqtZVbfO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5820244a2bb1a21fb966e2a417d1c12f43ad67d33c1275338d1b3d67caad567
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 18:36:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
rBc3q7LW/6BWJorlo9zSzQ==
cross-origin-resource-policy
cross-origin
content-length
11415
x-fb-rlafr
0
x-fb-debug
Y3qH8Wi/W2Q6zFNV1tH334wSUVK1D1TLrjm7gFMXqotQyEIkBL+fuIvRcVjCn8K9W2SB7cQxarhvyTEK2YIPzQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 18:36:16 GMT
UqdSOiqNicA.js
www.facebook.com/rsrc.php/v3/yy/r/ Frame 4B2F 		346 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yy/r/UqdSOiqNicA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
27cc3f2cff66cbe6eaca20b793b731b92f237e30c4caabe194ae9b9921ae0354
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 21:19:24 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nYkCoFc5wsrZ91pU3m+yZw==
cross-origin-resource-policy
cross-origin
content-length
79769
x-fb-rlafr
0
x-fb-debug
VyUpHrKjYbYMOUa43+2KLJIIsIwn416WCU6R1YARd45J/jIzQCa72hcmumGYImA+6lY2jlAboQ6RPE5RuyvJCQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 21:19:24 GMT
174396785_4111427305576081_8904527733149415250_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-0/s320x320/ Frame 4B2F 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-0/s320x320/174396785_4111427305576081_8904527733149415250_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=dd9801&_nc_ohc=uh7yluEqiTgAX-Mcp3m&_nc_ht=scontent-ams4-1.xx&tp=7&oh=f408f47759c84765414800e4ac524cce&oe=60AEA945
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c88d5e8481802f5ba7b1ab85653d4e9bac0ec003984f76887677600e803f7c6

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
605238923
date
Wed, 28 Apr 2021 02:31:31 GMT
x-fb-trip-id
115442006
last-modified
Sun, 18 Apr 2021 03:32:05 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2353738476
x-fb-config-version-olb-prod
1077
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7598
1979690_713621685356677_1414653622_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 4B2F 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/1979690_713621685356677_1414653622_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=RfZVqNZMmrMAX-6q_ob&_nc_ht=scontent-ams4-1.xx&tp=27&oh=dc4fe4ae921a2bc7fff521f42831b418&oe=60ADF7B6
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0960a5cb00e1f8f1934102cf94b63688f38bd747f7d951c8920f46744ccf8c3c

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3348824450
date
Wed, 28 Apr 2021 02:31:31 GMT
x-fb-trip-id
115442006
last-modified
Tue, 25 Mar 2014 13:51:57 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
358196530
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1281
view
securepubads.g.doubleclick.net/pcs/ Frame C910 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgdjy3ht985h-Kl7r6w6FbQKoK4y_rjkkvWsc4hT5NRwnArIlR2ut5x1Yarq4QxpfMSq-Gfh_AgylxERLpc25pGDYVtQOvmMupNvuWjnBI7cl_3BfZRPYCOJdvMs9yTU2p1iDaBUabjRn34SzyqNM182tGN04U8FsLNK9J30JeS5bzjI6pTLG_FetuUFPvFNyxsOnaIsVdeArcOskbtAr81otf43rwQ7GECJAKtRdalgtmvy0R0Htwr6T0l3V0-ChTUeFHEdtJxwreJCkt-uoCKnaMPZ_V0bs3p5qpftpowKv8K3MvQFc2MhJpNSBlSlnaerWjKIY&sig=Cg0ArKJSzPdb9X7OuWbkEAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad.js
img.scupio.com/js/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d6f8735ff725fbb0c014df86972e858f749a01f581798fccf0511c0b79eb3d2b

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 07:47:32 GMT
server
nginx/1.12.1
age
363
etag
W/"607fd894-a4a4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
22hHbNI3phCBuFLDe8sYI_-ujpNPSkgAweKigEEvzzw-cFCiXvDxKQ==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:40:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C910 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2038933004&t=pageview&_s=1&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ul=en-us&de=UTF-8&dt=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAAEADQAAAAC~&jid=1899358634&gjid=165073029&cid=1389265324.1619577089&tid=UA-58197782-1&_gid=20522309.1619577091&_r=1&gtm=2wg4e1MRQJ4NV&cg1=%E9%A2%A8%E7%94%9F%E6%B4%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E4%B8%8B%E7%8F%AD%E7%B6%93%E6%BF%9F%E5%AD%B8%EF%BD%9C%E9%87%91%E8%9E%8D&cg2=&z=971979320
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=2038933004&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ul=en-us&de=UTF-8&dt=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Menu%20Bar&ea=impression&el=%E6%96%B0%E6%96%B0%E8%81%9E&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1389265324.1619577089&tid=UA-58197782-1&_gid=20522309.1619577091&gtm=2wg4e1MRQJ4NV&cg1=%E9%A2%A8%E7%94%9F%E6%B4%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E4%B8%8B%E7%8F%AD%E7%B6%93%E6%BF%9F%E5%AD%B8%EF%BD%9C%E9%87%91%E8%9E%8D&cg2=&z=520077561
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 10:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=2038933004&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ul=en-us&de=UTF-8&dt=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Menu%20Bar&ea=impression&el=%E6%94%AF%E6%8C%81%E6%88%91%E5%80%91&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1389265324.1619577089&tid=UA-58197782-1&_gid=20522309.1619577091&gtm=2wg4e1MRQJ4NV&cg1=%E9%A2%A8%E7%94%9F%E6%B4%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E4%B8%8B%E7%8F%AD%E7%B6%93%E6%BF%9F%E5%AD%B8%EF%BD%9C%E9%87%91%E8%9E%8D&cg2=&z=1023176950
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 10:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=2038933004&t=event&ni=0&_s=4&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ul=en-us&de=UTF-8&dt=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E7%8F%BE%E6%AD%A3%E7%86%B1%E6%98%A0&ea=impression&el=165624278807153&ev=1&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1389265324.1619577089&tid=UA-58197782-1&_gid=20522309.1619577091&gtm=2wg4e1MRQJ4NV&cg1=%E9%A2%A8%E7%94%9F%E6%B4%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E4%B8%8B%E7%8F%AD%E7%B6%93%E6%BF%9F%E5%AD%B8%EF%BD%9C%E9%87%91%E8%9E%8D&cg2=&z=1569440490
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 10:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=2038933004&t=event&ni=0&_s=5&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ul=en-us&de=UTF-8&dt=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ads&ea=impression&el=dablewidget_y74wWAoV&_u=aChAAEADQAAAAC~&jid=&gjid=&cid=1389265324.1619577089&tid=UA-58197782-1&_gid=20522309.1619577091&gtm=2wg4e1MRQJ4NV&cg1=%E9%A2%A8%E7%94%9F%E6%B4%BB%EF%BD%9C%E8%B2%A1%E7%B6%93%EF%BD%9C%E4%B8%8B%E7%8F%AD%E7%B6%93%E6%BF%9F%E5%AD%B8%EF%BD%9C%E9%87%91%E8%9E%8D&cg2=&z=1325510934
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Apr 2021 10:04:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
59245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPl_jV289KYRR2C9GN4d3ud3z4uM6vRgkxk4qAzNyds4c7FBrRjgrDfrEaYyn_y1ql9v4U1ymNeyELmbKMmfGm0SgxuWcvnLO_MSE1GTuOoJCpUT87tJ_Z6WKXZ0h08GI2qahPCZEK8J67qufd0h3bMUf40FPaJHz87b6OR3drAMvvxmvRz8Ux5pd1i-rGQO8EQowwavvCtDEoZyi6eFUJ0WMEO7s_ZImN6sq90Cph-vS7MRAvyUiuXr7GW-M6tJU9zE7zLlv1UTn_JpKXWff9lyHNoQ9ezkF5MSyFzuoTfUmT33KmkYbTWg&sig=Cg0ArKJSzETjYeF12Tq7EAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 4B23 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 4B23 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B23 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
l
www.google.com/ads/measurement/ Frame 4B23 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzzh3K5RcPFa3o0nxU8draC44O7WYzc2Jf-8C76t6dGLjIQBXtOFR8MgO3rkOZED37Yo4fTA9_cW0LVvTtBwmRdxpArQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
6296720589512068996
tpc.googlesyndication.com/simgad/ Frame 4B23 		782 KB
782 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6296720589512068996
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c309e0135099abef24ecba3d3e92e74338058ce3abe305e59e5fe4067ea2704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 11:12:32 GMT
x-content-type-options
nosniff
age
314339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
800768
x-xss-protection
0
last-modified
Fri, 21 Aug 2020 09:03:57 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Apr 2022 11:12:32 GMT
truncated
/ Frame 9177 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
272510e0dafc3341dae1b3ad572d5f778cbc4507858ca30155433d3939250d24

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame B8F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk3SE3Fj2f69C2nk6y6vBr-DnMA8pALg-E7CxWqkXG1gfKl19-PngRBrf0ccHMux5JXSl3npT4sD-Shf7LzDe3i-fz1zraf405PNhVJuZEUqa7bvdeoFojIIICH75UHA_rjOKhDkNEu4YvqXqjZEbjKZDpvTq3VWGPCnubs0pgMlnBQ1BoFeHzI0pD1u9m18P2YssDgc6QQhGCFB1KPWtVLP5eML8SPoFG3_4r1tc1XkD2UOiXUoxPY5WiZYuABN2DirNNI0pyImcLoDwvobT16xItZL0UZPJvrpXuprjCf-lyXUd6e1OhcDntrbPvEN5qRTgmSxPc&sig=Cg0ArKJSzF0u7ALQPwE0EAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame B8F9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame B8F9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B8F9 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
l
www.google.com/ads/measurement/ Frame B8F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQygd9GTN8-Ql6IZFgpl8_sLmMcn7n_-Z6t5EGEQsKgdIyGxm1fHnQKg6nW5VIWnZKEzyUVlJKzEaG--HZaFANg1vZUtQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
16424758007015530058
tpc.googlesyndication.com/simgad/ Frame B8F9 		176 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16424758007015530058
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
278255d1afc1c4e47c4daaf0026b6fdd3218c6977029172f72f90c5f640aa9ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 16:10:15 GMT
x-content-type-options
nosniff
age
469276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
180220
x-xss-protection
0
last-modified
Tue, 20 Apr 2021 02:11:49 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 16:10:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0DB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLX9MtGafFp33OQN-S6CcAajAa_HcZGMijjdRuA7bhdwEY4jPrBCK6zFjExb3weMoX3KaM1VBgFgJeOCXC32Co3TGON1KILVJ_G8bQ6QDAspWlUT3cgmaD-ZoZPMNWJapj7gw3Fs9v1qNkX-yYmuAvc2qouHzOezWItWi94ZatA15E6NER2njbeJPLzDB7-uMxY5e1tcsrXnFEgH3JspLlAaQxQMdwlL1fXwXNIdHxye03Ma8OdR4SEpF0S-c5iqOytL09Y3anzhfCdZsxfqyJg2llKPxD6zO6nQvkTmW4juIcuvcotCRJQg&sig=Cg0ArKJSzKzLxV4iOF3uEAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
www.googletagservices.com/tag/js/ Frame 0DB4 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 61 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21061
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0DB4 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-58197782-1&cid=1389265324.1619577089&jid=1899358634&gjid=165073029&_gid=20522309.1619577091&_u=aChAAEACQAAAAC~&z=207961577
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 28 Apr 2021 02:31:31 GMT
content-type
text/plain
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D885 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss82eWqNRxQB_0m0xCi3UGzqLl7dqVmY3whuFyzMtFIcQDYZkUmeM3XvJ0AXVp9xaM3YA-jkTmQrGEtrvRwth7t6Q-ed43V0dfvHRCBEi_J9C3W7dYjUY-xprAbPSEndFR8Gd0RPZ5Q5njhUSNVaHjaNaES9234Y5h01qdvdelFaQmPyUrLS-krMgk8GjmwZdftPKtPmFVS1Asg3jBL5QJQfjJWto4uIbblPL0lIRFRW5lUKvt_IAe3j4TvNakr3M1cBpqIKX5nIsYRphxu1YsgvVsVlv4rmyqIchzCL60UrNIU-fUuMEiLcQ&sig=Cg0ArKJSzNkepunZ87NTEAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame D885 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame D885 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D885 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
7099502908565636730
tpc.googlesyndication.com/simgad/ Frame D885 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7099502908565636730
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a66e3146dcb250f2910c46843b1db91994fea95a24ce4dc76a6ec7459ff983e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 01:27:44 GMT
x-content-type-options
nosniff
age
90227
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131910
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 00:59:58 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 01:27:44 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4DAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaS35sbMNXP9HzPConUfJnpIQeyvAlLhNXJaraRlqqjB3JVwcgWmeqOICJNbcANFE75TqVludb1j4eHOq7DSUNoI_9QHoc0pUx-Cpdvn2r4TXhnVxkL_Frwlj2tudzKcPTiQn1kHKKuTDTj8D2qu2JVdzMwFkQ6OlGAtNuuMsa8zWHtmyPXuJSgS7NvimLBw3SLHm5gGKqUNwAH1mwYCLvYQwnk65j0ae-IrTSGxAQfptL0FEAfNTap7R1B47egqoE4HiDhUSS4vYqzynhrIEQUE0VX7bzMMCari5IkP6dh97te3-n1IiMsNU&sig=Cg0ArKJSzKFVCJMSk5Q2EAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad.js
img.scupio.com/js/ Frame 4DAB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d6f8735ff725fbb0c014df86972e858f749a01f581798fccf0511c0b79eb3d2b

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 07:47:32 GMT
server
nginx/1.12.1
age
363
etag
W/"607fd894-a4a4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
bPTatJXJF7w2awX0DFUnhTUCjgXkAAWJP7axGKxUTWnyYM2bdwiejg==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:40:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DAB 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2F50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvnfJP-KUkIowG-fZjv6uTzoa4sqHFnqPXEJgOb3YkAHJQ7F9hPLwkm3AryQryr7BLaZnzfGrYDhNImVM8QoLp9QtXsfcsIiq-FDXPZVEsSHYqoEQChxyVEosXusz3hIisF6wrdcyXyILgEJ1cvPKXka6dVU6XD--JoTqeg_HYXiGSk7-DTQqVRNZM9ix30XVu3uyE7CDagefNu5mQJ5BhqJwovunkU9hmIIFlzzn6CePqZuC3mn_mvmb242qhANJ2rjaYoi4Q7if6uw8PPBToTPLIVQwQ3QAQGFloZMr263e3zJNePa05SLFgAxI&sig=Cg0ArKJSzFbe3lE9Au_4EAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad.js
img.scupio.com/js/ Frame 2F50 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d6f8735ff725fbb0c014df86972e858f749a01f581798fccf0511c0b79eb3d2b

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 07:47:32 GMT
server
nginx/1.12.1
age
363
etag
W/"607fd894-a4a4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
GM8bu34kf2hAWxvPAV0BKVQgEPX3GN2X8PfznFNvywddVQ2Gj2LlmQ==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:40:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F50 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
i
track.unidata.ai/unidata/ Frame 4A65 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.unidata.ai/unidata/i?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTk1NzcwODg1NzI5MTUiLCJtZW1iZXJJZCI6bnVsbH0=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5600:1d:68e4:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://track.unidata.ai/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xIiwicmVmZXJyZXIiOiIiLCJjb29raWVJZCI6IjE2MTk1NzcwODg1NzI5MTUiLCJtZW1iZXJJZCI6bnVsbH0=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 07:23:38 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jul 2018 03:46:23 GMT
server
AmazonS3
age
68874
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
binary/octet-stream
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
43
x-amz-cf-id
rC21UJ3AjM7j9YJBH--f96AnPE_o_rS0YNIN2Q8sDOf608oFLgdYWQ==
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2391556904443355&ev=PageView&dl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&rl=&if=false&ts=1619577091315&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619577091312.1420198295&it=1619577090673&coo=false&rqm=GET
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 28 Apr 2021 02:31:31 GMT
ls.html
img.scupio.com/html/ Frame E019 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html?mid=0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ls.html?mid=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:31:31 GMT
expires
Wed, 05 May 2021 01:56:24 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
xgxvAKwA2uRq3tVeEZTi5YwscMkwGjCMoVqMIAtthOMyVOYx4jXKaA==
event
pixel-api.scupio.com/v0/ 		159 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-api.scupio.com/v0/event?cb=0.16737043184752864
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.59.219.31 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx/1.15.2 /
Resource Hash
473d6cbef21a937d77c2079ce0b78fa7541a806999be0138930060716aecef61

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
server
nginx/1.15.2
access-control-allow-methods
POST
p3p
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
159
event
pixel-api.scupio.com/v0/ 		159 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-api.scupio.com/v0/event?cb=0.8394677303848916
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/pixel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.59.219.31 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx/1.15.2 /
Resource Hash
473d6cbef21a937d77c2079ce0b78fa7541a806999be0138930060716aecef61

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
server
nginx/1.15.2
access-control-allow-methods
POST
p3p
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
159
player.js
player.viewdeos.com/script/6.1/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.viewdeos.com/script/6.1/player.js
Requested by
Host: tags.viewdeos.com
URL: https://tags.viewdeos.com/storm/player-storm-desktop.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:bb19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fd902dfd010088990a20dd6b6b0dffa68c30c5c0bc8749a35c268d0c1e62d426

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:31 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ABg5-Ux-eIVid6kYf-8ZE4QtKPdr5hEtz9BtG3aGcjgbhCSnJreEeW8XcUhegDegMrVaxXEsMWgV0b1ggUx8uMIsJrrN2wefzQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
9068
Last-Modified
Wed, 21 Apr 2021 06:02:50 GMT
Server
UploadServer
ETag
"ac27657df65743c09ac9dbb8d4bddfa3"
Vary
Accept-Encoding
x-goog-hash
crc32c=bTkvQw==, md5=rCdlffZXQ8Caydu41L3fow==
Content-Language
en
Access-Control-Allow-Origin
*
x-goog-generation
1618984970750671
Access-Control-Expose-Headers
Content-Type
Cache-Control
no-transform, max-age=300
x-goog-stored-content-length
9068
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Wed, 28 Apr 2021 02:36:31 GMT
track
track1.viewdeos.com/ Frame 9177 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.viewdeos.com/track?pid=5e60bfad28a0610ba100c7c4&cid=5e60c75028a06115d47ebd9b&e=playerLoaded&cb=1619577091344
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.134.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-134-89.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
container.html
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 643E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 28 Apr 2021 02:31:29 GMT
expires
Thu, 28 Apr 2022 02:31:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A281 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 28 Apr 2021 02:31:29 GMT
expires
Thu, 28 Apr 2022 02:31:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame C910 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssz4B6hTTVH8Gnqrlhmqyt2cQ4HyO3DW2o1VSURfI2f6J3j0gx7wfQDYAYELYI53llzVb46-wCaDFBk28bJE85d-fqLAxYeDvUYauQwq_LMu0e8aFwwmCPSWcJTMsLZQUVBjYFQ18HIkQa6Zhvx6hN3bUP1Kj4TUVjUEF1hOtGzE3ZAQ08vLYKuVxs0Rf-_CQsivf_U_y1IUuOxw_8Ttyby4Tjx9xUhVQHgZq9B0sZs0OHwGbXZCrrSdI3BWe-32qXH1IF4NkgJiWJXHPCsLDCoHOep4CHPLqj4BtBPRsWOisHx4eLxozbfp17p2Egqy0LMCDRzTn5CCw&sig=Cg0ArKJSzEnYb7SoE2ipEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:31 GMT
3634588
service-pvapi.storm.mg/pvapi/get_pv/ 		21 B
228 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service-pvapi.storm.mg/pvapi/get_pv/3634588?tid=1619577091
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.63.232 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-63-232.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
503c378121803d220eb1648a30ef2196a6f393add1a99abaa3e2bdc609d3fb0a

Request headers

Accept
*/*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:31 GMT
x-powered-by
Express
etag
W/"15-8ede1921"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
content-length
21
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame 783E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpToBGSHvJFwYsuDKBi_tChvM-dRoatrYJU03Ou5fSaWGgDKitdNAC1NcUS0XallS8_aMXDan088pfQTJG6Y3jRCC8rNFCwrhqz0wDPya2rhO0I01dHFYB5ukSvss2W4di5NG3GzswCF2HWbrrPL7C1tQJ08Bk0evTFFWDM1AXJuFO5imrmFrlO4dYhwK-WRkWOaFsQIg4xscXQLgFsaUdR3qeZ0_1T7bkXJ7pi9RbMAEdFmb4p6lRG687p87lxJsweRiH5-1FCu1KY7-Ye6s1VKKdVos6DOI_GuFydS8OsDvm8VgukS6p&sig=Cg0ArKJSzNAmmTDfwoT6EAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 783E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 783E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 783E 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
l
www.google.com/ads/measurement/ Frame 783E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ60G0aE5cWYX56onKObR0C1S_13K3mtQtj6PuMc4wm5qh-aTewovLTDTy3D23SaMwYmph8ux1YzfZMCNHy2AIE9ANFdQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
2587532389682836612
tpc.googlesyndication.com/simgad/ Frame 783E 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2587532389682836612
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb3a0498aee818a46155e25a3d3204fe55b0bfc4a685413a8074a4d6139de815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 06:10:27 GMT
x-content-type-options
nosniff
age
246064
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
184064
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 08:52:20 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Apr 2022 06:10:27 GMT
ga-audiences
www.google.com/ads/ 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-58197782-1&cid=1389265324.1619577089&jid=1899358634&_u=aChAAEACQAAAAC~&z=774226775
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-58197782-1&cid=1389265324.1619577089&jid=1899358634&_u=aChAAEACQAAAAC~&z=774226775
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYpDEYvFPszmqLaacR4pPW0MoGoo6Mo68QxBgO8THfUfoiEFLZSfLxTYwBDFPBfE6wsqvW1R0wLIZ81r41OPRvPuRCLgPrXzm9YoqIKOvEVXGxc2vHrl5jxIrOmQk3zKpIyCuYRPOziXxwCh_L-PG9mETZf4qmsF-OC-7qENLWNBVgm27j6PR9mMciC6hKWi721chKWfIx-jwM8062n7x6EtYlVxB6ikudw0KqvWx-kXEHE8xbvUGnOCKJ4WmoD0IC4G64UUe4UrCjkUzm5YqOltw8myYy0ahECivXAVS0PPbgqirtVTVZDac&sig=Cg0ArKJSzPOt9kFQgMrzEAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 56DC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 56DC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56DC 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
l
www.google.com/ads/measurement/ Frame 56DC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXGuBROSlckRst2GpDnWM11UYYLtAQxWHGxUCZzN4SER7_ZU7nBjzuOC8k-6gpo78U_lI02uTwbqlOYVW-jBaKqxutSQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
3125794357387065261
tpc.googlesyndication.com/simgad/ Frame 56DC 		877 KB
878 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3125794357387065261
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b69d91eeaf5019d14f1d266869ca98ae3c7e54e281b22db656ab63f93c48cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 10:55:46 GMT
x-content-type-options
nosniff
age
56145
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
898550
x-xss-protection
0
last-modified
Tue, 27 Apr 2021 10:25:24 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 10:55:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 38B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNOGGVZYltPezVzPebP8vfav-xFsLX3Wxja4uWqX2XzA3q7og1852rj5Iv-fnlKgxK02crVD46mKX1rbhw_awO7usb4H6cWt2VZiQh-Xn46iMzY8FPCwm1MOljYiex9iiqy5rBcoVLd2V2WzX7TaofaBBZLjFp6PFbGDV14OSa5N3Ahjd87FjANy1jKHw14Sp9-oFTqP9uUXi6bqN1Uw4a6YrF6s-Osd8PbycP7IU6pnEB6YwW8zpP4swBGBu7VUphVRbHTPJ2ojU3oX3d8zNDErefUw0pkG7pj6dU9QS5ZawRlb1kULtDYA&sig=Cg0ArKJSzKvpvIB_IzdBEAE&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 38B2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 38B2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2567
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 38B2 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
l
www.google.com/ads/measurement/ Frame 38B2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTyYBxUndzPTvePgnhuJWYQKGTrHsA7x_IyT1tTdkQ-kPRimimPVn_iMv5S0c1Z9YcEshn-k_cd8E2vtGsw1zN-SsgyQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
11668427489052013722
tpc.googlesyndication.com/simgad/ Frame 38B2 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11668427489052013722
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d794625b678a8c160730301011f833dd7759fba70300edc2f780c9d93aa17954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 21:24:05 GMT
x-content-type-options
nosniff
age
450446
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75866
x-xss-protection
0
last-modified
Fri, 08 May 2020 09:15:39 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:24:05 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4B23 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfyht2WRK_TWa2VaRmvLQSmS8Zm3n3DR08FZx0RHMBI0SyFqO5GhI1ziuMeEqAj1YBWmDWJwBCe3dA5Qx9lqrRMUdhIahvJdLYRu3RH6StKgyHEkmcSfom2-rHKt610QbdmLJEqjRo-35DB8hFdGtob94NGdGbOsHU_ZumjZ_MBIFTz5cbIpFBaP5Omkyws82mdwvijThCKCYPzJx_k2PwoSWra1eFLiydd3Xsg8eRJ1YNZ6G1az6_dIurU1TIzWBr6nAUo9qScurx9_I5d9Pgn9qX-VyUWTgvvaJ3aiw552iQmvALIeRA6_2o&sig=Cg0ArKJSzIRsRCBXRvmOEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:31 GMT
truncated
/ Frame 4B23 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83243044c8bc2d271334c3fb3bdc2d80376631776747919f49c1cb41a2a3d835

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaiuAs2DuwYC4kHEON_u40rEUDy1mQWSUWsc1TNN2cdPwMJ3vEXr_UaBi10pWjI3MWL33PTRGKd4nw8taDoXSNCGmf0deLzXMWZRlq2e9yQkdXqmahfzA2KY-Zi53O2t626Pkd9DNSb-swGJJ-Yaq_zhIvwmsNpHrk0ZAQaZUhqvOmGQRXMvz5SdWmvbnbEIHheLHsraLYXB5EccvFfYU_JEcjpztA4TVncdBlYp5cDG6h_SEfh97NoTNjaRdwsQ4cJ4jBtLwiGtliHQAeRUSJjHIUb0pt7eC3zVBM8LZYVZlgER1BX7gr1J4&sig=Cg0ArKJSzH4IQv3r6DlWEAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
ad.js
img.scupio.com/js/ Frame 5E72 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d6f8735ff725fbb0c014df86972e858f749a01f581798fccf0511c0b79eb3d2b

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 07:47:32 GMT
server
nginx/1.12.1
age
363
etag
W/"607fd894-a4a4"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
t25RcI7XAiCNzO5s0PSgdzKNZ-3M7czcl5gMS2gWq680UYlV0gGN_w==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 02:40:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E72 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7618 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDzGRrYwkZWXIDpcFrYML33XiagN_g14lRdvV58eCFPRY4HyKBqjU-IYlJjiX_du6qqbwUIV9x_Pzha1oZqpJXWWjiJnBAjLPozZCVZLrk_a9zuO78BUvdPzTIUtdWGWZt60nFfCScHs4sQ1boX2PuCBu5P15kYEqJl4EbYS4VXxG6kFeaSb3VCxN9fgA3qUkFwMGgVAdsGHKDcHCItDySwwtkpOFXWpU3iUY2r2Xjaedy9Rv6O2gnwAw7hBuLPG_7d8C4UBjyoxOrvVNaxX7Wp5gNzNp4J4IyhQrT7xjERDMHIokiw8I4LA&sig=Cg0ArKJSzGLqJTubeN4KEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6A6F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDYnCM8fGpNuLYcqexBZHRa7Ia7BvCUht22YdJyIRzb3Jbv-Uf1C55kMc7d2SpSOWL6BWv8iYyOa1la1yz5nHxmymTbjjLRpAohgMzAW2KZLwaSKTqn1BFMsCt4GyY2K4NMcCvzKZflwjIKj-bCGqL0royYhqHYgJovgX9lTJ7CvCoLfQbQ5j1I5qdd9hB3ekv0Du66yd_4Nf0-9bpNjXL7-BlB5HoYDP4f4xQD26EImEG6-BXgSY05XsoCrbr9L2vuOBtlcVKnQBzkDW9NNPdtWXdbI7rtxlPFBUGrdm-dN_rIi51G1BXMw&sig=Cg0ArKJSzL36BrFsBgEmEAE&urlfix=1&adurl=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gpt.js
www.googletagservices.com/tag/js/ Frame 6A6F 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 564 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21061
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6A6F 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 4B2F 		967 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1502574629794708&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iEpO4/yQ/l/en_US/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2eb721e017921e69241b5bc831b9fa0a69b9d9e986911af1bdae3aec7d873d80
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
E8S1FE4Myp32MIFEwS7LRVMZYQrj6dO4OLZFJQHFamVUwOW/phepuwgNpc8unP2dA5AZ9e/Mx/2L0JEFd/LLJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 28 Apr 2021 02:31:31 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
zLCzCF1rAa7.js
www.facebook.com/rsrc.php/v3/yi/r/ Frame 4B2F 		273 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yi/r/zLCzCF1rAa7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
542b9235786f24ca184692eb965b3bc559b911649df08f075a78175cfae91bdd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:31:16 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Y0Ixo2c9XSqvZsYP+eRDyQ==
cross-origin-resource-policy
cross-origin
content-length
58366
x-fb-rlafr
0
x-fb-debug
OQx4WquxOpUGnt8/USJ0drjcfQPDiP1FD1adl22/Y6/Ie9ZjPp7sx3Ybdb4FSOxy4GKQAmBjw6wC10GkTv+PUg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 20:31:16 GMT
cAEvN19HjM2.js
www.facebook.com/rsrc.php/v3/yB/r/ Frame 4B2F 		885 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yB/r/cAEvN19HjM2.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:31:57 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lRXvpxxdUT7QUnYyGQ+l6g==
cross-origin-resource-policy
cross-origin
content-length
378
x-fb-rlafr
0
x-fb-debug
lBZQQOYf4tlrFlpeUKcNGBuWrCMP5sYzqpqdE3C0zhZ5AaJ0gEzghJGMusKSCTg0OWcq7IBlKwZ3h4l0A6tlXQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:31:57 GMT
17780.json
img.scupio.com/js/config/ 		504 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17780.json?v=1.0.3804
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
1c9f0cd222b8239deec86df1f482ea73866e23db590fd2334fd1145ee4f8a532

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 02:06:20 GMT
server
nginx/1.12.1
x-amz-cf-pop
MAD50-C1
etag
"6080da1c-1f8"
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
504
x-amz-cf-id
aj8bkTRFjmJuNbHRI9k6NQqwP7uc5aMS3OiW9-RIHuUx5esFnFbM6A==
expires
Wed, 28 Apr 2021 05:31:32 GMT
ad.html
img.scupio.com/html/ Frame BD16 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.55
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2fcfd39f20f7a32027851d0f576f8ea303bbb124828bcbb09e2846f4496f7737

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ad.html?v=1.0.55
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 19 Apr 2021 03:56:44 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:21:24 GMT
expires
Wed, 28 Apr 2021 07:50:42 GMT
cache-control
max-age=21600
etag
W/"607cff7c-8ced"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
KcSO1qcjAkvWqi4GeVizOmcPnt9OurCzRPn7fmjTHPWZqsVcWniq2Q==
age
2449
i
track.storm.mg/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.storm.mg/i?stm=1619577091898&e=pv&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&page=%E5%8F%B0%E7%81%A3%E8%96%AA%E6%B0%B4%E4%BD%8E%E6%88%BF%E5%83%B9%E9%AB%98%EF%BC%8C%E5%88%B0%E5%BA%95%E8%AA%B0%E6%98%AF%E7%A6%8D%E9%A6%96%EF%BC%9F%20%E6%A5%8A%E9%87%91%E9%BE%8D%EF%BC%9A%E3%80%8C%E6%B2%92%E6%9C%89%E5%A5%BD%E5%A5%BD%E6%8A%95%E8%B3%87%EF%BC%8C%E8%B3%87%E9%87%91%E5%B0%B1%E6%9C%83%E5%8E%BB%E7%82%92%E6%88%BF%EF%BC%81%E3%80%8D-%E9%A2%A8%E5%82%B3%E5%AA%92&tv=js-2.9.2&tna=cf&aid=5c6e1a&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=af9f1999-9ee7-48c2-b32f-442deae356ef&dtm=1619577091892&vp=1600x1200&ds=1600x13796&vid=1&sid=0ba5cfb4-9c23-485c-8d33-e361166a6067&duid=85c84aba-fc1e-4986-aa57-a0d08079a8d2&fp=1072425006&uid=1619577088572915%3B&co=%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fcontexts%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%5B%7B%22schema%22%3A%22iglu%3Acom.google.analytics%2Fcookies%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22_ga%22%3A%22GA1.1.1389265324.1619577089%22%7D%7D%2C%7B%22schema%22%3A%22iglu%3Acom.snowplowanalytics.snowplow%2Fweb_page%2Fjsonschema%2F1-0-0%22%2C%22data%22%3A%7B%22id%22%3A%22cc4e29a1-a9ae-46ff-ab31-6f2abaf2d82b%22%7D%7D%5D%7D
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.248.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
df4e4a1ced817cdf2b03316c0c3d3ae51bd50c25fd97fdb576bb88a89c55cd10

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-type
image/gif
x-powered-by
Express
etag
W/"44d-Ar25dwNve0lQPcl2jzuhbJ/fiEA"
content-length
1101
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
view
securepubads.g.doubleclick.net/pcs/ Frame B8F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNAZqNrRJ0O3u1BXIZuC0zkursiXKs0QZb_5NRBkqCgWemH4Lzh9j7un8hfnwFLEK2gn1aFwUuOHRqogN9PL7LAVj2bTe4WV-M_1ctZvYljah16bC14C2R7ZSaD2idCBOtU9GLXXq7IU5DcWR01oBSNjGET3-EJUsPQneeQGX1pI1YN2ey5una9vg_6B0xdem6_Qg04n-mDAgxcTGtfe_VNhCjlD5LzDajdv3z40UZjwuuUnTRgoymDiM4lVN7w2Eb_5xdw4a4zBWtmQLD9kug3uXNgF5Jvy87gIBCVKfqB-_SrlIRFnwOOtSXcUa4EC3YJ0kVnJeP2qs&sig=Cg0ArKJSzGET3V4g0aQsEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:31 GMT
truncated
/ Frame B8F9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d08dce2573c8f59ca7519fd9e278a89ee1e504cb3287dcaabf27af75cd8c2f64

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame 0DB4 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D885 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKeyeGqcbjFg1sWbQmC6I1XeE7fBdhxUNcUkAMxtzC0YNIcsI3fHJ4jZE2AR7o5FHfwR_s6K2-oyXeFZ8Yr0duG7tvrC4-EwKy9sTGi6FskYLP06Jw78dsjWHT563I5iXHph36vv4k4cuNh_gLWOsQOrrcdKztRju0EjxxMFOaLbk7uJM2HtBjqTpEYuaHfqboGYmAU__j4ZSq2V4wp8oL7uhN02MkPQd6-4KDCKij0Poz_s2_Fgt0BiVg1QmGEA6_BjLjS87OL5cRDTjTyge5sm4_OITI1rkMwn49J0onC9-yGvLNqFXSdZFS&sig=Cg0ArKJSzPn_yxojmT5zEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:32 GMT
truncated
/ Frame D885 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25fd4eed7ea1cdc3a1f73177caa53cc1209d0f9550492a4c2d5dd6024d179073

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4DAB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3abdc1011d067b84984c846d4d22a1d3683afe4467f204b0b2c438f433e55ddb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2F50 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14454633f7fdcd13aa4d9e22443d4d508c0d80470d9c66e1c63fd3317fb28a45

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame BF61 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI4ZixP4Q9RA_q0l-h8emqeVjqzqlPCNy0XdKNok0lVz82o9njMMdvke1jS7FZGyZmKzSuQH0PthenmNYjWa-ZRKdUVMtKwTd53YCKHtc&sig=Cg0ArKJSzAHor5--6aSbEAE&id=lidar2&mcvt=1306&p=200,315,450,1285&mtos=1306,1306,1306,1306,1306&tos=1306,0,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2004118907&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 783E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvj08Y9NOyp_OQ-r5SlAFWfQtNQfz7WCC_iYgvCySUZdgnTJ9w7KHW-jVS5s1ILLJGlkeibvBJNHzINL7ocpr1bN5mZMGtc70UPV2nSzPqWWFRJv2_JY03-k4OIawmNE2epcxuRl627C6Jagi28C14-AcUBb2d06d7k8Mzu5EFzks2QacRy-Fx3kKCsM2e8S5Q0L42-CYSvx6zaCAYeMcFsxa3to2NUSROC8Ve4qOTe3cINw7l5hykyDMRWieg48qtyhUsj-DkGs0u4nwpsM4RYgVhT7fLNB0lB-mA1A4OOWDsO-byBpPxofu4&sig=Cg0ArKJSzNRUQWIJ8fqPEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:32 GMT
truncated
/ Frame 783E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72734d3407cbef3b6f46479db0b938e9afb3ff9fdcbd86b0e772f14f17469940

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarye1RWFxi0tgVrQmGh

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 28 Apr 2021 02:31:32 GMT
content-type
text/plain
access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
tracking.js
track.storm.mg/js/core/ Frame 516E 		790 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.storm.mg/js/core/tracking.js?v=1593662374929
Requested by
Host: track.storm.mg
URL: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.248.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
1389babfb36c9e1ac183cae31e9969e934a85a548e569629927577874798fded

Request headers

Referer
https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
last-modified
Thu, 02 Jul 2020 04:08:01 GMT
x-powered-by
Express
etag
W/"316-1730db5bd3d"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
public, max-age=0
accept-ranges
bytes
content-type
application/javascript; charset=UTF-8
content-length
790
v3qTJ59YZN4.js
www.facebook.com/rsrc.php/v3iWIx4/y0/l/en_US/ Frame 4B2F 		1 MB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iWIx4/y0/l/en_US/v3qTJ59YZN4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e239a6620a4e7eeabfe5addc2e15ed70139dbf8b246841e4bdbae7a893b7a8a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 17:36:52 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uXSOXoJ89EIf5keiTiEuXQ==
cross-origin-resource-policy
cross-origin
content-length
235732
x-fb-rlafr
0
x-fb-debug
RFjY9Zr66TKkmwczdoTDKL5zp7z1eH4Tj294iQSw3s9Qxhi/mHZrEhw5APKLI5KY0bK8xmlVSUYn9Z8ky81PBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 17:36:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 56DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvUfLIw4Dmdt5EN595ky4GceiVt1tqFWimpJXQMcMel98fRZ8bMTDkF0MLrST_Ax4Md7EzrIa1WHD82lm2mzBqxzs0AJAKC4CZsoLopOo62dTZbL5MIq-qQt7HVa0uwZjBHwKgLH2FA2JVfDucVcWVfvbKDwSCnrKcLZQ2wWCNkdnm70EPm6r_CEuJ1nG3X3Of858zbjCNZ-3_Qba_4A9ayz18icBqL36xffmtfXHauTTAriZPuo3ijAV4YRXtLOm_BdMVGViHNA5KRIvMUCEw4rYsu1glAzBgfwGLhs_1-V1qisLwkhUJkwUH0Q&sig=Cg0ArKJSzOMNC04Z-K05EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:32 GMT
truncated
/ Frame 56DC 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1dfc18ce1fe4f8d6f7a3c3ba0e61566fd7e9c88914f94edefcba73431b81748

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9177 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKMTBYXcuMmjRlE0m6k08IC_AG-oefeZb-lwIRBNX9JdFY1GDtWPNQFWPPvf3lBV_tGfj7q0rdWEbXJOTxQWiwPxs3tL8nMHebbU_ZfaT3GXZBoMq0eOQC8f4ilzzS8VSFMZijuVxstzEfGSoNqtboIuKHe6bx16w_m2dI-nAFxY83ZyNgoLZ0eotsjXXlmfAMEndj0H6w3YrlpPOfou3driVbNjFEJxWxZiBmkFWZhbA2ODBZjqKmaZZ_EtY7be8_cCpGqacNv_nawUHlfGYki4xgKQAEeczrABzcW1ZbQCsPSyVH_u-iSkc&sig=Cg0ArKJSzPEeFFQE6-ZpEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:32 GMT
17958.json
img.scupio.com/js/config/ Frame 2F50 		978 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17958.json?v=1.0.3804
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
b188dcbcd0c2a414a7fa08bb92e2d412fd8690831b8fc28882f56c83bf14f607

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 02:06:21 GMT
server
nginx/1.12.1
x-amz-cf-pop
MAD50-C1
etag
"6080da1d-3d2"
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
978
x-amz-cf-id
-KDdJoz7ALJ9qrqmB6cpLZN5NajxPMkivVe4oae_-bqJLEgszamN_Q==
expires
Wed, 28 Apr 2021 05:31:32 GMT
ad.html
img.scupio.com/html/ Frame CAC6 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.55
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2fcfd39f20f7a32027851d0f576f8ea303bbb124828bcbb09e2846f4496f7737

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ad.html?v=1.0.55
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 19 Apr 2021 03:56:44 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:21:24 GMT
expires
Wed, 28 Apr 2021 07:50:42 GMT
cache-control
max-age=21600
etag
W/"607cff7c-8ced"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
MR-U1hq1izjdAExHuZd29zj4FUGqrE1uPwfyCWnCQ2QO6pEFnDT1AQ==
age
2450
17781.json
img.scupio.com/js/config/ Frame 4DAB 		553 B
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17781.json?v=1.0.3804
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
70e32922e0fb8fbaf3501493ac01bb478e920347447652c6ac4bf2dee75472c0

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 02:06:21 GMT
server
nginx/1.12.1
x-amz-cf-pop
MAD50-C1
etag
"6080da1d-229"
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
553
x-amz-cf-id
6YSEhl29PPlGT_HKcebC9uGAiohpQIv1IGpiQw8ul6Qnw_wOZF_wSQ==
expires
Wed, 28 Apr 2021 05:31:32 GMT
ad.html
img.scupio.com/html/ Frame 5774 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.55
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2fcfd39f20f7a32027851d0f576f8ea303bbb124828bcbb09e2846f4496f7737

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ad.html?v=1.0.55
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 19 Apr 2021 03:56:44 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:21:24 GMT
expires
Wed, 28 Apr 2021 07:50:42 GMT
cache-control
max-age=21600
etag
W/"607cff7c-8ced"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
V2mnl18u_NVSJQ-6-XVfS-ZYnvjzVELhraglnaMlm06z40CEY4Quvg==
age
2450
view
securepubads.g.doubleclick.net/pcs/ Frame 38B2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgphhOdl8EdkWakiKtGT4r-bAVvp6CVWW9SkCYQAllaQ43ks7Mw7EUZpqs6Z7H5_aBu528SupHNbuIB7ggGu0qmmPq_dKqMUlodYaY5_7Uhg9H34HtEdDpsrqa8nyIOiVxQvW6rzqq07krx4gAp0FP0MNCvolHYNeFZdy2ZgwvTdq-c1ll09OKL6REGmwuWAMCnPcJTEx3hKT7Ex0v7p8KdSZZcl0nRAxr7fG8KjGrY65CAS_DeKwJizXKF-kdLkmrRW4GTuw7xQps9eVEflIdoWEu1__l1H6GgCemVMt6pJRNTO55i3nyO2Ng&sig=Cg0ArKJSzCCWovCfd1J4EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:32 GMT
truncated
/ Frame 38B2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38c72a709b3af085038687f9093aab86aee4b99696e59edc38689ec6682a6f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5E72 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048d8ba1d0ba85dac69781e4bb5aa24cd344f61113ac093311df28c550741c4d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AVmanager.js
player.aniview.com/script/6.1/ Frame 8446 		335 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Requested by
Host: player.viewdeos.com
URL: https://player.viewdeos.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8f7abefb15bb45806215e2c20e834844820f1db6080071ddaf14289122710243

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UwX8pKC6Dlub7bxu0Lt2m_zthwm8Tth8gY2wR8czcSRnICPufobogANcccEkeuXCE2dCSAIu0MMSRQA5M9C-Fj4-rIDZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
96803
last-modified
Wed, 21 Apr 2021 06:02:13 GMT
server
UploadServer
etag
"4784a1a0f6335f802e1d435bfeb03274"
vary
Accept-Encoding
x-goog-hash
crc32c=HTEgng==, md5=R4ShoPYzX4AuHUNb/rAydA==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984933820372
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
96803
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 02:36:32 GMT
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame 6A6F 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:32 GMT
integrator.js
adservice.google.de/adsid/ Frame 0DB4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0DB4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0DB4 		84 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3515986218441383&correlator=2545598378560920&output=ldjh&impl=fif&eid=31060783%2C31060854%2C21068767%2C31060824&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=7682122%2CSF_storm_content_RM_300250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&cdm=storm.mg&bc=31&abxe=1&lmt=1619577092&dt=1619577092429&dlt=1619577091210&idt=1205&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1075&adys=2984&adks=2840708511&ucis=samf6ngzzqe2&ifi=1&ifk=2958630207&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&top=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=20522309.1619577091&ga_sid=1619577092&ga_hid=2125855223&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
bcf0e78c18004ffc4127da2980215056aea5baabb45ac557897720780c7e666f
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJiJouryn_ACFRPKdwod-vYEfQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9715148502272904443/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJiJouryn_ACFRPKdwod-vYEfQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9715148502272904443/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28239
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 28 Apr 2021 02:31:32 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DB4 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DB4 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 0DB4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f76abd1ec35fbff8e74391c8b99316037ee5f9f006421bc83a202a8d4dbfdb1d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
initid.aspx
bw.scupio.com/ssp/ Frame E019 		37 B
627 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/ssp/initid.aspx?mode=L&cb=0.2538559844821615&mid=0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ls.html?mid=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8f02432b412c10a37b712c026a8a6c8abf64512d253950f079fd31e83b4af1f5

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:33 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
application/javascript; charset=utf-8
Content-Length
159
notosanstc.css
fonts.googleapis.com/earlyaccess/ Frame 643E 		691 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/notosanstc.css
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 01:07:26 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 643E 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16627
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 21:54:25 GMT
css
fonts.googleapis.com/ Frame 643E 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700|Roboto:300,400,400italic,500,700&lang=en
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f52e14e4a3116fcf0400a1de1775e7f5707d2859d04bb5362459f232ff101a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 02:31:32 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 643E 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:32 GMT
13867.json
img.scupio.com/js/config/ Frame 5E72 		594 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/13867.json?v=1.0.3804
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2ad824b925511af6f0bf109e7ed1362ddbd850acc44d545e8539017f1abb4bbf

Request headers

Accept
application/json, text/javascript, */*
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
via
1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
last-modified
Thu, 22 Apr 2021 02:06:20 GMT
server
nginx/1.12.1
x-amz-cf-pop
MAD50-C1
etag
"6080da1c-252"
x-cache
RefreshHit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
594
x-amz-cf-id
lseJYFQWPlU593cNXGNcaaqZ1hzP0-Ylf5Q14WmBWqSo50FpU4cioQ==
expires
Wed, 28 Apr 2021 05:31:32 GMT
ad.html
img.scupio.com/html/ Frame 06AD 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.55
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
2fcfd39f20f7a32027851d0f576f8ea303bbb124828bcbb09e2846f4496f7737

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ad.html?v=1.0.55
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 19 Apr 2021 03:56:44 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:21:24 GMT
expires
Wed, 28 Apr 2021 07:50:42 GMT
cache-control
max-age=21600
etag
W/"607cff7c-8ced"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
vrVVLjFOMvHEDpsugA7cJ-F3_p8r20nmGzzWRyGoT9qIcst6ybIkAw==
age
2450
notosanstc.css
fonts.googleapis.com/earlyaccess/ Frame A281 		691 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/notosanstc.css
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 01:14:30 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A281 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:54:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16627
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 21:54:25 GMT
css
fonts.googleapis.com/ Frame A281 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,400italic,600,700|Roboto:300,400,400italic,500,700&lang=en
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f52e14e4a3116fcf0400a1de1775e7f5707d2859d04bb5362459f232ff101a8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 02:31:32 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A281 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:32 GMT
swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame FFD7 		830 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 04:12:45 GMT
Server
Apache
x-amz-request-id
39705653E55C092C
ETag
"7570769c6f4af63877b73ce88e833efe"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316
x-amz-id-2
DOzmg67Fma9HnGFjJ5TLfsqP8B8E5vrsM12A36fgMiYAhmQWEDH/9rAcO1X1AG55m5F0KEmQ/BA=
widget.min.css
static.dable.io/dist/ Frame FFD7 		73 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/widget.min.css?202104131548
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
daf45cb93bda55323577c5bd61644ada57be15e2439d9775a679046c3f10bd2b

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
htaKc3T7s1YnPfT5J2Qvo3fI9J7hZJ2o
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 06:11:51 GMT
Server
Apache
x-amz-request-id
R1JW5SECFJE7ECJR
ETag
"631670b7f235f45d05aa12febd0f8b18"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=86400
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10040
x-amz-id-2
gp4zCAbldHBnOjBeyswHdWvJ7uzdpSM8Ze4lQxelszCxcaNEyXErP5rE5fkqfpLmYcQSn7VJeoo=
f6f6f6.png
static.dable.io/static/i/ Frame FFD7 		83 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dable.io/static/i/f6f6f6.png
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding
gzip
Last-Modified
Tue, 02 Mar 2021 06:35:50 GMT
Server
Apache
x-amz-request-id
A74E3AC9B94295FA
ETag
"c684e92ff40cdf977c18be6a031e6e54"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=864000
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96
x-amz-id-2
NCjPtdq8kaPGqc6TpUypjvIKhhX0jc88Y2RUNlDJzr3pWjlms5hXpoLorAtlfetNnuUvbga2nlk=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame FFD7 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11916
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
widget.min.js
static.dable.io/dist/ Frame FFD7 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/widget.min.js?202104201732
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a560aea80556ea47e9dcb6fcb80e0cb1243a63ae13cc2b2c01a74a2aecce71c

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3f7QFqFV0376WGARAKw3G5y.9GaMBzXk
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 05:02:17 GMT
Server
Apache
x-amz-request-id
8AG33YP11EZANRY1
ETag
"e153e17076b86dd475b555ed00f5275b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17404
x-amz-id-2
JAkkJPn661wrnuSvk+R1AR69sznYJrY789oRpvT2q5yULSlsgvP9cxev4NyTO8raJYkgfdo2Bc8=
css2
fonts.googleapis.com/ Frame FFD7 		117 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 01:16:22 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame 1929 		830 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 04:12:45 GMT
Server
Apache
x-amz-request-id
39705653E55C092C
ETag
"7570769c6f4af63877b73ce88e833efe"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316
x-amz-id-2
DOzmg67Fma9HnGFjJ5TLfsqP8B8E5vrsM12A36fgMiYAhmQWEDH/9rAcO1X1AG55m5F0KEmQ/BA=
widget.min.css
static.dable.io/dist/ Frame 1929 		73 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/widget.min.css?202104131548
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
daf45cb93bda55323577c5bd61644ada57be15e2439d9775a679046c3f10bd2b

Request headers

Referer
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
htaKc3T7s1YnPfT5J2Qvo3fI9J7hZJ2o
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 06:11:51 GMT
Server
Apache
x-amz-request-id
R1JW5SECFJE7ECJR
ETag
"631670b7f235f45d05aa12febd0f8b18"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=86400
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10040
x-amz-id-2
gp4zCAbldHBnOjBeyswHdWvJ7uzdpSM8Ze4lQxelszCxcaNEyXErP5rE5fkqfpLmYcQSn7VJeoo=
css
fonts.googleapis.com/ Frame 1929 		117 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 02:31:32 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 1929 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11916
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
widget.min.js
static.dable.io/dist/ Frame 1929 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/widget.min.js?202104201732
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a560aea80556ea47e9dcb6fcb80e0cb1243a63ae13cc2b2c01a74a2aecce71c

Request headers

Referer
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3f7QFqFV0376WGARAKw3G5y.9GaMBzXk
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 05:02:17 GMT
Server
Apache
x-amz-request-id
8AG33YP11EZANRY1
ETag
"e153e17076b86dd475b555ed00f5275b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17404
x-amz-id-2
JAkkJPn661wrnuSvk+R1AR69sznYJrY789oRpvT2q5yULSlsgvP9cxev4NyTO8raJYkgfdo2Bc8=
i
track.storm.mg/storm/ Frame 516E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.storm.mg/storm/i?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
Requested by
Host: track.storm.mg
URL: https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.248.189 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-248-189.ap-northeast-1.compute.amazonaws.com
Software
/ Express
Resource Hash
df4e4a1ced817cdf2b03316c0c3d3ae51bd50c25fd97fdb576bb88a89c55cd10

Request headers

Referer
https://track.storm.mg/cookiemap.html?appId=5c6e1a&data=eyJhcHBJZCI6IjVjNmUxYSIsInBhZ2VUaXRsZSI6IuWPsOeBo+iWquawtOS9juaIv+WDuemrmO+8jOWIsOW6leiqsOaYr+emjemmlu+8nyDmpYrph5Hpvo3vvJrjgIzmspLmnInlpb3lpb3mipXos4fvvIzos4fph5HlsLHmnIPljrvngpLmiL/vvIHjgI0t6aKo5YKz5aqSIiwicGFnZVVSTCI6Imh0dHBzOi8vd3d3LnN0b3JtLm1nL2xpZmVzdHlsZS8zNjM0NTg4IiwiY29va2llIjoic21nX3VpZD0xNjE5NTc3MDg4NTcyOTE1OyB1aWQudj0xOyBfc3Bfc2VzLjgwZjQ9KjsgX3NwX2lkLjgwZjQ9ODVjODRhYmEtZmMxZS00OTg2LWFhNTctYTBkMDgwNzlhOGQyLjE2MTk1NzcwOTAuMS4xNjE5NTc3MDkwLjE2MTk1NzcwOTAuMGJhNWNmYjQtOWMyMy00ODVjLThkMzMtZTM2MTE2NmE2MDY3OyBfX2dhZHM9SUQ9YjFjNDE3ZDY4ODEzY2Y0Ni0yMmViYzgyNGY2YzcwMDhkOlQ9MTYxOTU3NzA4OTpSVD0xNjE5NTc3MDg5OlM9QUxOSV9NWnBEM0pYcy1naXlIWGpQYWVTaU5tWnA3aFF4USIsInJlZmVycmVyIjoiIiwiY29va2llSWQiOiIxNjE5NTc3MDg4NTcyOTE1IiwibWVtYmVySWQiOm51bGx9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:32 GMT
content-type
image/gif
x-powered-by
Express
etag
W/"44d-Ar25dwNve0lQPcl2jzuhbJ/fiEA"
content-length
1101
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame BD16 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11916
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
prebid.js
img.scupio.com/js/ Frame BD16 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 07:10:35 GMT
server
nginx/1.12.1
age
173
etag
W/"604870eb-38e7e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
xiQYYmH1nIvD6vqyjoU5-SOiPdiaXnfcFPv8ET2cNMBi00acEEi2MQ==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 08:28:38 GMT
integrator.js
adservice.google.de/adsid/ Frame 6A6F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6A6F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6A6F 		84 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2390447562333629&correlator=2384152591788085&output=ldjh&impl=fif&eid=31060746%2C31060899%2C31060795%2C31060894%2C31060840&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=7682122%2CSF_storm_content_RB_300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=2&cookie=ID%3Db1c417d68813cf46%3AT%3D1619577089%3AS%3DALNI_MbhOeyeiG3F84zzdGuIJpJya5AQpQ&cdm=storm.mg&bc=31&abxe=1&lmt=1619577092&dt=1619577092794&dlt=1619577091684&idt=1090&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1075&adys=4263&adks=2885504511&ucis=ckf93wm59h3q&ifi=1&ifk=3199269799&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&top=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=20522309.1619577091&ga_sid=1619577093&ga_hid=747404471&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
824285763fce9cf21d757a1941021001de9627d523af08881ad420790ca84423
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOzuOryn_ACFRi4dwodMFoKxA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9715148502272904443/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COOzuOryn_ACFRi4dwodMFoKxA&gqi=&layout=/sadbundle/%24csp%253Der3%24/9715148502272904443/index.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28306
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Wed, 28 Apr 2021 02:31:32 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A6F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A6F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
truncated
/ Frame 6A6F 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323b6be59631ba254bf462034e1fc43052c9bb820bf3c9be023bb0f3440604c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame DBC8 		830 B
807 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23

Request headers

Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3wsoX9oiTtQq5z8aSQWNt.CSLC7W7Bku
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 04:12:45 GMT
Server
Apache
x-amz-request-id
39705653E55C092C
ETag
"7570769c6f4af63877b73ce88e833efe"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
316
x-amz-id-2
DOzmg67Fma9HnGFjJ5TLfsqP8B8E5vrsM12A36fgMiYAhmQWEDH/9rAcO1X1AG55m5F0KEmQ/BA=
widget.min.css
static.dable.io/dist/ Frame DBC8 		73 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/widget.min.css?202104131548
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
daf45cb93bda55323577c5bd61644ada57be15e2439d9775a679046c3f10bd2b

Request headers

Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
htaKc3T7s1YnPfT5J2Qvo3fI9J7hZJ2o
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 06:11:51 GMT
Server
Apache
x-amz-request-id
R1JW5SECFJE7ECJR
ETag
"631670b7f235f45d05aa12febd0f8b18"
Vary
Accept-Encoding
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=86400
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10040
x-amz-id-2
gp4zCAbldHBnOjBeyswHdWvJ7uzdpSM8Ze4lQxelszCxcaNEyXErP5rE5fkqfpLmYcQSn7VJeoo=
css
fonts.googleapis.com/ Frame DBC8 		117 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 02:31:32 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:32 GMT
f6f6f6.png
static.dable.io/static/i/ Frame DBC8 		83 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.dable.io/static/i/f6f6f6.png
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5

Request headers

Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Ca5cEPOEqu1JS3QpRDnwNdCnzD9veP5v
Content-Encoding
gzip
Last-Modified
Tue, 02 Mar 2021 06:35:50 GMT
Server
Apache
x-amz-request-id
A74E3AC9B94295FA
ETag
"c684e92ff40cdf977c18be6a031e6e54"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=864000
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
96
x-amz-id-2
NCjPtdq8kaPGqc6TpUypjvIKhhX0jc88Y2RUNlDJzr3pWjlms5hXpoLorAtlfetNnuUvbga2nlk=
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame DBC8 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11916
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
widget.min.js
static.dable.io/dist/ Frame DBC8 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.dable.io/dist/widget.min.js?202104201732
Requested by
Host: api.dable.io
URL: https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1a560aea80556ea47e9dcb6fcb80e0cb1243a63ae13cc2b2c01a74a2aecce71c

Request headers

Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3f7QFqFV0376WGARAKw3G5y.9GaMBzXk
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 05:02:17 GMT
Server
Apache
x-amz-request-id
8AG33YP11EZANRY1
ETag
"e153e17076b86dd475b555ed00f5275b"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=86400
Date
Wed, 28 Apr 2021 02:31:32 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17404
x-amz-id-2
JAkkJPn661wrnuSvk+R1AR69sznYJrY789oRpvT2q5yULSlsgvP9cxev4NyTO8raJYkgfdo2Bc8=
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.storm.mg&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&apppkg=&fv=3&proto=https&pid=5e60bfad28a0610ba100c7c4&cid=5e60c75028a06115d47ebd9b&e=inventory&vi=0&cb=1619577092947
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame CAC6 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11916
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
prebid.js
img.scupio.com/js/ Frame CAC6 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 07:10:35 GMT
server
nginx/1.12.1
age
174
etag
W/"604870eb-38e7e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
-agrN0XHcVI7E8PBZoGiUHOSApZoyd7FvC9rARg6iwe8JvkiDHjt0A==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 08:28:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 5774 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11916
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
prebid.js
img.scupio.com/js/ Frame 5774 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 07:10:35 GMT
server
nginx/1.12.1
age
174
etag
W/"604870eb-38e7e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
mKBMaACSC1ZvaXV0JbCIIkhGJJ8J8DwHs0XY77qpiXxqhBrGNGIZMA==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 08:28:38 GMT
/
www.facebook.com/login/ Frame 4B2F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fthejournalist%26tabs%26width%3D320%26height%3D130%26small_header%3Dfalse%26adapt_container_width%3Dfalse%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252Fthejournalist%26tabs%26width%3D320%26height%3D130%26small_header%3Dfalse%26adapt_container_width%3Dfalse%26hide_cover%3Dfalse%26show_facepile%3Dfalse%26appId
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0GIH8JUtEwpqdHMpV..BgiMkD...1.0.BgiMkD.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&tabs&width=320&height=130&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=false&appId

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
cache-control
private, no-cache, no-store, must-revalidate
x-frame-options
DENY
content-encoding
br
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
content-type
text/html; charset="utf-8"
x-fb-debug
qsaB/ZJTHHZDhJde65+6iAH5nZLEHTQHf/OaZVVfCv0bZaLJtqJ5hyjpfXxKpFeULhJfwuc/zbY4MKv5K5GlfA==
date
Wed, 28 Apr 2021 02:31:33 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
view
securepubads.g.doubleclick.net/pcs/ Frame 0DB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5uzbdLDK9BqgdzG9yfPP1bn53IxaqRR07Gm36cOpmDyy4Od81hPeq6Ks9xDDugcpmJzUABR31C--UUUjYunYQ2DPnl_qXfS7SQ8K4cWGN5-J7_UE3oCMNR5eeQnYI5eGffz9cJH156ezYbvYrri0nGK2ACGnCQ_m--7j0hrXXeUibm23zev5dREUCHvFKIhDfBPGaPIUBAAZusFyllB3It3EZMUJjwgdC2d3Dd9EIT9fsYpKrA09NyfJ-r-9COQocGDtDsPCc4QA1LOfH0rg1BP5CRpvv708C3AkwKPiPYuw4QobUfi8wDskt&sig=Cg0ArKJSzHxaE6dH58_VEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:33 GMT
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		709 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
03b57ed1f944d098554c9de5c7ee93e167e0564d4a3b74233b53939ccc58d99d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-text-tiny-gray.png
images.dable.io/static/i/ Frame FFD7 		661 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202104131548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"2260fca7dca92761058aace21a176daa"
x-amz-request-id
35CC7113A1175327
Connection
keep-alive
Content-Length
661
x-amz-id-2
U4W2TbYFM14WY5X5PIAvx3BT459MKI06wmRY8JX2RnzHWJbbcfoziygigIRtHm+hRZd7CjRYx2w=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Wed, 28 Apr 2021 02:31:33 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
go1.aniview.com/api/adserver/tag/ 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&AV_CHANNELID=5e60c75028a06115d47ebd9b&format=json&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.storm.mg&AV_DADPOS=3&AV_PLACEMENT=1&v=6.1.1.243&avtoken=92946&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1619577093257
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
11e0a199e41ad66919647c725de88700f8509a7a779aace9e2e6c1e4e132e860

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 16 Apr 2021 12:44:53 GMT
truncated
/ 		581 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
container.html
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 89FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 28 Apr 2021 02:31:32 GMT
expires
Thu, 28 Apr 2022 02:31:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 0DB4 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0DB4 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f51eb22d2e6e474c7552ad961060d0be8f0ecdae629318c60935adfe2953d54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7031
x-xss-protection
0
logo-text-tiny-gray.png
images.dable.io/static/i/ Frame 1929 		661 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202104131548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"2260fca7dca92761058aace21a176daa"
x-amz-request-id
35CC7113A1175327
Connection
keep-alive
Content-Length
661
x-amz-id-2
U4W2TbYFM14WY5X5PIAvx3BT459MKI06wmRY8JX2RnzHWJbbcfoziygigIRtHm+hRZd7CjRYx2w=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Wed, 28 Apr 2021 02:31:33 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 22:06:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
447913
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
expires
Fri, 22 Apr 2022 22:06:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:29:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
age
255719
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:29:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
age
471340
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
470851
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
age
471324
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:09 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
21419
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:34:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:08:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
age
87780
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:08:33 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:20:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:02 GMT
server
sffe
age
94287
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54000
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:20:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:49:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
20547
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:49:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:07:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
519856
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:07:17 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:31:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
489615
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48324
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:31:18 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:05:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
231958
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50856
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:05:35 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 21:36:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:59 GMT
server
sffe
age
449683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56272
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:36:50 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:47:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
age
247445
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52988
x-xss-protection
0
expires
Mon, 25 Apr 2022 05:47:28 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.46.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.46.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cf66004efc5cc420ff64e2efa55227a4dc404cdb6b66187d6642bad592f0dc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:29:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:22:40 GMT
server
sffe
age
518508
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39020
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:29:45 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:14 GMT
server
sffe
age
470827
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57968
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:26 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
471318
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:13:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:07 GMT
server
sffe
age
519459
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44828
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:13:54 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.31.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 1929 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.31.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1e6db17beead6421070bed74c889ccf58b7b28dea2cb631d1341297bdaa2da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:06:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:35:16 GMT
server
sffe
age
87910
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22696
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:06:23 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B8F9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst9eyilje1gZRC33LZUlvuIX-J4d99TcJ0M9JLJYx9nz9O_k4VsG_iUX_H9JCUY7TqS9IFHYEDbTBi66iCkSCiueI58r12nq_x7QuXERLg&sig=Cg0ArKJSzEKCVe5h66syEAE&id=lidar2&mcvt=1573&p=950,315,1200,1285&mtos=1573,1573,1573,1573,1573&tos=1573,0,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=4267075666&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619577091200&dlt=0&rpt=948&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:29:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
age
255719
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:29:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 22:06:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
447913
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
expires
Fri, 22 Apr 2022 22:06:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
470851
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
age
471340
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
age
471324
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:09 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
21419
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:34:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 21:36:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:59 GMT
server
sffe
age
449683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56272
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:36:50 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:07:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
519856
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:07:17 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.20.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.20.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d02abe35c30d068129103f3ead44cc900290f8a64aa13419a6748a720153a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:30 GMT
server
sffe
age
470809
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:44 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:49:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
20547
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:49:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
471318
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:41:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:43 GMT
server
sffe
age
251388
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48552
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:41:45 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame FFD7 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:08:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
age
87780
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:08:33 GMT
87_Economics.mp4
cdn.viewdeos.com/videos/publishers/storm/live/ 		192 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.viewdeos.com/videos/publishers/storm/live/87_Economics.mp4
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.59.220.193 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
BunnyCDN-DE1-601 /
Resource Hash

Request headers

Referer
https://www.storm.mg/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 28 Apr 2021 02:31:33 GMT
cdn-edgestorageid
632
cdn-storageserver
DE-51
Content-Range
bytes 0-2443862/2443863
cdn-cachedat
2021-04-28 04:28:38
cdn-pullzone
93433
Content-Length
2443863
last-modified
Mon, 13 Jul 2020 07:31:50 GMT
server
BunnyCDN-DE1-601
cdn-requestpullcode
206
content-type
video/mp4
cdn-cache
HIT
cdn-uid
a2791f1d-070e-4cd3-b198-d0c26d1dc5f1
cache-control
max-age=25600000
cdn-requestid
d8da60749eba6ca7ba43c8093906940b
cdn-requestcountrycode
BE
cdn-requestpullsuccess
True
prevnext2-snippet-ie.png
images.dable.io/static/i/ Frame DBC8 		288 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/static/i/prevnext2-snippet-ie.png
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202104131548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95

Request headers

Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"78144ca1e42485765eff8fd58568ec78"
x-amz-request-id
81B5DDD116E89B12
Connection
keep-alive
Content-Length
288
x-amz-id-2
t1wtYFlYVYzI6M0XT39AcDwFPoRstUZGovfpThtKwKL8zqmSeJCX1ayRSDNlDHG5fMVKIHx0Re4=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Wed, 28 Apr 2021 02:31:33 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
logo-text-tiny-gray.png
images.dable.io/static/i/ Frame DBC8 		661 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202104131548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"2260fca7dca92761058aace21a176daa"
x-amz-request-id
35CC7113A1175327
Connection
keep-alive
Content-Length
661
x-amz-id-2
U4W2TbYFM14WY5X5PIAvx3BT459MKI06wmRY8JX2RnzHWJbbcfoziygigIRtHm+hRZd7CjRYx2w=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Wed, 28 Apr 2021 02:31:33 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 22:06:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
447913
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
expires
Fri, 22 Apr 2022 22:06:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:29:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
age
255719
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:29:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
age
471340
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
470851
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
age
471324
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:09 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
21419
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:34:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:08:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
age
87780
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:08:33 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:20:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:02 GMT
server
sffe
age
94287
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54000
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:20:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:49:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
20547
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:49:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:07:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
519856
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:07:17 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		57 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:26 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:14 GMT
server
sffe
age
470827
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57968
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:26 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		55 KB
55 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 21:36:50 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:59 GMT
server
sffe
age
449683
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56272
x-xss-protection
0
expires
Fri, 22 Apr 2022 21:36:50 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:47:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
age
247445
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52988
x-xss-protection
0
expires
Mon, 25 Apr 2022 05:47:28 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:31:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
489615
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48324
x-xss-protection
0
expires
Fri, 22 Apr 2022 10:31:18 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:41:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:43 GMT
server
sffe
age
251388
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48552
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:41:45 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.102.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 04:37:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:58 GMT
server
sffe
age
510828
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46208
x-xss-protection
0
expires
Fri, 22 Apr 2022 04:37:45 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
471318
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.59.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.59.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c735b602c1d0416e80fc3a525e9421d67acf31a247749da9d284a072fe39bd99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 22:52:57 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
age
13116
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22160
x-xss-protection
0
expires
Wed, 27 Apr 2022 22:52:57 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 10:05:35 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
231958
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50856
x-xss-protection
0
expires
Mon, 25 Apr 2022 10:05:35 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.29.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.29.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49c4f1302ac326351a80eff5d040084b56945c308de229eb403648d085edcb5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:21:01 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:24:38 GMT
server
sffe
age
11432
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34368
x-xss-protection
0
expires
Wed, 27 Apr 2022 23:21:01 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.25.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.25.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
07f5f2f66466d0a3765c3da154554f55dfebeef3b5c6fc67eabacfea839d9e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 16:03:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:17:48 GMT
server
sffe
age
469708
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32688
x-xss-protection
0
expires
Fri, 22 Apr 2022 16:03:05 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:13:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:07 GMT
server
sffe
age
519459
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44828
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:13:54 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.65.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame DBC8 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.65.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e2a6b78e1a5e0d3da06342efa10af3e0dc1f1abfb1dc3eb07b84b64184cb6cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://api.dable.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:01:32 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:23 GMT
server
sffe
age
88201
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25596
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:01:32 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 56DC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5KLccCbb97Z1nNr2IX4dBlpylhLWya0oo1mv5ul4kbQbHUNK2_AqB7olGhH6E204vpUOykBhgwbn9PJMM8VVQRAT5JVhHP_IMctiSB1Y&sig=Cg0ArKJSzKoIBcU9o48eEAE&id=lidar2&mcvt=1562&p=621,1075,1221,1375&mtos=0,1562,1562,1562,1562&tos=0,1562,0,0,0&v=20210423&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=3&adk=228286965&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619577091583&dlt=0&rpt=901&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 06AD 		95 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:12:56 GMT
x-content-type-options
nosniff
age
11917
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97163
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Apr 2022 23:12:56 GMT
prebid.js
img.scupio.com/js/ Frame 06AD 		228 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=0.0.8
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:28:38 GMT
content-encoding
gzip
last-modified
Wed, 10 Mar 2021 07:10:35 GMT
server
nginx/1.12.1
age
174
etag
W/"604870eb-38e7e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=21600
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
q1sG7Z6lj01U9f2EbqOzN7ZSSsKz3gRpcbDfYdoRNJcc0zpUrjob5A==
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
expires
Wed, 28 Apr 2021 08:28:38 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0DB4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:33 GMT
container.html
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 93C9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Wed, 28 Apr 2021 02:31:32 GMT
expires
Thu, 28 Apr 2022 02:31:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 6A6F 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188783439141"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28201
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:33 GMT
dot.png
images.dable.io/static/i/ Frame DBC8 		269 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dable.io/static/i/dot.png?2
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/widget.min.css?202104131548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.225.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-225-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f

Request headers

Referer
https://static.dable.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
null
ETag
"c6dbfa476effcbda5d070b19378fed29"
x-amz-request-id
164D6F056A7F88BD
Connection
keep-alive
Content-Length
269
x-amz-id-2
HSc0TeECv7JwbHh1UMOlhiU7otcck7yiZ+0BRkT8zn5i/Xn66Fyy+euliMR+ep3yY1k28980jOI=
Last-Modified
Mon, 24 Aug 2020 02:55:47 GMT
Server
Apache
Date
Wed, 28 Apr 2021 02:31:34 GMT
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=864000
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
vadtag.html
vpaid.pubmatic.com/ads/video/ 		962 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
f93f7f637d21584b9121a40f6b2fc2795fd8c454e37fc4a4ad8d11471cb3b7d8

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
593
Expires
Wed, 28 Apr 2021 02:31:34 GMT
ptv
secure.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=18700257&cb=9577094325
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.246:80
AN-X-Request-Uuid
a97ddb41-8b51-4f29-87cb-c7189f4ccca6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 8446 		265 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f552246407a4f8b34a08fc42783296a8579d8f934081a0086cf37d051f334d6d

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyId3wRLZKV3YHMPWXEBJSRZDfsWyiZzWfD38WZRXe5q2rPEexeRnxUZObbKIXsCxAztN8PKrIaVyKL9gDTgY9oYLL5nw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
85397
last-modified
Wed, 21 Apr 2021 06:01:48 GMT
server
UploadServer
etag
"b80011497556c9d2e7a91056588d67c1"
vary
Accept-Encoding
x-goog-hash
crc32c=dVs1tg==, md5=uAARSXVWydLnqRBWWI1nwQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984908608984
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
85397
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 28 Apr 2021 02:36:34 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1619577094327&asid=5e7b346a41db963e5530bdd4%2C5e7b352d1565c6447b6a2628%2C5ef9d08fdd1a46098e00694b%2C5f0da1c2beb9f87bda10ec76%2C5eb2573b1dc9772a927acfc7%2C5e7b1bc4b825ae275f59ce86%2C5f90340e3ea0b37d63229268%2C5e7b1ed1c4933477bd298304%2C5e7b1c06634df5450945753d&ofpr=%2C4.5%2C%2C4.5%2C4.5%2C%2C4.5%2C4.5%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
impression
api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/ Frame 1929 		2 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/impression?source=3634588&pick=&rm=50.1.1&cm=0.0.0&channel=List_article_bottom.vpos_70&reco_type=hot-items&cid=40951584.1619577090134&widget_id=1oVpxdlP&reco_list_lz=NobwRAlgJmBcYGYBsAmAHKtYA0YC2ApgC4AWA9jPAKwAMAdAIyNgC%2B240ciSCA7ClV458xcpTC1GzNh3HIBAFnTDCpCl0lMGrdpDk8kSBkNyqxG%2Blp2yuyBFQUBOLKdHrql6bs7w7vVAoqbuKaXja%2BPFRUaDRBaiGe2jJ6tkg0vGgo2q7xFlJJ3vp8GVRx5h751ikR9gwILiK5FVbJPtzF9WXuEolVbXYxTl0Jla36DI40jijDeS0AukA&uri=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
*/*
Referer
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
request
sp-api.dable.io/services/storm.mg/users/40951584.1619577090134/campaigns/w09qVGR7yIV8/contents/z6Pz248EPF8w/ Frame 1929 		35 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-api.dable.io/services/storm.mg/users/40951584.1619577090134/campaigns/w09qVGR7yIV8/contents/z6Pz248EPF8w/request?q=N4IgxglgJiBcIBYAMBOArARjQDgQOgwDYN0B2U1JDAZgRABoQB3aAcwFMAXAfWjhAwB7AGoAHAB5QANgAUGIAE7sAjgFd2AZx594ggFoBFAPIAhQYQNJVAEQCiygNIAvALLylazT04QAtuzgiEjRyVCwUACZGDUFVBTAA%2BGpCWhxseX9OAAtBGHgMAjwkeTAsgEMAOwr2KX4AGQgtbjKFHzApdm4AI0FOTkFfPAA3UUENbgp5dnFRCCU8kAB1digAAgBBUQVViOwdpAiMVYPYagxTo4BxFwAVAGokR%2BLGOIh%2BLL7RDVgAeh%2BmAF4LSCBSDXysH5SCAAMy8AE8Oj9kqlsOlGBAKkN2BV%2Bgo4bwFoQIkhCAAfIRiSSyeT9ThlKTcURlDiBRhMlmwDDRCBORJREAaKS9VmKSoAazgSHRnHYvm4YDKnH4gAqMwD4roBuW3kPSg%2BI6FVY2Tg2BCAF8gA&is_gif=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.209.165.138 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-209-165-138.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://api.dable.io/widgets/id/1oVpxdlP/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_1oVpxdlP&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=380&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-type
image/gif
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://img.scupio.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://img.scupio.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1834
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
currency.json
img.scupio.com/js/config/ Frame BD16 		108 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
156bdf38080c004b5bfd0c8ce46ed24740f5f38945369ac7d916782556860e69

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 02:28:39 GMT
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 19:15:45 GMT
server
nginx/1.12.1
age
234
etag
"608862e1-6c"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
spkJe8Tj4tS0IHxL1TF1B4Yba0jNoc7I-Yx0VVSdI_GWjFxMhT3uJg==
expires
Wed, 28 Apr 2021 05:27:40 GMT
sid
mug.criteo.com/ Frame BD16
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
  • https://mug.criteo.com/sid?cpp=ud1FD3xxeUVuQXM4aEtHTHJReG1PdzgwUzN0WEpEQjFjSEVkTWI2TDkrZ2JMWnFFRWh3d01tR2JnVW9DaThlMGJLMWlUczFnNWVrSjJFcVJwN1RoNDNXZ2RyY0xBSFN0bVlHQ0Fja0EzZ1ZJWkJ1VkFVRWdUdXdkZjc0QW...
350 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ud1FD3xxeUVuQXM4aEtHTHJReG1PdzgwUzN0WEpEQjFjSEVkTWI2TDkrZ2JMWnFFRWh3d01tR2JnVW9DaThlMGJLMWlUczFnNWVrSjJFcVJwN1RoNDNXZ2RyY0xBSFN0bVlHQ0Fja0EzZ1ZJWkJ1VkFVRWdUdXdkZjc0QWlLNDN1TTdJbnB4SHhNSytvUVk2WkFMQVU4U2xDRGQxaGwyVDc2QXphd2FBSGdFc2ZydFV2dzk0TE1zTnZwUWhJR3hhK09GcTl1VXRLQy96YTRkUTA5QmZxNXE1ZmxTSFFtVVNYbmUwNVFvTGpXNWxPMTlBPXw&cppv=2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
63ad43322b006bf77c4e2b36c2c7fa7dad1e1da5282902036ddb440ff334dd3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 28 Apr 2021 02:31:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2847
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Apr 2021 02:31:34 GMT
location
https://mug.criteo.com/sid?cpp=ud1FD3xxeUVuQXM4aEtHTHJReG1PdzgwUzN0WEpEQjFjSEVkTWI2TDkrZ2JMWnFFRWh3d01tR2JnVW9DaThlMGJLMWlUczFnNWVrSjJFcVJwN1RoNDNXZ2RyY0xBSFN0bVlHQ0Fja0EzZ1ZJWkJ1VkFVRWdUdXdkZjc0QWlLNDN1TTdJbnB4SHhNSytvUVk2WkFMQVU4U2xDRGQxaGwyVDc2QXphd2FBSGdFc2ZydFV2dzk0TE1zTnZwUWhJR3hhK09GcTl1VXRLQy96YTRkUTA5QmZxNXE1ZmxTSFFtVVNYbmUwNVFvTGpXNWxPMTlBPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1620
content-length
482
expires
0
prebid.json
ad.holmesmind.com/adserver/ Frame BD16 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BD16 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=9&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg%2F&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=6af1bbd9-d3d3-4bad-9d75-0c9c3cabd134&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.5549002538247905
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b7944543f8f03e3681933e4deec312a3cba365795a7082a30a3ea75869bc7d11

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame BD16 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame BD16 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=99840826279
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:33 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.aspx
prebid.scupio.com/recweb/ Frame BD16 		0
0
header
hb.aralego.com/ Frame BD16 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-BE7E923BDBB9ADAD177EAB449A48EA7B&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=e6e2ad15-f4a5-4636-bfc8-44e218ba75cf&w=160&h=600
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:34 GMT
access-control-allow-credentials
true
connection
close
view
securepubads.g.doubleclick.net/pcs/ Frame 2F50 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjste4j4bH3uq1Q3hD3MIoZnc2qJRoof6wKiuduIHglddRLjPnW5H6ctQpau4_bDGJmmu__KL9s4B4KO2YwWzPZPcA0OKCSmB5IijYJzKyg-kbO5794jN0BGmevXmLuR1qYRdyh_bEWJWFJ_KCKxnGAI3AJDGFK92bLjI-rrd2lkNXe1PKgjna8Kp8igFZyLXfsV3ZtFOM4NVMXq5juQr23iDQH0hj-jAr2-JfGMemNwipVv38FYEa-yUmJbkUMqLWWPDxnoL16Ga-Ip01vNoEiswrj7ZAYFOgblwJhZ3vFZgqBNDLM91EHuwnNgAgcWOWw&sig=Cg0ArKJSzFhYk-Vjacv-EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4DAB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu51oBRWP3ySfz_c5siTWhmZ_7maXdbG34cDgck6gtatX8-6PvuxOMBBeBCRXkK8C26VLZlXXRuMvoX82NVdS9x7EyQsHf5KlzZE8nvsYnvvtMyyAWIn7OZiSz5vHu-kDKeo-KH8gsy7cKES0L3VbXi3HMw7ySibbpLbN2MnFMM2bOtCj0iv6qe60Zova-bHh9TL2OoUjgwECuK3JXEjjZ86O2KJ8dikTtOI-lWg-b4-ow1kK70PU0Ub29olrgp91-14Yq7WqeRdtQiKVZTGZeLAQd_UM_3mgT-5wEHALufw-djbIRXac_ALDB0xA&sig=Cg0ArKJSzHres5Vcqe4xEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:34 GMT
impression
api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/ Frame FFD7 		2 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/impression?source=3634588&pick=&rm=10.1.5&cm=0.0.0&channel=Cross_PC.1_4&reco_type=personalized-related-news&cid=40951584.1619577090134&widget_id=y74wWAoV&reco_list_lz=NobwRAlgJmBcYGYBsAmADAdjQFjAGjAFsBTAFwAsB7GeARjQDpaGBWMAXz3GjkVRRZJa%2BImSo0w9Jqw5dIEhCwCcqFihEkK1XlOZtO3BUjQpsaJRrHa6jPbMO9FKlCstaJumQfmPjLbLQAHG7iOrZecjzwTi6BwQSaoTbS%2BpEKyjgoCCHWkuGpDtFCCNgswglWHvn2PtHK2ALZFe5hKRwAukA&uri=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
*/*
Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
request
sp-api.dable.io/services/storm.mg/users/40951584.1619577090134/campaigns/w09qVGR7yIV8/contents/BromKXqMpT8E/ Frame FFD7 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-api.dable.io/services/storm.mg/users/40951584.1619577090134/campaigns/w09qVGR7yIV8/contents/BromKXqMpT8E/request?q=N4IgxglgJiBcIBYAMBOArARjQDgQOgwDYN0B2U1JDAZgRABoQB3aAcwFMAXAfWjhACepBEwDqAQQD2ANQYgATuwCOAV3YBnHn3iSAWgEUA8gCFJ4gHIZO8gJoBrAHaEHcxao09OEALbs4REjRyVBpsakZ1SRV5MD94akJaHGw5X04AC0kYeAwCPCQ5MHSAQwcHdgAbfgBheUl1dW4ABWqCbjpGdgAPAAcIRWyQUXYoAAJxHvlRgCZsGaRpjFGF2GoMVaWAcQBZABUAaiQjgsZoiH50zk4e9VgAejumJ7xNSXlvPG9WO4qIADMPAIKuw7gkktgUowIA4AG7sBycN4CXiDQjTJCEAA%2BQhEEhkckRnGKFW4PWKHDg00YZIpsAwEQgAC84lSQOoKpJOP5GPJSnY4EgoZx2N5uGBilz4IAKjMA%2BK6Abls5AAjLLI4EOVgZODYIIAXyAA&is_gif=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.209.165.138 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-209-165-138.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://api.dable.io/widgets/id/y74wWAoV/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_y74wWAoV&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=760&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-type
image/gif
server
nginx
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/ Frame 85E3 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a622399a4b0a279b22545142a1cccb503cd4684ea96b43cd879810b7a0ffd661
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/9715148502272904443/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3486
date
Tue, 27 Apr 2021 02:49:34 GMT
expires
Wed, 27 Apr 2022 02:49:34 GMT
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
85320
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 89FC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXOIJBMmIYJj3HJOU3wP67ZPoB5uJrPdh05HU4L4Nlt3lt-wYEAEgsI3vemC5-MeA3AGgAZP8pKIDyAEJqQJW5zuMzUi0PuACAKgDAcgDCKoE6AFP0ClhDQECV_WIAIVzqtEHlbX0YkA4GD9UP6XjnQTWtpV-z08rHqzj4kixwFQHORHG6XGroocIv3bQ7sSB1pPhQu4PLpzDc-l3qs6HEq-vagTLdwTrjNEbOeGy3b1yuEbVwGwWV8EdysvgE2Doy7CIR3cd1cl2LlU1KURz3hxe-U0U1Z6lv_BuM0XddTspVI9pVyHdTfgP-lwLUyUU6zJM-nWriRnw1fS_fDgfbxq45jzBLIDGwnbJXLm3BCAnSmizE57y8xae23lLkGY3eivNZedpeM_54XIFAJXgYEZzhhT1DMeGaJwtwATgmLKY-QLgBAGSBQQIBBgBkgUECAUYBKAGLoAH1YPbXagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDowQvSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg2MDY2MTMyNzc2ODQ4OTaACgPICwHYEw2yFxoKGAgAEhRwdWItODM3MTc0OTI2NzE5MTcyOQ&sigh=E45KWh8zKMs&template_id=419
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 89FC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
URL: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:23:06 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 89FC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
URL: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 89FC 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
URL: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 89FC 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
URL: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:41:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 7323 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10838
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1F29 		783 B
812 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0badd1624b98fcec8556e69f7dbe63f29fe9df990ebe3b538f8154fdab2cb077
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vyXNS+iwFfmQW0f2yl8I2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

expires
Wed, 28 Apr 2021 02:31:34 GMT
date
Wed, 28 Apr 2021 02:31:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vyXNS+iwFfmQW0f2yl8I2Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://img.scupio.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://img.scupio.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1536
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
currency.json
img.scupio.com/js/config/ Frame CAC6 		108 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
156bdf38080c004b5bfd0c8ce46ed24740f5f38945369ac7d916782556860e69

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 02:28:39 GMT
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 19:15:45 GMT
server
nginx/1.12.1
age
234
etag
"608862e1-6c"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
2d2hre-k9wLrS_adzurc5QgOcMsVV-ikyzDn08YbADsvQf5SfeBJfg==
expires
Wed, 28 Apr 2021 05:27:40 GMT
sid
mug.criteo.com/ Frame CAC6
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
  • https://mug.criteo.com/sid?cpp=HElxdXxyVUxaREtIRFY3SC9lVkJzRStCTHJJZjhUZkUzcHUydThEbHJXSDBEYy9MVWdrUzRIQ251UTUwNDl5S0Z5ZURoOE9LbVRWV0wyWmU0TFljUG5VVW9pUlpGVGthbU5MdS9ZQlUxSU94UDlVaVBxYW5WeGVISUFvZG...
356 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HElxdXxyVUxaREtIRFY3SC9lVkJzRStCTHJJZjhUZkUzcHUydThEbHJXSDBEYy9MVWdrUzRIQ251UTUwNDl5S0Z5ZURoOE9LbVRWV0wyWmU0TFljUG5VVW9pUlpGVGthbU5MdS9ZQlUxSU94UDlVaVBxYW5WeGVISUFvZGEyTUxSRFM1Z29DT0FuSTJiSFhvWk95c28vMUp2Zy9wVWQ0MDBvY1RFbW8zbWZRNk5HTUVVeWhtR1ppSHpJQzhMRWc1MDVTcnVtMlVGZ2FiR1VtOHp5R2VlanpVc1hMTmNHSkx5eVBMNFFGU2ZPdVVjRE5FPXw&cppv=2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f3d4cc027a4bd44718916c10794829c1f06009be51e392c7e003ff81a09d20eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 28 Apr 2021 02:31:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2111
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Apr 2021 02:31:34 GMT
location
https://mug.criteo.com/sid?cpp=HElxdXxyVUxaREtIRFY3SC9lVkJzRStCTHJJZjhUZkUzcHUydThEbHJXSDBEYy9MVWdrUzRIQ251UTUwNDl5S0Z5ZURoOE9LbVRWV0wyWmU0TFljUG5VVW9pUlpGVGthbU5MdS9ZQlUxSU94UDlVaVBxYW5WeGVISUFvZGEyTUxSRFM1Z29DT0FuSTJiSFhvWk95c28vMUp2Zy9wVWQ0MDBvY1RFbW8zbWZRNk5HTUVVeWhtR1ppSHpJQzhMRWc1MDVTcnVtMlVGZ2FiR1VtOHp5R2VlanpVc1hMTmNHSkx5eVBMNFFGU2ZPdVVjRE5FPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1402
content-length
482
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame CAC6 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame CAC6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.42442712097995083
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
244f7ca14e500da2db41b474f1ae53bfb4ae399c3d9e36d7e9608b3d808276c2

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1628
header
hb.aralego.com/ Frame CAC6 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-62723BAEE27B738E1228B894272B3EB&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=c56017ba-bed8-4141-b4f9-c3ec491a9d56&w=336&h=280
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
connection
close
cdb
bidder.criteo.com/ Frame CAC6 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=20943505333
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:34 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bid
ad2.apx.appier.net/v1/prebid/ Frame CAC6 		0
0
prebid.json
ad.holmesmind.com/adserver/ Frame CAC6 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1619577094399&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
6036237b63b1af989784217a45200bee32572b2bda8daf26f372c139be397a76

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CAC6 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=16&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=cbf31fe2-e048-4f5f-b103-8a7e90cbc989&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.8701280988649653
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ccd4de925fdcf3b6de31ccc8e58e176879dedd2c6dc19cae65e7e89f2e340d4e

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://img.scupio.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://img.scupio.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1648
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
currency.json
img.scupio.com/js/config/ Frame 5774 		108 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
156bdf38080c004b5bfd0c8ce46ed24740f5f38945369ac7d916782556860e69

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 02:28:39 GMT
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 19:15:45 GMT
server
nginx/1.12.1
age
234
etag
"608862e1-6c"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
XlE8vQq-UJ4rlDYXWgW-lP2IzHWh73As3Gz3TFM-ZyZSYOZsdTwTZg==
expires
Wed, 28 Apr 2021 05:27:40 GMT
sid
mug.criteo.com/ Frame 5774
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
  • https://mug.criteo.com/sid?cpp=Yo9c5XxWcURtMEhpb1ZCN1ZCZENZSXJ5ekR5ZTBxRGlJWTUwY1BCS3czMmJURzdlVkdZSG5mVHY4TWwwNnlNdmxHSlh0TURoS1BNS0ZFS1dOOHlXZnFGTUNqYi9hMnA2ZElxOVZHdjRpRnNUMkY5U3JjSnNlMXlzcnZBUz...
358 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Yo9c5XxWcURtMEhpb1ZCN1ZCZENZSXJ5ekR5ZTBxRGlJWTUwY1BCS3czMmJURzdlVkdZSG5mVHY4TWwwNnlNdmxHSlh0TURoS1BNS0ZFS1dOOHlXZnFGTUNqYi9hMnA2ZElxOVZHdjRpRnNUMkY5U3JjSnNlMXlzcnZBUzJNdU5rQ0x4dmJJdmpaTk9DMEt3bFVLTTc3SGJsdWNRT3RZdkZKKzVHV2kwY2V0RHpZdHBxVFFPM1JFOTloUC9PRzFxbzAwL0FBMEMzYW5acUsvODljZXRQM0I3K2hhY2preS92NEFnZXNzcHIrcE42cFNJPXw&cppv=2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
ab68148e458b1cc15545201921726abe01f830cf254f33c6d72db9a419fdc5f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 28 Apr 2021 02:31:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2737
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Apr 2021 02:31:34 GMT
location
https://mug.criteo.com/sid?cpp=Yo9c5XxWcURtMEhpb1ZCN1ZCZENZSXJ5ekR5ZTBxRGlJWTUwY1BCS3czMmJURzdlVkdZSG5mVHY4TWwwNnlNdmxHSlh0TURoS1BNS0ZFS1dOOHlXZnFGTUNqYi9hMnA2ZElxOVZHdjRpRnNUMkY5U3JjSnNlMXlzcnZBUzJNdU5rQ0x4dmJJdmpaTk9DMEt3bFVLTTc3SGJsdWNRT3RZdkZKKzVHV2kwY2V0RHpZdHBxVFFPM1JFOTloUC9PRzFxbzAwL0FBMEMzYW5acUsvODljZXRQM0I3K2hhY2preS92NEFnZXNzcHIrcE42cFNJPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1794
content-length
482
expires
0
cdb
bidder.criteo.com/ Frame 5774 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=87710174440
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:34 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
header
hb.aralego.com/ Frame 5774 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-62723BAEE27B738E1228B894272B3EB&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=f1ed5f89-e37a-45b0-9837-47ad18de5029&w=336&h=280
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame 5774 		0
0
prebid.json
ad.holmesmind.com/adserver/ Frame 5774 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1619577094407&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
35c358ecf54dc1f9ab11ffa976bbadf8c60708a1ea7aca23fb5fb01e852d8f6e

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
bid
ad2.apx.appier.net/v1/prebid/ Frame 5774 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5774 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=16&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=d64f97e2-539a-4214-80c4-a67cb2a6c611&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.9295325164225796
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
33151a71fe7134c6e14f52518d578a595c9704e620265d98be293dce7ffdcfbc

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 5774 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
71887a7000c4565ff13cb7856d492ea6ab3f7b032c95625d48580fbc5925d4c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.244:80
AN-X-Request-Uuid
080e63b9-9890-40aa-87d1-d0d4f50301fa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/203181/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203181/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
pragma
no-cache
date
Wed, 28 Apr 2021 02:31:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
openrtb
ads.adaptv.advertising.com/rtb/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
date
Wed, 28 Apr 2021 02:31:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
07e0b23c0678ed0d686efc05114548ecea6dcd2186c18df92a3254a864b5e179
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:34 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.134:80
AN-X-Request-Uuid
6d66ce4f-857b-4976-8b15-4abf9a75317d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ud1FD3xxeUVuQXM4aEtHTHJReG1PdzgwUzN0WEpEQjFjSEVkTWI2TDkrZ2JMWnFFRWh3d01tR2JnVW9DaThlMGJLMWlUczFnNWVrSjJFcVJwN1RoNDNXZ2RyY0xBSFN0bVlHQ0Fja0EzZ1ZJWkJ1VkFVRWdUdXdkZjc0QWlLNDN1TTdJbnB4SHhNSytvUVk2WkFMQVU4U2xDRGQxaGwyVDc2QXphd2FBSGdFc2ZydFV2dzk0TE1zTnZwUWhJR3hhK09GcTl1VXRLQy96YTRkUTA5QmZxNXE1ZmxTSFFtVVNYbmUwNVFvTGpXNWxPMTlBPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1230
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 5E72 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkr8gA3QjKUmmu-RwgQS442C86w2Cuqa34YgHe-lqR-WSeQ2MnVCJbOFs_zs1Nm8fyTc5juyQubnR4GJDZzybJ4IqYwjeTRvzJqLh-YCg4xf3-10QcY67KUP-dXPk135NooTyihZnn9VX1002Gywa6ojD9hzxhy1AbPmoI3ONjW5jXsD5fNfHMHdPH70YnFSasz4HYlcovOzpJbKEzhBEzX9nCXIX0fAYvcwN81HkuGqwHJQqyndJotOszLYrOHvTzoeAhuX4vJbgXs2G1If0CgPamPOoQ_nZZGMSKdYNiT2tzXknxWyeMd3g4AQ&sig=Cg0ArKJSzGhq6RG5213wEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:34 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/ Frame 19BC 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a622399a4b0a279b22545142a1cccb503cd4684ea96b43cd879810b7a0ffd661
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/9715148502272904443/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3486
date
Tue, 27 Apr 2021 02:49:34 GMT
expires
Wed, 27 Apr 2022 02:49:34 GMT
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
85320
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 93C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYvcdBMmIYOOhM5jw3gOwtKmgDJuJrPdh05HU4L4Nlt3lt-wYEAEgsI3vemC5-MeA3AGgAZP8pKIDyAEJqQJW5zuMzUi0PuACAKgDAcgDCKoE6AFP0PPpMEdd4je7GSRiPpw7ICUn_2bpD1Gi0fUEoaJ8GYf3oMSMUBPIEP5vM7ZsTUU9P7s7yyGHn5_XdlmiFloWR6nRhNHm1Ci5ZWL3b1WEe1utv8YeIgKlZsivutjnWUaXO6y6YNPjbDE9x-0-bx9TrIR7RZA61oR1QAL2KmYs4u_P1EKkZPv4vEH6oeSlj3nPOx-hhei26IKiDZiXaL7ecgdcrCV_FAVveO1tbHvjXkxHCrIHxcy77bdVi2V0kBX-vCg9AbgG3Djgm-n46bg0tnv4PlOAalObY1kyoiYI2xYLFU9WNX9wwATgmLKY-QLgBAGSBQQIBBgBkgUECAUYBKAGLoAH1YPbXagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tODYwNjYxMzI3NzY4NDg5NoAKA8gLAdgTDbIXGgoYCAASFHB1Yi04MzcxNzQ5MjY3MTkxNzI5&sigh=LGr-qhyAkeA&template_id=419
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 93C9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:30:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
12352184217982932987
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 02:30:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 93C9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:48:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:48:44 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93C9 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619188777539687"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36031
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:34 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 93C9 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:41:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5604
x-xss-protection
0
server
cafe
etag
2846967340006788112
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 12 May 2021 01:41:38 GMT
l
www.google.com/ads/measurement/ Frame 93C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSdDvTe3MR04kW3utlOr5R-c3Ql_8MZ5c3wjzGQnyAQcS5jWHd2i4WTQ5zfkzx5V_7zApoh_ngN3P_GT_kI1RfaUahT4A
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HElxdXxyVUxaREtIRFY3SC9lVkJzRStCTHJJZjhUZkUzcHUydThEbHJXSDBEYy9MVWdrUzRIQ251UTUwNDl5S0Z5ZURoOE9LbVRWV0wyWmU0TFljUG5VVW9pUlpGVGthbU5MdS9ZQlUxSU94UDlVaVBxYW5WeGVISUFvZGEyTUxSRFM1Z29DT0FuSTJiSFhvWk95c28vMUp2Zy9wVWQ0MDBvY1RFbW8zbWZRNk5HTUVVeWhtR1ppSHpJQzhMRWc1MDVTcnVtMlVGZ2FiR1VtOHp5R2VlanpVc1hMTmNHSkx5eVBMNFFGU2ZPdVVjRE5FPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
904
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Yo9c5XxWcURtMEhpb1ZCN1ZCZENZSXJ5ekR5ZTBxRGlJWTUwY1BCS3czMmJURzdlVkdZSG5mVHY4TWwwNnlNdmxHSlh0TURoS1BNS0ZFS1dOOHlXZnFGTUNqYi9hMnA2ZElxOVZHdjRpRnNUMkY5U3JjSnNlMXlzcnZBUzJNdU5rQ0x4dmJJdmpaTk9DMEt3bFVLTTc3SGJsdWNRT3RZdkZKKzVHV2kwY2V0RHpZdHBxVFFPM1JFOTloUC9PRzFxbzAwL0FBMEMzYW5acUsvODljZXRQM0I3K2hhY2preS92NEFnZXNzcHIrcE42cFNJPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1095
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
impression
api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/ Frame DBC8 		2 B
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/logs/services/storm.mg/users/40951584.1619577090134/impression?source=3634588&pick=&rm=30.50.6&cm=0.0.0&channel=Article_bottom.AD_box_transparent&reco_type=personalized-related-news&cid=40951584.1619577090134&widget_id=KoEeAWoB&reco_list_lz=NobwRAlgJmBcYGYBsCDsSBMAWMAaMAtgKYAuAFgPYzwIAMAdAKwNJgC%2Bu40cijAHH3SM8hUpWqIGzeqw5cJyBIywBOPiOLkqPOkxbtOkBSkbYEGsdppT9cozqQBGPo34WtCmzIPydjVK4qqO7iOl6yhtw0TrQYqI4hVpJ63nZRiCiotCqs%2BJqh1ikRvjT8LqgqiZ5FPvalWEh8dFVhNWnGSo4q5nmW1dLFdRmOtHy0wb0erQO16cgYzIyVkwXJM%2B1%2BArRYPaJTheuRxhhIQct7q7qHJRlKcbkXSVe2Rw6dCOorT%2BGzHUsIOC%2B-ReN0USCcE0ewNSr2i4z4GASQOmIKGilQC0h%2BW%2BbVhtxctAe2OhgzmSEJaiJfRRMNB5P8CCRUJppI6qCwjCZxJZvzeHOwLQOqLJGD4mE%2BzKFtLRmCw7OEyKlrIcGAQKloCsla2FCkYSH4qkF2ulZIQZoERueJuOSA5gK1VuV0UZ2y51KVvOdfEcSktPw2cOU2T9uLpzkc-hD1xlaFQHyjOocGq69u5HoDGQWC3OaeNTt4qDFKjd%2BzzntuC0Yu1zjvYAF0gA&uri=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
*/*
Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
text/plain; charset=utf-8
request
sp-api.dable.io/services/storm.mg/users/40951584.1619577090134/campaigns/w09qVGR7yIV8/contents/Z8OnlGy7Wh04/ Frame DBC8 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp-api.dable.io/services/storm.mg/users/40951584.1619577090134/campaigns/w09qVGR7yIV8/contents/Z8OnlGy7Wh04/request?q=N4IgxglgJiBcIBYAMBOArARjQDgQOgwDYN0B2U1JDAZgRABoQB3aAcwFMAXAfWjhADSAewCi7AIIB1IQCEGIAE7sAjgFd2AZx594TJAFsA1gDkAXgCUBIzgDcANghkB5SfKVrNPThH3s4REjRyVAxSGkYNIVUFMD94akJaHGx5X04ACyEYeAwCPCR5MHSAQwA7UvY7fnEFbzA7dm4AIyFOTiF9PHEAEWahAA9uTgUyjQAHYqVSznl2frGIJWyQSXYoAAJxMYV1gCZsPaRdjHWj2GoMc5OAcQBZABUAaiQXgsZoiH50trGNWAB6f5MYF4LRCBSdfSsf52CAAM08AE8Gv8EklsClGBBSjZ2NNwYjeMtCLskIQAD7CMRSWTydqcYp2bgTDhwaiMFlxDARCCmOK7CJ2Vr%2BRgjUqGOBILGcdj6bhgYozeCACozAPiugG5beQtKCEhqlVgZODYIIAXyAA&is_gif=1
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.209.165.138 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-209-165-138.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://api.dable.io/widgets/id/KoEeAWoB/users/40951584.1619577090134?from=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&ref=&cid=40951584.1619577090134&uid=40951584.1619577090134&site=storm.mg&id=dablewidget_KoEeAWoB&category1=%E9%A2%A8%E7%94%9F%E6%B4%BB&ad_params=%7B%7D&item_id=3634588&pixel_ratio=1&client_width=820&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-type
image/gif
server
nginx
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
Protocol
H2
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://img.scupio.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://img.scupio.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1459
date
Wed, 28 Apr 2021 02:31:34 GMT
content-encoding
gzip
vary
Accept-Encoding
currency.json
img.scupio.com/js/config/ Frame 06AD 		108 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
156bdf38080c004b5bfd0c8ce46ed24740f5f38945369ac7d916782556860e69

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.55
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 28 Apr 2021 02:28:39 GMT
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
last-modified
Tue, 27 Apr 2021 19:15:45 GMT
server
nginx/1.12.1
age
235
etag
"608862e1-6c"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
108
x-amz-cf-id
MWh9LGuN7W8VTTZiGJdzV_HlTDZ7VFNH--4OSNC6TvRvtIZRfR3foA==
expires
Wed, 28 Apr 2021 05:27:40 GMT
sid
mug.criteo.com/ Frame 06AD
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.storm.mg%2F&domain=img.scupio.com&cw=1
  • https://mug.criteo.com/sid?cpp=E8Kqa3xhb2dmOExndjNPbFMrWkpKbDQvTStFUkF1NmtnUlluNEZaR0NudHBKa2RRWHhDWFBFem5xQUxhQTZWcjR3aHl6b3Z5TkxoTzVEYVl1L0FETC96VWRVTXJ2WDJsSUk0QTRicURZQ2FqNkpVVjJlZUhuWVh2Zi9PQn...
353 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=E8Kqa3xhb2dmOExndjNPbFMrWkpKbDQvTStFUkF1NmtnUlluNEZaR0NudHBKa2RRWHhDWFBFem5xQUxhQTZWcjR3aHl6b3Z5TkxoTzVEYVl1L0FETC96VWRVTXJ2WDJsSUk0QTRicURZQ2FqNkpVVjJlZUhuWVh2Zi9PQnB2SXB2ZThpS3ZXeWx3NXpnZ2lrSm5VdE9qaWRUUEovV3c3d3RyY00xT1huTldNRUJQaStmRkNvR3p0WDE4bU9IZFlkMUZ2MHRheVFmZkZzN0RBUWU5b0VXcm80S0dIbzBJaGowMnJWWmV2K0xuTFE1T2tFPXw&cppv=2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
8bc3c8a0714acaa44b769b97c4191bc7f39ace808f4d0187afcdca5d0d3ce92c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Wed, 28 Apr 2021 02:31:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2034
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Apr 2021 02:31:34 GMT
location
https://mug.criteo.com/sid?cpp=E8Kqa3xhb2dmOExndjNPbFMrWkpKbDQvTStFUkF1NmtnUlluNEZaR0NudHBKa2RRWHhDWFBFem5xQUxhQTZWcjR3aHl6b3Z5TkxoTzVEYVl1L0FETC96VWRVTXJ2WDJsSUk0QTRicURZQ2FqNkpVVjJlZUhuWVh2Zi9PQnB2SXB2ZThpS3ZXeWx3NXpnZ2lrSm5VdE9qaWRUUEovV3c3d3RyY00xT1huTldNRUJQaStmRkNvR3p0WDE4bU9IZFlkMUZ2MHRheVFmZkZzN0RBUWU5b0VXcm80S0dIbzBJaGowMnJWWmV2K0xuTFE1T2tFPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1889
content-length
482
expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 06AD 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
header
hb.aralego.com/ Frame 06AD 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2BB74E8972A4B931E876EBEE3693A6&tdid=&schain=1.0%2C1!scupio.com%2C3721%2C1%2C%2C%2C&fp=undefined&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fwww.storm.mg&ucfUid=bb3487c9-f26a-4d35-9960-8cb3e0c23500&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Hyattsville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
access-control-allow-credentials
true
connection
close
bid
ad2.apx.appier.net/v1/prebid/ Frame 06AD 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 06AD 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169834&zone_id=818672&size_id=15&rp_schain=1.0,1!scupio.com,3721,1,,,&rf=https%3A%2F%2Fwww.storm.mg&tk_flint=pbjs_lite_v4.30.0-pre&x_source.tid=fc99e61a-5a92-4ae2-a907-2382401748e5&p_screen_res=1600x1200&rp_secure=1&slots=1&rand=0.41180997673365627
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
300df92095d6ff7978dcd182fe7dd96fd5a108797006ef95a0685aca6cf104e6

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid.json
ad.holmesmind.com/adserver/ Frame 06AD 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1619577094638&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9e7e9f7a519a5afeb72daacee64e924d7f922bac38631a9ff3f5a51ecc403098

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cdb
bidder.criteo.com/ Frame 06AD 		0
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.30.0-pre&cb=13820686932
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Wed, 28 Apr 2021 02:31:34 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid.aspx
prebid.scupio.com/recweb/ Frame 06AD 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7114013415187399
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.34 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 643E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9ZqpQ-u7lkmW56HQ-84QDuwzSKDH_anZfDfJCtQMh3AuRMv63gWWoziOtuEluQv8A9kGvMwjhMvxdueP26JqkIOiX7T2taS5NgFlTE7a1JWKUoRfrrLrPpyfJOM6dQG_UCDJNxKPhcvo0k_NhwcePnOmLLaFkQjbYVU6TYJXazEnpmqPL3_18XpBnM6VtEStneBq_T7DUMLAVLO88pNd0UJauXepW4tO6LMCYfXBbHjI61HelDy3OUk3oef9DIxECVQCn_zegFgwgB8w7NfNgse2kt9FjQdgNuA9MQt6-8gB3YmgCgK4Mu50O7LutXr7c&sig=Cg0ArKJSzNEWUUlxzq78EAE&urlfix=1&adurl=
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:35 GMT
truncated
/ Frame 643E 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f949b99d6501fcfbf2d40d0bf0d2b6b189a25f245f62c9070b463752bae93eba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 22:06:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
447915
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
expires
Fri, 22 Apr 2022 22:06:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:29:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
age
255721
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:29:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
age
471326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:09 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:08:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
age
87782
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:08:33 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:49:06 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
20549
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52844
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:49:06 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 02:07:17 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:01 GMT
server
sffe
age
519858
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50784
x-xss-protection
0
expires
Fri, 22 Apr 2022 02:07:17 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:15 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
471320
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52836
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:15 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
age
471342
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
470853
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:08 GMT
server
sffe
age
21421
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51852
x-xss-protection
0
expires
Wed, 27 Apr 2022 20:34:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame 643E 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 05:47:28 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:10:01 GMT
server
sffe
age
247447
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52988
x-xss-protection
0
expires
Mon, 25 Apr 2022 05:47:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A281 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsshSWHVyUFgVpfvjpt6_aC-Uz7Viq-fgWXd2dxo3lr1240dEw65_ibUVQ0UgBFNQtl9DsMJb3huoO9R-sgio9GgDijW9H84F6eRYvDHkdbrbvivLq_sohRD7LMs-q_XLRoisaQZa8LFKIvDoEDrNoT12u8BuLgcBjBnRNk8-YaO00C0R3Ql-1ZAln08D1jv55_KpQa7d0d4z-g5uKzWNlpLocOB9PcCJUocmOXxHwHYkBtNVxBta4ZBzsnsnessP_qw2LlXU_HV2D-XtMfzbwl84vqtQilR988wjcI1lFch9aMT-Zj6SW186c7fV9P6nLFj&sig=Cg0ArKJSzAWMP8TwuqY9EAE&urlfix=1&uach2=WyJBbmRyb2lkIiwiNy4wIiwiIiwiQlRWLURMMDkiLCI4OC4wLjQzMjQuMTgxIixbXV0&adurl=
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame A281 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ab124cddf3a4b49de6342194137b67540b462cfa1bbd55f72014973593b46f1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame A281 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:36:09 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:08:38 GMT
server
sffe
age
471326
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52792
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:36:09 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=E8Kqa3xhb2dmOExndjNPbFMrWkpKbDQvTStFUkF1NmtnUlluNEZaR0NudHBKa2RRWHhDWFBFem5xQUxhQTZWcjR3aHl6b3Z5TkxoTzVEYVl1L0FETC96VWRVTXJ2WDJsSUk0QTRicURZQ2FqNkpVVjJlZUhuWVh2Zi9PQnB2SXB2ZThpS3ZXeWx3NXpnZ2lrSm5VdE9qaWRUUEovV3c3d3RyY00xT1huTldNRUJQaStmRkNvR3p0WDE4bU9IZFlkMUZ2MHRheVFmZkZzN0RBUWU5b0VXcm80S0dIbzBJaGowMnJWWmV2K0xuTFE1T2tFPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
964
date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
vary
Accept-Encoding
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 85E3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 23:34:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 85E3 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 23:11:01 GMT
02dc0a574402d82c726746f10e3c419f.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/ Frame 85E3 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/02dc0a574402d82c726746f10e3c419f.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1efcfc65a4423dfe5ba0ed5b191a0fdb4e8bc19d3139ccee7240dd00ed27d209
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
472399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19782
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 15:18:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:18:16 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame D23E 		143 B
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
URL: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMZ-3DqBKtilGnOEXHe64AffanQWkYaO4p6Puo0tlKeolNNms_0FpLeP4A3sk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 28 Apr 2021 01:56:55 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2080
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 89FC 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
116f12bd4c52a2ef23e20d1855517c254b0af02eed3394efd71fe98541cbb586

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame A281 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 03:29:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:18:53 GMT
server
sffe
age
255721
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25360
x-xss-protection
0
expires
Mon, 25 Apr 2022 03:29:34 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame A281 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 22:06:20 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:19:55 GMT
server
sffe
age
447915
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43804
x-xss-protection
0
expires
Fri, 22 Apr 2022 22:06:20 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame A281 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:13 GMT
server
sffe
age
471342
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:53 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame A281 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:09:56 GMT
server
sffe
age
470853
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52052
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:02 GMT
-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
fonts.gstatic.com/s/notosanstc/v11/ Frame A281 		52 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v11/-nF7OG829Oofr2wohFbTp9iFOkMQAewlpbGXhhyYs0QF3kPVyLylzU95vTq1Ltj5xQez1g.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosanstc.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 02:08:33 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Nov 2020 04:25:06 GMT
server
sffe
age
87782
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53144
x-xss-protection
0
expires
Wed, 27 Apr 2022 02:08:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 643E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstO8vmyqoJks-0MNB4Tj22WH3Yh3DlTnaMX54BuBx-RZwqWuAOOENR8tZlmop9Iwg5oSKxt3SODhXEJigP6NWnP8vLn4Lu79lYSjROq7RddtlwXMoG3xmtcY7hLjli41tdlqSplVf2O4qQQAd4nUFxPe60XgLl8po7Dv4iIOhHdc7vEleYYfi3LxCb80uciSA52xmtS1OTEKBITfNHKP0xkTL9uz5YQJ8yqM7OQvSZBTMJT8_jljX8SIwI6Dz4oezhVdAibDHdbbGCBNR2f0660qdV4JVSzSDq3abQzQcxUDdRF-8bFkGz3eBroUZTSeCTWAJs&sig=Cg0ArKJSzNxW5ZNOK-lLEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:35 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1619577095311&asid=5e7b346a41db963e5530bdd4%2C5e7b1bc4b825ae275f59ce86%2C5ef9d08fdd1a46098e00694b&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame A281 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZurM3t82ZydkMlEeiXPfu822HmCoAwIrwQ51gYqNQwz9rStIxMl9g78Kjc2-EUWcVg0LkuxZzIi9HCxJvW-r4ZY57GisvQp4MPNzPFqm1DAWRgNGOuujo1Xi_KTEdq_Nl1m-jIAjx5KviNtWNLLgj3YEPfkxfCxO1vMY6RHxhIpe3wwWGMj22Mq-bssjlRkmhERcJGZzO3ZuPfBZg091dCRdySQfehaYfwFU6hG_HMyRnoFqphfgkyKyvrLocD8qc5_SepTfO8iZTU34Yw2Ufo5hZHqLL5JxS9-WC55QU2WjnHnQdEi6DjcpwvmVwuJ33tCA&sig=Cg0ArKJSzAsUo4vv4jGWEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:35 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 333F 		150 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
s
googleads.g.doubleclick.net/pagead/drt/ Frame D8DD 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMZ-3DqBKtilGnOEXHe64AffanQWkYaO4p6Puo0tlKeolNNms_0FpLeP4A3sk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Wed, 28 Apr 2021 01:56:55 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2080
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 93C9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2ab2cc2b6dd8cbb13eab745209c5fd7487b18b0f14872db1224f1feef2930e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 19BC 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:34:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 23:34:05 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 19BC 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:11:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12034
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 28 Apr 2021 23:11:01 GMT
02dc0a574402d82c726746f10e3c419f.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/ Frame 19BC 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/02dc0a574402d82c726746f10e3c419f.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1efcfc65a4423dfe5ba0ed5b191a0fdb4e8bc19d3139ccee7240dd00ed27d209
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
472399
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19782
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 15:18:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:18:16 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame BD16 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.055140671317189804
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
65a2e79effc94b4cc9b1ba76e7d17cd9a9ec867af7791fd68c3d64fbe4811149

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1479
publishertag.prebid.js
static.criteo.net/js/ld/ Frame BD16 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:35 GMT
css
fonts.googleapis.com/ Frame 85E3 		5 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/02dc0a574402d82c726746f10e3c419f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
027c3013857ef1841859edbc475b83a9aa6285d01cf771a8c24f83154fb32e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 00:40:42 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:35 GMT
38349ede9b6ac3e7d49b798914c59b94.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 85E3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/38349ede9b6ac3e7d49b798914c59b94.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a03984b10b32dd354d5037b86d7177b6fbc8577aa4d81f15c9d870be7da2ed6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
449694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 21:36:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:36:41 GMT
b73ccc589bc5439651335d17c2f81275.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 85E3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/b73ccc589bc5439651335d17c2f81275.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa74f95434cc49a876fe89d252b8f933b67b954340c6353675781340b3d8f7d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
471263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2950
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 15:37:12 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:37:12 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame A281 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
URL: https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4fc2efe8d590d037af61708b1ff76c79ca06c4d1c8f7942dd3ab4ae2b48e8ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:57:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2068
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20834
x-xss-protection
0
server
cafe
etag
3643018968265034572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 28 Apr 2021 02:57:07 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 619B 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:35 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 5F17 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:35 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 5774 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7726540802842916
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f4d937ffea77fb48f07d4459a8077e27054614c937ac5f269e77950aae90493d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1480
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5774 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:35 GMT
38349ede9b6ac3e7d49b798914c59b94.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 19BC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/38349ede9b6ac3e7d49b798914c59b94.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/02dc0a574402d82c726746f10e3c419f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a03984b10b32dd354d5037b86d7177b6fbc8577aa4d81f15c9d870be7da2ed6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
449694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 21:36:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:36:41 GMT
b73ccc589bc5439651335d17c2f81275.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 19BC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/b73ccc589bc5439651335d17c2f81275.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/02dc0a574402d82c726746f10e3c419f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa74f95434cc49a876fe89d252b8f933b67b954340c6353675781340b3d8f7d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
471263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2950
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 15:37:12 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:37:12 GMT
css
fonts.googleapis.com/ Frame 19BC 		5 KB
748 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/02dc0a574402d82c726746f10e3c419f.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
027c3013857ef1841859edbc475b83a9aa6285d01cf771a8c24f83154fb32e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Apr 2021 02:04:01 GMT
server
ESF
date
Wed, 28 Apr 2021 02:31:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Apr 2021 02:31:35 GMT
38349ede9b6ac3e7d49b798914c59b94.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 85E3 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/38349ede9b6ac3e7d49b798914c59b94.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a03984b10b32dd354d5037b86d7177b6fbc8577aa4d81f15c9d870be7da2ed6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
449694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 21:36:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:36:41 GMT
b73ccc589bc5439651335d17c2f81275.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 85E3 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/b73ccc589bc5439651335d17c2f81275.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa74f95434cc49a876fe89d252b8f933b67b954340c6353675781340b3d8f7d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
471263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2950
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 15:37:12 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:37:12 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v19/ Frame 85E3 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:51:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:34:59 GMT
server
sffe
age
250782
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21352
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:51:53 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v22/ Frame 85E3 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v22/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4813a05d0d0fb1efdaeb730c134af8a9bfcb824f1993cd66026af4fd50f4b492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:21:44 GMT
server
sffe
age
470850
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13724
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:05 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 85E3 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e3b5da84b51e3034e355b7e9ccd5c263667bfed5d8905728d82a341f55e65a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:49:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:04:01 GMT
server
sffe
age
92510
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19468
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:49:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 385F 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
cbb4c47c1c8ef22efb5eaa7b514338b98b47573cd2dabe1473a9b012129148c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"855 / 602 of 1000 / last-modified: 1619561335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21062
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:35 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1D95 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=75813
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Wed, 28 Apr 2021 02:31:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 333F 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-98c2-5bfeb3aef82b4"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=75813
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
14060
Expires
Wed, 28 Apr 2021 23:35:08 GMT
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 7323 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 10:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
59286
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Wed, 27 Apr 2022 10:03:29 GMT
syncframe
gum.criteo.com/ Frame DC20 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.storm.mg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1653
date
Wed, 28 Apr 2021 02:31:35 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame BD16 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:35 GMT
38349ede9b6ac3e7d49b798914c59b94.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 19BC 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/38349ede9b6ac3e7d49b798914c59b94.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a03984b10b32dd354d5037b86d7177b6fbc8577aa4d81f15c9d870be7da2ed6d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
449694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 21:36:41 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 21:36:41 GMT
b73ccc589bc5439651335d17c2f81275.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/ Frame 19BC 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/media/b73ccc589bc5439651335d17c2f81275.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9715148502272904443/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa74f95434cc49a876fe89d252b8f933b67b954340c6353675781340b3d8f7d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
471263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2950
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 10:07:04 GMT
server
sffe
date
Thu, 22 Apr 2021 15:37:12 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 15:37:12 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
fonts.gstatic.com/s/raleway/v19/ Frame 19BC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 04:51:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:34:59 GMT
server
sffe
age
250782
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21352
x-xss-protection
0
expires
Mon, 25 Apr 2022 04:51:53 GMT
6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2
fonts.gstatic.com/s/quicksand/v22/ Frame 19BC 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v22/6xK-dSZaM9iE8KbpRA_LJ3z8mH9BOJvgkM0o58a-wg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4813a05d0d0fb1efdaeb730c134af8a9bfcb824f1993cd66026af4fd50f4b492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:21:44 GMT
server
sffe
age
470850
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13724
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:05 GMT
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v13/ Frame 19BC 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v13/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjoa4Omb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:700|Quicksand:500|Raleway:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e3b5da84b51e3034e355b7e9ccd5c263667bfed5d8905728d82a341f55e65a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
null
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:49:45 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 22:04:01 GMT
server
sffe
age
92510
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19468
x-xss-protection
0
expires
Wed, 27 Apr 2022 00:49:45 GMT
csi
csi.gstatic.com/ Frame A281 		0
331 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~ko0udx09&ctx=2&qqid=CNOirOnyn_ACFRDjuwgdpbAMBw&met.4=fb.xs~lb.2vw~ol.322~idt.vv~dt.-qu&met.3=739.2vw~738.31x~749.31x_4~740.327~734.32c~740.32r~740.32r~736.34i~735.36x_2~734.37r~740.37v~740.38b~740.38c~113.3cc_6~112.3ca_7~740.3cq&met.1=1.ko0udtny~6.1~7.1~8.1~9.1~10.1~12.2~13.a~14.b~15.96~16.2vw~17.2vx~18.2vx~19.31v~20.31v~21.322~22.2y9~23.2y9&met.7=CBsQCBgBKAEwCzj6HmgCcAp4vRiAAaQYiAHOL7ABAbgBAw~CBsQAhgBIMQJKMQJMNEMOI0DaMUJcNUJeP2cDIABoJwMiAH2lCuwAQG4AQM~CBEQChgBINQJKNQJMN4JOApo1glw3Ql4iTeAAe42iAHjswGwAQG4AQM~CBIQBxgBINQJKNQJMOgJOBNo1glw5wl49QiAAdoIiAGhnwGqAUcKI09wZW4rU2FuczozMDAsNDAwLDQwMGl0YWxpYyw2MDAsNzAwCiBSb2JvdG86MzAwLDQwMCw0MDBpdGFsaWMsNTAwLDcwMLABAbgBAw~CCoQChgBINQJKNQJMO0JOBk~CCIQBBgBIPkcKPkcMKMdOCpogR1wox14IrABAbgBAw~CBMQAhgBIKEdKKEdMLUdOBRopR1wrR146JwDgAG4nAOIAbicA6oBALABAbgBAw~CBMQAhgBINkdKNkdMOIdOAho2x1w4R14s8YBgAGQxgGIAZDGAaoBALABAbgBAw~CBMQAhgBINkdKNkdMOQdOApo2x1w4h14ytYCgAGc1gKIAZzWAqoBALABAbgBAw~CBMQAhgBINodKNodMOUdOAxo2x1w4x14_vECgAHQ8QKIAdDxAqoBALABAbgBAw~CBMQAhgBINodKNodMOYdOAxo2x1w4x14hJcDgAHUlgOIAdSWA6oBALABAbgBAw~CBMQAhgBINodKNodMOkdOA9o2x1w5R14yJ8DgAGYnwOIAZifA6oBALABAbgBAw~CCIQBBgBIPkeKPkeMJsfOCJo-h5wmh94GbABAbgBAw~CCgQChgBIJQgKJQgMK8gOBtolyBwrSB4hKMBgAHiogGIAfutA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:809::2003 Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame 2A10 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Thu, 22 Apr 2021 15:44:13 GMT
expires
Fri, 22 Apr 2022 15:44:13 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
470842
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 619B 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:35 GMT
integrator.js
adservice.google.com/adsid/ Frame 619B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame F54C 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Thu, 22 Apr 2021 15:44:13 GMT
expires
Fri, 22 Apr 2022 15:44:13 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
470842
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 5F17 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:35 GMT
integrator.js
adservice.google.com/adsid/ Frame 5F17 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame D23E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
URL: https://c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMZ-3DqBKtilGnOEXHe64AffanQWkYaO4p6Puo0tlKeolNNms_0FpLeP4A3sk
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:31:35 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 28-Apr-2021 03:31:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:31:35 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:31:35 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ls.html
img.scupio.com/html/ Frame E35A 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/ad.html?v=1.0.55
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OrgKeyValue=CNA20210428103135794397; gx=H4sIAIc5iWAA%2fxNmYGDg4uZ4MX%2f26x9%2fj1gKsAqxcNgLMAEAXc%2fM4BcAAAA%3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.55

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:13:35 GMT
expires
Wed, 05 May 2021 01:57:39 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
4bsLIKUZNxyeqqHa_Q_-OgPPiA6-iGp19Zsp5n182Nrr3O8ClAl9yw==
age
2036
ggid.aspx
rec.scupio.com/recweb/ Frame FD9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMTA0MjgxMDMxMzU3OTQzOTc%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:35 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 4138
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://img.scupio.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOpC2WhEEenXyf4RTSlnhlW1wM1rEAVOp/hQEJK/2msCb8MYvaTRc+LdQHAVOjOykUPOC/vzpA0eao9qJ5CVbysEVH+Jg==; ses16=; vis16=169834^1; khaos=KO0UDW9A-1V-1DLB; ses15=; vis15=169834^1; audit=1|0o8zzNO5o4ZXK5zrVASnqM1+1ZYfrZ/aYGo2YbBC4UBPFwrSveycbgJCI5x0nQ0AWKQI0xZ0VldgU9Oq/2XvW7KpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
www.facebook.com/tr/ Frame FD9B 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.55&rl=&if=true&ts=1619577095958&cd[SBST]=1&cd[PuID]=storm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 28 Apr 2021 02:31:35 GMT
uxid.aspx
rec.scupio.com/recweb/ Frame FD9B
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA20210428103135794397
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
image/gif
Content-Length
35

Redirect headers

Location
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
close
Content-Length
71
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
async_usersync.html
acdn.adnxs.com/dmp/ Frame B561 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI0uByEAoYASABKAEwhpKjhAY4AUABSAEQhpKjhAYYAA..; uuid2=2937802500449247243
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 29 Apr 2021 02:31:38 GMT
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
showad.js
ads.pubmatic.com/AdServer/js/ Frame 196D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=75812
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 9DF4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI0uByEAoYASABKAEwhpKjhAY4AUABSAEQhpKjhAYYAA..; uuid2=2937802500449247243
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Thu, 29 Apr 2021 02:31:38 GMT
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkYTc5OWMyMS1hN2M5LTExZWItYjBlOC0wMmVlN2QxZjY1ZWE%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEK60bEjuEpQQs2IxXXZKur8&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK60bEjuEpQQs2IxXXZKur8&google_cver=1&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK60bEjuEpQQs2IxXXZKur8&google_cver=1&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEK60bEjuEpQQs2IxXXZKur8&google_cver=1&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
date
Wed, 28 Apr 2021 02:31:36 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=1e7caf91-e7f4-4567-b840-75b9c88da817&_origin=1&gdpr=1&gdpr_consent=
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=1e7caf91-e7f4-4567-b840-75b9c88da817&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=1e7caf91-e7f4-4567-b840-75b9c88da817&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/55986/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=0&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YIjJCAAAiToecQA4&_origin=0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4
  • https://ups.analytics.yahoo.com/ups/55986/sync?uid=YIjJCAAAiToecQA4&_origin=0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YIjJCAAAiToecQA4&_origin=0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55986/sync?uid=YIjJCAAAiToecQA4&_origin=0&gdpr=0&gdpr_consent=&_test=YIjJCAAAiToecQA4&apid=UPda799c21-a7c9-11eb-b0e8-02ee7d1f65ea
date
Wed, 28 Apr 2021 02:31:36 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
syncframe
gum.criteo.com/ Frame 4570 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.storm.mg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1873
date
Wed, 28 Apr 2021 02:31:35 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 5774 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:36 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6A6F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4MpEUI7wUN6RHB5W2kqcLjzeeauIIkSCYjvb13TshkazmjxUroIidCdhWOQPwt03ImCpVROWNmTsWeg6uXZpqm6YFeVX41s8gpoeqNOdAu1CwBBuBjsQan0MKfmtplA71DrrmSxBjsKgh71eEHylZgCwboqcTMBLCUrISbt7py6B3FA5qnlCHof3rEUkfPdvLRGuf2xJ9cY9PlBRHFlRpmeZlbzPO9DQ4KSOd98gaw8X3ZORFkhqPo2SLbjUJHdclZvh8OW0dvJKPORh4dBW3uWMhrNadLtdRgHIL1mbGNXQkELA1frBxX5wy&sig=Cg0ArKJSzEfHmBGiUchREAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 28 Apr 2021 02:31:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6A6F 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3943ec911e260859a37ed76f52bfa9a8b9cf1c51d54cb15ace61b54157c85db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7025
x-xss-protection
0
pubads_impl_2021042201.js
securepubads.g.doubleclick.net/gpt/ Frame 385F 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Apr 2021 08:39:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108299
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame D8DD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
URL: https://04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkMZ-3DqBKtilGnOEXHe64AffanQWkYaO4p6Puo0tlKeolNNms_0FpLeP4A3sk; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:31:36 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Wed, 28-Apr-2021 03:31:36 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Apr 2021 02:31:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 28 Apr 2021 02:31:36 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6A6F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:36 GMT
ls.html
img.scupio.com/html/ Frame C524 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/ad.html?v=1.0.55
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OrgKeyValue=CQA20210428103135525616; gx=H4sIAIc5iWAA%2fxNmYGDg4uZ4NXfWux9%2fj1gKsAqxcNgLMAEAygnKTxcAAAA%3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.55

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:13:35 GMT
expires
Wed, 05 May 2021 01:57:39 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
0UG3dJ_dgaxhq0U-QPbA81aHgdN1y-8g3MzTSSPunVt80l6uPE7wFA==
age
2037
ggid.aspx
rec.scupio.com/recweb/ Frame 05BD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q1FBMjAyMTA0MjgxMDMxMzU1MjU2MTY%3d&layout=js
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEO9Qy5trMf0pxik0YYUSG3U&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A654
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://img.scupio.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOpC2WhEEenXyf4RTSlnhlW1wM1rEAVOp/hQEJK/2msCb8MYvaTRc+LdQHAVOjOykUPOC/vzpA0eao9qJ5CVbysEVH+Jg==; ses16=; vis16=169834^1; khaos=KO0UDW9A-1V-1DLB; ses15=; vis15=169834^1; audit=1|0o8zzNO5o4ZXK5zrVASnqM1+1ZYfrZ/aYGo2YbBC4UBPFwrSveycbgJCI5x0nQ0AWKQI0xZ0VldgU9Oq/2XvW7KpUjWTmmg0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
www.facebook.com/tr/ Frame 05BD 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.55&rl=&if=true&ts=1619577096216&cd[SBST]=1&cd[PuID]=storm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 28 Apr 2021 02:31:36 GMT
uxid.aspx
rec.scupio.com/recweb/ Frame 05BD
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20210428103135525616
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
image/gif
Content-Length
35

Redirect headers

Location
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
close
Content-Length
71
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D469 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1032
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 28 Apr 2021 03:14:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4086 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1032
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 28 Apr 2021 03:14:24 GMT
edmpVL.js
banner-cfnetwork.cdn.hinet.net/js/ Frame 06AD 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/edmpVL.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.235 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 4778a29b127f2a86d10186a019b97601.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jun 2017 10:23:08 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"bb1f54e9cb2e7c9c3e3c1b5adae79ccb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
mUHxAEownwkB_dpIZfK_872UH6yQHRIfueYSzP0CW0-zF9iDl2usWg==
x-request-id
7bfa6f574fbfb408fcd46c72897ffb0f
1.js
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame C7C3 		768 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.235 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 2a35f47e8effac5e2ab050c099aacc95.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2017 07:54:25 GMT
server
HiNetCDN/2104
age
26
etag
W/"124d2d33c6a8e65dc8edee4968d5ff15"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE51-C1
content-encoding
br
x-amz-cf-id
pZQgHPSuMEyIh062A06jaTrHNWe5K6oGkzIrQTAZjfmS4kZ9xKp9lQ==
x-request-id
84805ac91b5e2fb200e0b6d5c1f949b5
av_old.js
cdn.holmesmind.com/js/ Frame C7C3 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/av_old.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ca00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc495854a8ac178d94730aeea4fc42d704c1af5e0dcbcc79f13b6d9792cbbb49

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified
Tue, 24 Apr 2018 10:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"2a4586297d3d27704ae74fbf71c5d324"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3989
x-amz-cf-id
mXvtHOgpO6jW6l5dW4elRXR7KL7_8VGnIf_il-CqoGcTpN4GduaofQ==
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 06AD 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.8503788633378866
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0d9b2a146a9b67885d54dedcefe722a8dbf4474d04a1c6df8d853fe782a72283

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1331
truncated
/ Frame 06AD 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 333F 		27 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+7+6&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323&cb=1619577095698&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&screenResolution=1600x1200&kdntuid=1&vwndh=360&vwndw=640&vwndurl=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-28%204:31:36&ranreq=0.07193621383793225&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 1D95 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51786160&p=158683&s=724308&a=2996719&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
be1c5a434aa56c5c209e3448b5868e994abdd59945240c053260f8cd4fcea8df

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
edmpVL.js
banner-cfnetwork.cdn.hinet.net/js/ Frame CAC6 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/edmpVL.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.235 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 4778a29b127f2a86d10186a019b97601.cloudfront.net (CloudFront)
last-modified
Tue, 27 Jun 2017 10:23:08 GMT
server
HiNetCDN/2104
x-amz-cf-pop
TPE50-C1
etag
W/"bb1f54e9cb2e7c9c3e3c1b5adae79ccb"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
content-encoding
br
x-amz-cf-id
mUHxAEownwkB_dpIZfK_872UH6yQHRIfueYSzP0CW0-zF9iDl2usWg==
x-request-id
24e00d8fec5851eba1ab7cdc6ab5c29a
1.js
banner-cfnetwork.cdn.hinet.net/js/tmp2/ Frame 1D96 		768 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/tmp2/1.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.235 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 2a35f47e8effac5e2ab050c099aacc95.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2017 07:54:25 GMT
server
HiNetCDN/2104
age
26
etag
W/"124d2d33c6a8e65dc8edee4968d5ff15"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
x-amz-cf-pop
TPE51-C1
content-encoding
br
x-amz-cf-id
pZQgHPSuMEyIh062A06jaTrHNWe5K6oGkzIrQTAZjfmS4kZ9xKp9lQ==
x-request-id
fadd273d39cabec90d8da8103b09a8fe
av_old.js
cdn.holmesmind.com/js/ Frame 1D96 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/av_old.js
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:ca00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc495854a8ac178d94730aeea4fc42d704c1af5e0dcbcc79f13b6d9792cbbb49

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 cc763905c39a59494c951c09271b0422.cloudfront.net (CloudFront)
last-modified
Tue, 24 Apr 2018 10:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"2a4586297d3d27704ae74fbf71c5d324"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3989
x-amz-cf-id
xNAVMtQRPdFXdHGKhGIPIJEf5ql127pWyPnEOWvrBSK7n8vXX1b-rg==
bidinfo.aspx
bw.scupio.com/adpinline/ Frame CAC6 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.7515773497210152
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0d9b2a146a9b67885d54dedcefe722a8dbf4474d04a1c6df8d853fe782a72283

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 28 Apr 2021 02:31:35 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1331
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CAC6 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:36 GMT
truncated
/ Frame CAC6 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.be/adsid/ Frame 385F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.be/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 385F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 385F 		469 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1341781444703674&correlator=3644768691501474&output=ldjh&impl=fifs&eid=31060790%2C31060841%2C31060827&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=225677396%2Cstorm_content_FB2_336280_scupassback&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&cookie_enabled=1&cdm=storm.mg&bc=31&abxe=1&lmt=1619577096&dt=1619577096427&dlt=1619577095683&idt=732&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=815&adys=5904&adks=2667770676&ucis=u6q7xs99frks&ifi=1&ifk=3261353557&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&top=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=858025589.1619577096&ga_sid=1619577096&ga_hid=1131416722&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1647efb75009be9d73fbc3a86b030fee31726537703fa762e01c6b50faabbe8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.storm.mg
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1595e939843b8bf1b4a3324b9dba517a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 385F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1595e939843b8bf1b4a3324b9dba517a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 385F 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5526 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10840
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
async_usersync
ib.adnxs.com/ Frame B561 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:36 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.156:80
AN-X-Request-Uuid
bad3f4a2-b491-4d8e-8e1c-936d6422cc55
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 9DF4 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:36 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid
93ca690e-1e96-4075-8739-45a495467130
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4138 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64319
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9240
Expires
Wed, 28 Apr 2021 20:23:35 GMT
track
aktrack.pubmatic.com/ Frame 333F 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=158683&s=724308&a=2996719&ts=1619577097&wa=0&e=95&vc=2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
track
aktrack.pubmatic.com/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=158683&s=724308&a=2996719&ts=1619577094&wa=0&e=96&ier=901
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 5452
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4778859144958710729
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4778859144958710729
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51786160&p=158683&s=724308&a=2996719&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=6DF5A236-3D72-4389-8FFE-3F8D4636792D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_3_71_161_54_56_7%7C1620864000%3A35; KRTBCOOKIE_57=22776-2937802500449247243; PugT=1619577096; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-4778859144958710729; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:36 GMT; path=/ PugT=1619577096; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 02:31:36 GMT; path=/
X-lat
lhrpug014:0:532
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=4778859144958710729
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 7729 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=51786160&p=158683&s=724308&a=2996719&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 28 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1011
x-powered-by
ASP.NET
date
Wed, 28 Apr 2021 02:31:36 GMT
content-length
43
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1D95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=bfWiNj1yQ4mP_j-NRjZ5LQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=61779
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Wed, 28 Apr 2021 19:41:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1D95 		95 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=6DF5A236-3D72-4389-8FFE-3F8D4636792D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
646ce015be39175a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b7ea61900000175aee3ec000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 1D95
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=6DF5A236-3D72-4389-8FFE-3F8D4636792D&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6DF5A236-3D72-4389-8FFE-3F8D4636792D&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=6DF5A236-3D72-4389-8FFE-3F8D4636792D&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
frontend-id
13
location
/pubmatic/1/info2?sType=sync&sExtCookieId=6DF5A236-3D72-4389-8FFE-3F8D4636792D&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&addseg=20
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&addseg=20
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=6DF5A236-3D72-4389-8FFE-3F8D4636792D&addseg=20
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NkRGNUEyMzYtM0Q3Mi00Mzg5LThGRkUtM0Y4RDQ2MzY3OTJE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
X-lat
lhrpug006:0:387
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN4MLX0X_jEymRIrVU-9gcM&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN4MLX0X_jEymRIrVU-9gcM&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
X-lat
lhrpug002:0:345
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEN4MLX0X_jEymRIrVU-9gcM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1D95 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 27 Apr 2021 02:31:37 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7caf91-e7f4-4567-b840-75b9c88da817
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7caf91-e7f4-4567-b840-75b9c88da817
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
X-lat
amspug001:0:372
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7caf91-e7f4-4567-b840-75b9c88da817
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1135618798091693640
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1135618798091693640
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
X-lat
amspug005:0:460
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:37 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=1135618798091693640
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:842e6088-c908-4d00-a6ee-1d88608db1fb&gdpr=0&gdpr_consent=
42 B
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:842e6088-c908-4d00-a6ee-1d88608db1fb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
X-lat
amspug020:0:2404
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 28 Apr 2021 02:33:14 GMT
Server
MT3 3660 495c301 master cdg-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:842e6088-c908-4d00-a6ee-1d88608db1fb&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 02:33:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1D95
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2937802500449247243&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2937802500449247243&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
X-lat
lhrpug010:0:299
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:36 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
23ed198d-9e68-419f-a7f6-18c260afaa77
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2937802500449247243&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
6DF5A236-3D72-4389-8FFE-3F8D4636792D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1D95 		43 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/6DF5A236-3D72-4389-8FFE-3F8D4636792D?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame A654 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64319
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9240
Expires
Wed, 28 Apr 2021 20:23:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 385F 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08541ee7fc91ef73f4de7db1230a539abbfbfb73d67dd118c3427ebe167fbed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6885
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 80E0 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.storm.mg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
2294
date
Wed, 28 Apr 2021 02:31:35 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame CAC6 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:36 GMT
ls.html
img.scupio.com/html/ Frame 9957 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/ad.html?v=1.0.55
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OrgKeyValue=CQA20210428103135525616; gx=H4sIAIc5iWAA%2fxNmYGDg4uZ4NXfWux9%2fj1gKsAqxcNgLMAEAygnKTxcAAAA%3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.55

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:13:35 GMT
expires
Wed, 05 May 2021 01:57:39 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
cklCindsmsTtNGytBm6qobr0InASv5klKp4da3EvtKRXac1V_06qHw==
age
2037
uxid.aspx
rec.scupio.com/recweb/ Frame EA91
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20210428103135525616
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
image/gif
Content-Length
35

Redirect headers

Location
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date
Wed, 28 Apr 2021 02:31:37 GMT
Connection
close
Content-Length
71
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame A8ED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://img.scupio.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOpC2WhEEenXyf4RTSlnhlW1wM1rEAVOp/hQEJK/2msCb8MYvaTRc+LdQHAVOjOykUPOC/vzpA0eao9qJ5CVbysEVH+Jg==; ses16=; vis16=169834^1; khaos=KO0UDW9A-1V-1DLB; ses15=; vis15=169834^1; audit=1|0o8zzNO5o4ZXK5zrVASnqM1+1ZYfrZ/aYGo2YbBC4UBPFwrSveycbgJCI5x0nQ0AWKQI0xZ0VldgU9Oq/2XvW7KpUjWTmmg0; pux=1512%3D99243%262249%3D99243%262307%3D99243%262974%3D99243%263778%3D99243%26goog%3D99243%26idl%3D99243%26brx%3D99243%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
www.facebook.com/tr/ Frame EA91 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.55&rl=&if=true&ts=1619577096605&cd[SBST]=1&cd[PuID]=storm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 28 Apr 2021 02:31:36 GMT
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 4138 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.159.35 Central, Hong Kong, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1585c80ff82c9eb681141eca5a08ced1
Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 385F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 06AD 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:36 GMT
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame A654 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.159.35 Central, Hong Kong, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1585c80ff82c9eb681141eca5a08ced1
Content-Type
image/gif
tap.php
pixel.rubiconproject.com/ Frame 4138
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e08e6088-c908-4500-8906-ab2ef72c48db
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e08e6088-c908-4500-8906-ab2ef72c48db
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

Date
Wed, 28 Apr 2021 02:33:14 GMT
Server
MT3 3660 495c301 master cdg-pixel-x29
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=e08e6088-c908-4500-8906-ab2ef72c48db
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 02:33:13 GMT
pixel
cm.g.doubleclick.net/ Frame 4138
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVURXOUEtMVYtMURMQg==
170 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVURXOUEtMVYtMURMQg==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S08wVURXOUEtMVYtMURMQg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4138
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/NiXRp46fb4kx1m1YIqFUZcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5862012657717731702
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5862012657717731702
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

date
Wed, 28 Apr 2021 02:31:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5862012657717731702
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4138
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiuqOWFY35BDTWMPgUmSHk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiuqOWFY35BDTWMPgUmSHk&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEKiuqOWFY35BDTWMPgUmSHk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4138
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIjJCAAAiToecQA4
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIjJCAAAiToecQA4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619577097.829117,VS0,VE0
x-served-by
cache-hhn4025-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YIjJCAAAiToecQA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
709414.gif
id.rlcdn.com/ Frame 4138 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 google
alt-svc
clear
content-length
0
v1
ads.yahoo.com/cms/ Frame 4138
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO0UDW9A-1V-1DLB&sigv=1&esig=2~4f433c7a1a4361a14e3321b6724ad11864eb020f
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO0UDW9A-1V-1DLB&sigv=1&esig=2~4f433c7a1a4361a14e3321b6724ad11864eb020f
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KO0UDW9A-1V-1DLB&sigv=1&esig=2~4f433c7a1a4361a14e3321b6724ad11864eb020f
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 4138 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.189.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-189-83.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 6998 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10840
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ls.html
img.scupio.com/html/ Frame AFB7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.106.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-106-33.mad50.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

:method
GET
:authority
img.scupio.com
:scheme
https
:path
/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/html/ad.html?v=1.0.55
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
OrgKeyValue=CQA20210428103135525616; gx=H4sIAIc5iWAA%2fxNmYGDg4uZ4NXfWux9%2fj1gKsAqxcNgLMAEAygnKTxcAAAA%3d
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/html/ad.html?v=1.0.55

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 28 Apr 2021 02:13:35 GMT
expires
Wed, 05 May 2021 01:57:39 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 315f537a0be356b37267f2ae21a5363d.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
x-amz-cf-id
crKMg4BExUnntEuse9LpxRQUBa7TCDdTBSua2rNsG_vv_vE8-8Q1Bw==
age
2037
uxid.aspx
rec.scupio.com/recweb/ Frame 7EE9
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CQA20210428103135525616
  • https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
35 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.175 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Cache-Control
private
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
35
Content-Type
image/gif

Redirect headers

Location
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date
Wed, 28 Apr 2021 02:31:38 GMT
Connection
close
Content-Length
71
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 7BE2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://img.scupio.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|G9C2NkZC7frDQSirzNt8MRPvuJlRI6aSli1gEtfhZ1co9sDCaATiL5HZCune56ebGXOxtVOpC2WhEEenXyf4RTSlnhlW1wM1rEAVOp/hQEJK/2msCb8MYvaTRc+LdQHAVOjOykUPOC/vzpA0eao9qJ5CVbysEVH+Jg==; ses16=; vis16=169834^1; khaos=KO0UDW9A-1V-1DLB; ses15=; vis15=169834^1; audit=1|0o8zzNO5o4ZXK5zrVASnqM1+1ZYfrZ/aYGo2YbBC4UBPFwrSveycbgJCI5x0nQ0AWKQI0xZ0VldgU9Oq/2XvW7KpUjWTmmg0; pux=1512%3D99243%262249%3D99243%262307%3D99243%262974%3D99243%263778%3D99243%26goog%3D99243%26idl%3D99243%26brx%3D99243%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Date
Wed, 28 Apr 2021 02:31:36 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
www.facebook.com/tr/ Frame 7EE9 		44 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.55&rl=&if=true&ts=1619577096852&cd[SBST]=1&cd[PuID]=storm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 28 Apr 2021 02:31:36 GMT
syncframe
gum.criteo.com/ Frame E3AD 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.storm.mg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.storm.mg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://img.scupio.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://img.scupio.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1541
date
Wed, 28 Apr 2021 02:31:36 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 06AD 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Apr 2021 02:31:36 GMT
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 5526 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 10:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
59287
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Wed, 27 Apr 2022 10:03:29 GMT
usync.js
eus.rubiconproject.com/ Frame A8ED 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64319
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9240
Expires
Wed, 28 Apr 2021 20:23:35 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 2A10 		156 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1914426731431899&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=2738054009&sdk_apis=2%2C8&sid=C7000488-148E-45A5-AC6A-DE6A8305A929&eid=21064201%2C44739826&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=1619577096937&cookie_enabled=1&scor=884968933349551&ged=ve4_td2_tt1_pd2_la2000_er1290.325.1443.625_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F54C 		156 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-5746030484598936&slotname=AR_VD_storm.mg_Desktop&ad_type=video&description_url=https%3A%2F%2Fwww.storm.mg&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=0&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.453.0&video_product_type=0&min_ad_duration=0&sz=640x360&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=4039269167&sdk_apis=2%2C8&eid=44727842%2C44736292%2C44739826&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=1619577096944&cookie_enabled=1&correlator=984454704549606&ad_block=1&ged=ve4_td2_tt1_pd2_la2000_er1290.325.1443.625_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame A8ED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.159.35 Central, Hong Kong, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1585c80ff82c9eb681141eca5a08ced1
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 7BE2 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-230-142.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64318
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9240
Expires
Wed, 28 Apr 2021 20:23:35 GMT
checksum
api.dable.io/items/services/storm.mg/id/3634588/ 		101 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.dable.io/items/services/storm.mg/id/3634588/checksum?callback=dbljson3
Requested by
Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.165.227.126 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-165-227-126.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
db61f486ba7252bbd3042c8a7f65e31ed96b9bde2916430cfd4249ea39eecbdb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
ETag
W/"65-SwiPlgbwZm5b26HZxpJfINscu/I"
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
113
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 6998 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 10:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
59288
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Wed, 27 Apr 2022 10:03:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DB4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=3515986218441383&bg=!g4ClgMTNAAZUuIlwVLg7ACkAdvg8Wtmqr-atMYeY4-JHV_5shfJb1wXvNEhilGxX6S-c75KCyhRieQIAAANBUgAAADVoAQcKAH2M1_BepOVQY9wtSIwBdk4fYcie35kzGDh-lRqqOPJhTmiWmR0ZBUryr194dNuij0X1igXw2vQfWkdjynDvaX5H5ZKwiuegmz3eb12DVXV5kWch63Wm2roAv_XBgNhNz3b1wbJV6Ed7KeAZOZcWcRdnBnIltJeg0MaqTg9C65kCRaaUsaGsmbbiFseGw8iGc9Uc6LvBLOgBeHc8Vx2UuGiq9vSXRa1gkLthl7Wmx90tO7ICxcl1hpOdRUD68WCDStEvhIf-e9sFBCqAUekUOvGRFeLEtUvEufEZHz7myOZ4eFLAlprw63H-8J2YtCN5uWP8lupmOZYZk4pzPlyx4m1ggb3hLMgHliIzhJE7Xcmv3Zpj-iHKL8t4PQjLIw6yxY9YIQRkZ_LHjR5db8N1cuxMTiAYUtFk5g2slQAWbN8JYQQzdGpL-TfJjI5mdawi30NIOqUvmmjueRh27faybpaACXuSAhalU4nLsSLXjB66hY3KJqeKJvGUszg5GU8n7cjJ8iOP0Z9HcwPCdnw4z-h1SuWd6HJHGizLeXw083ZFHFvsO7IS-sD8l7rdwWleb5RqE20jHDuzgJfhlrkaFeo2jMn-8XaNz2moWgP2heKMvEptJoiE3teDqE-MFTRric2295b5lX8F7hKHvlzmsbOGSuj90c2iE8XEc4mougZrzlXztLO09aVykvx93PjTpHrJCn2E-YcKxN9M8bS76YHueohJ_vJDFkG6SjiJ7evFyYH-7YuZhU8gUYgh9RV7s-sIvi-akl60CIgcyn7B0Z6KHhih3NSUT0GDTpyTF9wBrUvrBxQqkLYu86k8r_XP58yG7y-k7eCYc1QHhA7rnJgqpoABZb2N60qEggympiEfiiTVRubPPbIZQ7_9__IppK83kabMLsACTf0eJF-xWYq_hkaDywvdfxlPXrCiKy2Sm9lM0g7m
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 7BE2 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.159.35 Central, Hong Kong, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1585c80ff82c9eb681141eca5a08ced1
Content-Type
image/gif
vadtag.html
vpaid.pubmatic.com/ads/video/ 		962 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
0b64be60637c99c7e6b70899cc7308b4d217042290def4535e193bfb024cecc3

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:37 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
594
Expires
Wed, 28 Apr 2021 02:31:37 GMT
ptv
secure.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=18700257&cb=9577097266
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:37 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.203:80
AN-X-Request-Uuid
e319eec3-b3ba-4f90-af37-72b9a88f97af
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1619577097267&asid=5e7b346a41db963e5530bdd4%2C5e7b352d1565c6447b6a2628%2C5ef9d08fdd1a46098e00694b%2C5f0da1c2beb9f87bda10ec76%2C5eb2573b1dc9772a927acfc7%2C5e7b1bc4b825ae275f59ce86%2C5f90340e3ea0b37d63229268%2C5e7b1ed1c4933477bd298304%2C5e7b1c06634df5450945753d&ofpr=%2C4.5%2C%2C4.5%2C4.5%2C%2C4.5%2C4.5%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
date
Wed, 28 Apr 2021 02:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/203181/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203181/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
pragma
no-cache
date
Wed, 28 Apr 2021 02:31:37 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
openrtb
ads.adaptv.advertising.com/rtb/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0383d1b834f392c419a0ce8f5c5170836561e3644f9411964d7be2b5e7bf39bc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:37 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.9:80
AN-X-Request-Uuid
1eb4d689-012d-4790-9376-09433effbaff
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
06ffed82c8f68117f46a399d7463f98916e6aec3cfc514aad30dd727e3f56c16
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:37 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.204:80
AN-X-Request-Uuid
12ab7e8b-268c-4e94-a90a-a6d8ad743a3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
av
ad.doublemax.net/adserver/ Frame C7C3 		0
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doublemax.net/adserver/av?p=9035:30258:85886:adb7e56ffe88b2c147f74d5940641b6e:6893&type=0
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/av_old.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.42.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
av
ad.doublemax.net/adserver/ Frame 1D96 		0
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doublemax.net/adserver/av?p=10570:30258:84933:65181a0eafac65b8d80a8d7b7e080631:6893&type=0
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/av_old.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.42.61 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6A6F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=2390447562333629&bg=!eHulez_NAAZUuIlwVLg7ACkAdvg8WhI-3Vzt7fRADgPd8MoqQsxIAyhG0HDttN8jGn_pQZWz6U3yawIAAAD4UgAAAEtoAQcKAGuj-1aHoE2a70YXzZG_NZdeEmCd0fMJdgX2HTYSiqRfIaS-mZvokqCSdoQz5036WvNXN8m20XTolFD1YLpIq6vvn4ibrjPPFb1oC4yX-snTHVO5RhCr3DhauGW9mhON8-NiKlBq-Zopxvzm45kCLASm1nqZKmkF-y0YJZzQiLKdUYgtXx1bsa7DAGGFWNMqEBn-JElE_25aIhOvJXZdDaqzCx1-1gn75f0M2xeN6-uhPSWC7Ir42jvUklOSx4sHe8TFhxHWIzrioh5GBqbsPMA23tJNhIxOyCpU7mGCY8Q51DfFiiqttlum1-ZmrGpP4siXTeX7s2Le3pTyJ8xZMhxxgREJPmTkO0ThVVHmafX2bC5BN8uje4eof-umIXLMLJmYkSBU-dje6RA57Y4mIjAkr_hqMM4VG91TBOg3tjpvUKmzqCOp9nXEORtczSo-PMR5DDqvd9gLVjacGbMNXDOL3uLrsJbpd4ip1LHOhKFJhgKRDnOmfvyFQwdjRQoGXDnMCmEODqwGWp85xONZ4hZyzVhCnc5IiiGySsPjq6oyKek_CM0xZDsZKwX0LrxDOfV3VicK9taFLtx6qLB3rH2Tr7tAvPNDWTxj1amFnG3Lgf5Smlh2kvXuhg3KT0aWZ5ODw-36qwmGbGM4aD_tDR0yASZLiglRRJvqE7kjNy076cgo4bFPJW-ONu2Kad_Pufv4dbz72rvITxAiRaYtBTN0DbTtpUYvUoC-cQAK3j3-wXur4NbbD67FLiV_SkmLqfHc0FA4TPuRTtQL-ecjEBhW5kaSDuPrz0_77jb5AotRtqllFzk5FkJP3GwbwVSFe5K5ogW60QXQ1XbpmTlRXAlUuq7QQ_ciCM7mqBoPanfqOB_0EjXSt8WxHRc
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 385F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=1341781444703674&bg=!YmGlYSXNAAZUuIlwVLg7ACkAdvg8Wi_frHkUUXqwJxC95o8N9IFDN2blJn1a8PvsLa2obdQCXJzVhQIAAAEZUgAAAA5oAQcKAH0YgZRdDKgCFRDZvJWpTns990zirncuRhagdu6mcFrrP8LJe3rDxut4nAEz3Jt1f6lhqHfVbboXoPKpHQTPc9VtJTVGuPRrI6yUcf5swe65wuNRlv2eL6S3Cw_NA9erBGhcD_MvFMdX5krXuf3uLDNzcciPRi7VWQowwum5qpkCRJY1jncjsqNDAiGTuCW-1W73YkmSxZZtThes2cgqBLye5MLc9TjLTljzL3bYgRQfIa6XFgXNjxYNmNohmptZ_Deo705qgM7vqYhjg9rTR1Sjm1mZ4z2W4aYX94Sn_v8-iR59pslxzUcu0jsiCCe4GncB8QYKXhdp19H8c_GFc5U4CBwe3_U0QuRurFjZ2B28yg94oSLJTWJn8eb5lnXnDJ16A7b5ckVqYURvaedzHO6EcAFrv6PGxu6cV2cAIajh6090IuDMu9aJOsyCbPYtcEBgqsHDOtc2tDhStlOIt2etAgugcN1Orb3LxVYQPNvWs0_V0fLV9mYv-55-6SA80Fe9DTZmURe2cmab447E5isHXS0ZXjPxR60XNF25uls1ptIJIlHy2_6jpMJ8Cb3LuaaFjbIRD5I4jPiTSwBcXC2OK3CRan6xA0iBTiLxBjA-FHK51cqMhbpnduTKTGRA8LQCl8sVtdnG77B6P1vTecbpBeHpxnn9V3LX-Hrl0f4F1mjjOeIQK-Hbzy8_qcDUE-FFjyTw717I9xfi__mvCk4JWSkZJyNQZgv_3DFzkLRwMxCpTgDm0q0LERPpS4mmifYOdqrO9oqCQ6NZ1ONen8SnI26tOPJbBUQme44Oz0apGuJwllmFNF90laZJNfEwF5oLBdLJPuOFrOu1dFsH4xi9GVFlgN2skOoWuN9uMfBMv0SMCGdwsT7-XbT3YQycAf2U9CYSzTEHFPykrENzajButDAlLacw-r05nxVZP-wcGvl3hm0
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aae8902985f70aea661cf8023f85fcef.jpg
banner-cfnetwork.cdn.hinet.net/image/6893/ Frame C7C3 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner-cfnetwork.cdn.hinet.net/image/6893/aae8902985f70aea661cf8023f85fcef.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.235 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
d605b8016e96843b147169071b1b1442b000a65f71a0cd4b3a7164d4fc9dc282

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 0078223449b6af3f5fa4f7fd5ffdc607.cloudfront.net (CloudFront)
last-modified
Tue, 16 Mar 2021 11:01:37 GMT
server
HiNetCDN/2104
age
1447
etag
"421a434546050531bdb55b4faa802c13"
x-cache
EXPIRED, HIT
content-type
image/jpeg
x-amz-cf-pop
TPE51-C1
accept-ranges
bytes
content-length
96959
x-amz-cf-id
JFh4WbABwgQs6kaHi9lVHwwcTiRQZZXYwcdchn0Q5x7yliYOYAPdbQ==
x-request-id
f246e6bce1969d9ccc34d2b933bff061
i
ad.holmesmind.com/adserver/ Frame C7C3 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1619577095&p=9035:30258:85886:adb7e56ffe88b2c147f74d5940641b6e:6893
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
810ff4fb1631cb1f51e100beef76ffd3.jpg
banner-cfnetwork.cdn.hinet.net/image/6893/ Frame 1D96 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner-cfnetwork.cdn.hinet.net/image/6893/810ff4fb1631cb1f51e100beef76ffd3.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.39.143.235 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2104 /
Resource Hash
415b7221c1d06088143ed2dd3af4fb7eb67c489b46e43eaca19a143c418dcc82

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
via
1.1 2e9008ee05c2ff9176001baad802fed7.cloudfront.net (CloudFront)
last-modified
Mon, 08 Feb 2021 09:41:09 GMT
server
HiNetCDN/2104
age
1699
etag
"4cf5ec956982c8fbcb8e60762e732143"
x-cache
EXPIRED, HIT
content-type
image/jpeg
x-amz-cf-pop
TPE51-C1
accept-ranges
bytes
content-length
40369
x-amz-cf-id
-b3UWilDixkIG5nkpS-4rzLqCnM52O2rjBBsF7oQMN8PoRq9Xp9wGg==
x-request-id
e20cbcf94d007c5abcba36683e8c4b79
i
ad.holmesmind.com/adserver/ Frame 1D96 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.holmesmind.com/adserver/i?ut=1619577095&p=10570:30258:84933:65181a0eafac65b8d80a8d7b7e080631:6893
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.55
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.178.71.123 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-type
image/png
server
nginx/1.14.0 (Ubuntu)
async_usersync
ib.adnxs.com/ Frame B561 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:37 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid
9c266c22-c5c8-4fe9-86ce-c72e1717685d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1619577097517&asid=5e7b346a41db963e5530bdd4%2C5e7b1bc4b825ae275f59ce86%2C5ef9d08fdd1a46098e00694b&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
async_usersync
ib.adnxs.com/ Frame 9DF4 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:37 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.228:80
AN-X-Request-Uuid
8c38a5c9-eed2-4377-a872-e6ce38cfea93
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 9A25 		150 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A013 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:37 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0F3F 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:37 GMT
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame E9C5 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Thu, 22 Apr 2021 15:44:13 GMT
expires
Fri, 22 Apr 2022 15:44:13 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
470844
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A013 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:37 GMT
integrator.js
adservice.google.com/adsid/ Frame A013 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame A24B 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Thu, 22 Apr 2021 15:44:13 GMT
expires
Fri, 22 Apr 2022 15:44:13 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
470844
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 0F3F 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:37 GMT
integrator.js
adservice.google.com/adsid/ Frame 0F3F 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7334 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=6DF5A236-3D72-4389-8FFE-3F8D4636792D; chkChromeAb67Sec=1; DPSync3=1620777600%3A227_226_221_201; SyncRTB3=1620777600%3A220_21_13_3_71_161_54_56_7%7C1620864000%3A35; KRTBCOOKIE_57=22776-2937802500449247243; PugT=1619577096; PUBMDCID=3; KRTBCOOKIE_336=5844-4778859144958710729; KRTBCOOKIE_80=16514-CAESEN4MLX0X_jEymRIrVU-9gcM&KRTB&22987-CAESEN4MLX0X_jEymRIrVU-9gcM&KRTB&23025-CAESEN4MLX0X_jEymRIrVU-9gcM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=75811
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Wed, 28 Apr 2021 02:31:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 9A25 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-98c2-5bfeb3aef82b4"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=75811
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
14060
Expires
Wed, 28 Apr 2021 23:35:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A81A 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1033
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 28 Apr 2021 03:14:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B1D0 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1033
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 28 Apr 2021 03:14:24 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame E9C5 		156 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=47672022209171&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=3383288387&sdk_apis=2%2C8&sid=3A30BF5E-3482-4E7F-A398-8804887CB904&eid=44731467%2C44739826&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=1619577097884&cookie=ID%3D4d6a928a77feefd1%3AT%3D1619577096%3AS%3DALNI_Ma1u4-r5XjVxfqAHjah-bzKj324ig&scor=4078179428092913&ged=ve4_td0_tt0_pd0_la0_er1290.325.1443.625_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A24B 		156 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-5746030484598936&slotname=AR_VD_storm.mg_Desktop&ad_type=video&description_url=https%3A%2F%2Fwww.storm.mg&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=0&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.453.0&video_product_type=0&min_ad_duration=0&sz=640x360&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=1555906227&sdk_apis=2%2C8&eid=44725355%2C44739826&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=1619577097896&cookie=ID%3D4d6a928a77feefd1%3AT%3D1619577096%3AS%3DALNI_Ma1u4-r5XjVxfqAHjah-bzKj324ig&correlator=1841264965038659&ad_block=1&ged=ve4_td0_tt0_pd0_la0_er1290.325.1443.625_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Apr 2021 02:31:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 9A25 		27 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+7+6&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265&cb=1619577097669&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&screenResolution=1600x1200&kdntuid=1&vwndh=360&vwndw=640&vwndurl=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-28%204:31:38&ranreq=0.5681061098379767&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
track
aktrack.pubmatic.com/ Frame 9A25 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=158683&s=724308&a=2996719&ts=1619577098&wa=0&e=95&vc=2
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
track
aktrack.pubmatic.com/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=158683&s=724308&a=2996719&ts=1619577097&wa=0&e=96&ier=901
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
vadtag.html
vpaid.pubmatic.com/ads/video/ 		962 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/vadtag.html?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
c4be0e2f5ac2ac697e5618e12517d0399a36de4cf25d3eb845bfaa3e3634b42f

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:38 GMT
Content-Encoding
gzip
Server
Apache/2.2.15 (CentOS)
ETag
"461ced-23ca-5b1869b8fc7b9"
Vary
Origin, Accept-Encoding
Content-Type
application/xml
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
594
Expires
Wed, 28 Apr 2021 02:31:38 GMT
ptv
secure.adnxs.com/ 		85 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=18700257&cb=9577098284
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:38 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.40:80
AN-X-Request-Uuid
e83d28ba-fe2f-4566-85c4-1acccdb35260
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/xml; charset=utf-8
Content-Length
85
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=request&cb=1619577098284&asid=5e7b346a41db963e5530bdd4%2C5e7b352d1565c6447b6a2628%2C5ef9d08fdd1a46098e00694b%2C5f0da1c2beb9f87bda10ec76%2C5eb2573b1dc9772a927acfc7%2C5e7b1bc4b825ae275f59ce86%2C5f90340e3ea0b37d63229268%2C5e7b1ed1c4933477bd298304%2C5e7b1c06634df5450945753d&ofpr=%2C4.5%2C%2C4.5%2C4.5%2C%2C4.5%2C4.5%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
ib.adnxs.com/ut/v3/ 		138 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
46e2697ce2e42273d07c64936c62db3faa5ef8bd5c2b0e905eb371f7c53cf99b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:38 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid
4f1e9b06-dfe8-4855-83d1-9777ce2c02e4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
138
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
ads.adaptv.advertising.com/rtb/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=ViewdeosExchange
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.110.9 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
date
Wed, 28 Apr 2021 02:31:37 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
402f233f8c678f6fad6e917790e4752cdd8357ae1a6a9e0b140aa7ffa5b9469f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:38 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.37:80
AN-X-Request-Uuid
1c6a01ab-21c7-4dd6-bb30-a63129a106cd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/203181/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/203181/0/mvo?z=1r&hbv=4.25,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.storm.mg
pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cm
c.holmesmind.com/ Frame BD16
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame BD16 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360&ppid=5e60bfad28a0610ba100c7c4&nid=57173f460757bb6c428b465b&pcid=5e60c75028a06115d47ebd9b&ncid=5e7b1f3a1565c6447b6a2624&pasid=5e7b1fa325fcea4e1b329fa8&e=bid&cb=1619577098541&asid=5e7b346a41db963e5530bdd4%2C5e7b1bc4b825ae275f59ce86%2C5ef9d08fdd1a46098e00694b&ofpr=%2C%2C&fpo=%2C%2C
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PMAdMgr.js
vpaid.pubmatic.com/ads/video/ Frame 1E05 		150 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Jan 2021 07:24:19 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1408294-257f0-5b82218515d54"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=10800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
35684
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E48A 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:38 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BA76 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117044
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:38 GMT
idSync
sync.aralego.com/ Frame 5774 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cm
c.holmesmind.com/ Frame 5774
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/lifestyle/3634588
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame 5490 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Thu, 22 Apr 2021 15:44:13 GMT
expires
Fri, 22 Apr 2022 15:44:13 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
470845
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame BA76 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:38 GMT
integrator.js
adservice.google.com/adsid/ Frame BA76 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.453.0_en.html
imasdk.googleapis.com/js/core/ Frame C276 		570 KB
186 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.453.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
190793
date
Thu, 22 Apr 2021 15:44:13 GMT
expires
Fri, 22 Apr 2022 15:44:13 GMT
last-modified
Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
470845
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame E48A 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:38 GMT
integrator.js
adservice.google.com/adsid/ Frame E48A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.storm.mg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
showad.js
ads.pubmatic.com/AdServer/js/ Frame 4F7A 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.storm.mg/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=75810
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Wed, 28 Apr 2021 02:31:38 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 1E05 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"13006b6-98c2-5bfeb3aef82b4"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=75810
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
14060
Expires
Wed, 28 Apr 2021 23:35:08 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C68 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1034
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 28 Apr 2021 03:14:24 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 72E3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:14:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
age
1034
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
expires
Wed, 28 Apr 2021 03:14:24 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 4F7A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=64490462&p=158683&s=724308&a=2996719&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
efe152ba98883c66458c49efb93e47ee9b409810c9337cdbe3707bc9bb5306f3

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtrsEDnWvTuuXRgqku-zuE&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtrsEDnWvTuuXRgqku-zuE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
X-lat
lhrpug013:0:322
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPtrsEDnWvTuuXRgqku-zuE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 4F7A 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 27 Apr 2021 02:31:38 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame DE2B
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8932314486518883198
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8932314486518883198
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=05B19AC1-F068-4226-95F7-1BB01DB299C8; chkChromeAb67Sec=1; DPSync3=1620777600%3A201_227_226_221; SyncRTB3=1620777600%3A21_13_161_7_220_54_56_3_71%7C1620864000%3A35; KRTBCOOKIE_27=16735-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&16736-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23019-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23114-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0; PugT=1619577097; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 02:31:39 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8932314486518883198; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:39 GMT; path=/ PugT=1619577099; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 02:31:39 GMT; path=/
X-lat
lhrpug005:0:448
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8932314486518883198
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b015964d-4d16-42ed-9fd0-c7d670a54dd3
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b015964d-4d16-42ed-9fd0-c7d670a54dd3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
X-lat
amspug015:0:317
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b015964d-4d16-42ed-9fd0-c7d670a54dd3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
usersync.aspx
dis.criteo.com/dis/ Frame B918 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Wed, 28 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1112
x-powered-by
ASP.NET
date
Wed, 28 Apr 2021 02:31:38 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002175123204593149
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002175123204593149
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:38 GMT
X-lat
amspug011:0:412
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7002175123204593149
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:37 GMT
X-lat
amspug001:0:465
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Wed, 28 Apr 2021 02:33:16 GMT
Server
MT3 3660 495c301 master cdg-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 02:33:15 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2773533202461637078&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2773533202461637078&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
X-lat
lhrpug004:0:513
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Wed, 28 Apr 2021 02:31:38 GMT
X-Proxy-Origin
82.102.19.136; 82.102.19.136; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.52:80
AN-X-Request-Uuid
70d53ad0-592a-4693-8976-c20adb8c7237
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2773533202461637078&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4F7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbGawfBoQiaV9xuwHbKZyA%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=BbGawfBoQiaV9xuwHbKZyA%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=61776
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Wed, 28 Apr 2021 19:41:15 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4F7A 		95 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=05B19AC1-F068-4226-95F7-1BB01DB299C8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
646ce0243900175a-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b7ea6aa50000175a428f1000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 4F7A
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=05B19AC1-F068-4226-95F7-1BB01DB299C8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=05B19AC1-F068-4226-95F7-1BB01DB299C8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=05B19AC1-F068-4226-95F7-1BB01DB299C8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
frontend-id
8
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:38 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=05B19AC1-F068-4226-95F7-1BB01DB299C8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=05B19AC1-F068-4226-95F7-1BB01DB299C8&addseg=20
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=05B19AC1-F068-4226-95F7-1BB01DB299C8&addseg=20
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Wed, 28 Apr 2021 02:31:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=05B19AC1-F068-4226-95F7-1BB01DB299C8&addseg=20
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame 4F7A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDVCMTlBQzEtRjA2OC00MjI2LTk1RjctMUJCMDFEQjI5OUM4&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDVCMTlBQzEtRjA2OC00MjI2LTk1RjctMUJCMDFEQjI5OUM4&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
X-lat
lhrpug013:0:400
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
05B19AC1-F068-4226-95F7-1BB01DB299C8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4F7A 		43 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/05B19AC1-F068-4226-95F7-1BB01DB299C8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5490 		156 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-video-pub-5746030484598936&slotname=AR_VD_storm.mg_Desktop&ad_type=video&description_url=https%3A%2F%2Fwww.storm.mg&max_ad_duration=66000&videoad_start_delay=0&vpmute=0&vpa=0&u_tz=120&u_his=3&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&sdkv=h.3.453.0&video_product_type=0&min_ad_duration=0&sz=640x360&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=0&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=44d&adk=1066386582&sdk_apis=2%2C8&eid=21064201%2C44739826&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=1619577099061&cookie_enabled=1&correlator=2277347490913587&ad_block=1&ged=ve4_td0_tt0_pd0_la0_er1290.325.1443.625_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/xml; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame C276 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22181265%2Fca-video-pub-1062972861553303-tag%2Fviewdeos_storm.mg_WW_Desktop_5&description_url=http%3A%2F%2Fstorm.mg&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2915319140700329&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&sdki=44d&adk=447198124&sdk_apis=2%2C8&sid=A8C8EB26-9EA5-4110-A90D-F2DFB19C2646&eid=420706110%2C44737475%2C44739555%2C44739826&top=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&url=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&dt=1619577099069&cookie_enabled=1&scor=1702374855107258&ged=ve4_td0_tt0_pd0_la0_er1290.325.1443.625_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210422&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9a29fd9fd25252bf85425ce063b9a30117f500a9c4af96595c9457b4f1e693e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6918
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/20419801/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
350 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.2.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-2-29.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:11:31 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1209
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
sCm9tbN7GtZBj-xRYR6rBDOVyWiqMT6ztzJBOV04d6TEdkvDE2bKbg==

Redirect headers

date
Wed, 28 Apr 2021 02:31:39 GMT
via
1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
uzypoO5XClNPmQGFcEXglEk9ncnjkEZioqwDLOP2zlIKsbAs2d37XA==
share_button.php
www.facebook.com/v3.2/plugins/ Frame 2008 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d97212a3a169f103afa6a81e0130591f90e49672082da5255bdc20ff1c1cfbd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

x-fb-rlafr
0
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
content-encoding
br
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=15552000; preload
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
cross-origin-opener-policy
same-origin-allow-popups
content-type
text/html; charset="utf-8"
x-fb-debug
7tJVmT0JCv9NUHzGcOV2bRizFcvzSLNSZ8cny6cR9XwmhjChXkF3VAI49XGXFRSlr/xhEIs69c/fHOHlsEIl0g==
date
Wed, 28 Apr 2021 02:31:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
video.php
www.facebook.com/v3.2/plugins/ Frame B66B 		471 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9ff6f75c824bb86682a24ca9f4c8f8a7f1e316172cb84390f0113b431fa6bbc7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
I/t0pjicmJ5KmaEJsxnA2FjMN0hSczWSMDl/qfHJLWDM5Yt9ISI0vMaU4kcr3b2DVBQTRNSpdimMBkmUVXK6JQ==
date
Wed, 28 Apr 2021 02:31:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
feedback.php
www.facebook.com/plugins/ Frame 199E
Redirect Chain
  • https://www.facebook.com/v3.2/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3D...
  • https://www.facebook.com/plugins/comments.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.s...
  • https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.s...
111 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
72117c9e6b3d1d4da49199889920bb1aeaf2a6fe30eaf514276ed79257732081
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
x-xss-protection
0
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
content-encoding
br
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
cross-origin-opener-policy
same-origin-allow-popups
content-type
text/html; charset="utf-8"
x-fb-debug
znXUECazVrjA5ffva8bhB4lDvtlRnhBsB5JWDHqAu+IxEi0CCFuDm/rr0a/i901Zfts1PBKHCoZ8sCmEW3zZ5w==
date
Wed, 28 Apr 2021 02:31:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

location
https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
dkBF5mwRR8Rwkanaa64ymmaL/PcipYkyRy7RsM/4uKl6Q1lGcAaA+Yrmvd4evBrTnw2Y0HaVOE3KqAToa7CX/w==
content-length
0
date
Wed, 28 Apr 2021 02:31:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
like.php
www.facebook.com/v3.2/plugins/ Frame 34D7 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b4ee9baeb2f6a64d46848a9afabc5965b4fe73645344aa653ab0d8e04cc5156
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
ageoC5iQm2VCU3zQNIP4tKBdsvXxCqqYLGDtLum5KLrH+KN894mcQ3uXwxZAxBPNFM/CCT0OKibrVqs1wJmSKw==
date
Wed, 28 Apr 2021 02:31:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
page.php
www.facebook.com/v3.2/plugins/ Frame 00AA 		59 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a038881d961d91391d58e40d1885a61991217897d8970533fa9e2715d2f5effe
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
MJTTsaQaEKAB4nwYrwx1X2fEovz4EdW3t4PgZUD/ZnVVR1oCAX1X7Soj1wO4rK2wXi3FromLuBzVFjVex8axcg==
date
Wed, 28 Apr 2021 02:31:39 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
page.php
www.facebook.com/v3.2/plugins/ Frame 82DD 		59 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e7b88d82ae69b67aa09d6fe52b3a85e78ef66882f6ee8b80237aa43bddea121
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/;
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-encoding
br
facebook-api-version
v3.2
x-content-type-options
nosniff
vary
Accept-Encoding
pragma
no-cache
x-fb-rlafr
0
content-type
text/html; charset="utf-8"
x-fb-debug
L7qaQBe4flWT4z2t0yWQtBb68Wk14Tvb/QbOpxLpATRVgaTH5VC76bZ9O8GDU/ZjpYgpwJbHMwnTxCoDrs6+YQ==
date
Wed, 28 Apr 2021 02:31:39 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210422/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8022331377991686&plah=www.storm.mg&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Wed, 28 Apr 2021 02:31:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8DE2 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.storm.mg/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.storm.mg/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Tue, 27 Apr 2021 23:30:56 GMT
expires
Wed, 27 Apr 2022 23:30:56 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10843
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 8DE2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 10:03:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
59290
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Wed, 27 Apr 2022 10:03:29 GMT
idSync
sync.aralego.com/ Frame 06AD 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cm
c.holmesmind.com/ Frame 06AD 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 1E05 		27 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+7+6&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282&cb=1619577098779&SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&screenResolution=1600x1200&kdntuid=1&vwndh=360&vwndw=640&vwndurl=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-28%204:31:39&ranreq=0.6133673178893988&timezone=2&depth=0
Requested by
Host: vpaid.pubmatic.com
URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://www.storm.mg
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
ps3LEjFUMch.png
www.facebook.com/rsrc.php/v3/y4/r/ Frame 2008 		441 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y4/r/ps3LEjFUMch.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
zvtDy3b9rG77yqbExy+XySekFbTk4qJG1JZUzzSZEK/6dtH5Cu2ZiI+HXb8narw4S8VLyFNA92lsuHzk5XrxEQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
bIdClDVUx2JypSkH1jl0jQ==
date
Wed, 21 Apr 2021 16:18:25 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
441
x-fb-rlafr
0
expires
Thu, 21 Apr 2022 16:18:25 GMT
eqb-ZNc2NGv.js
www.facebook.com/rsrc.php/v3iUNC4/yq/l/zh_TW/ Frame 2008 		483 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iUNC4/yq/l/zh_TW/eqb-ZNc2NGv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 19:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XwJmHjvzygg3/8WCaBaY3A==
cross-origin-resource-policy
cross-origin
content-length
127881
x-fb-rlafr
0
x-fb-debug
q1rF6fOE3xAOl//xNbDvihFZow/Ms6VOLcsksNdEfZ/fkWdV6PFJv+KnRaHk5PVGVCJ3t0/izmsxP9Zi/n+mkw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 19:10:36 GMT
track
aktrack.pubmatic.com/ Frame 1E05 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=158683&s=724308&a=2996719&ts=1619577099&wa=0&e=95&vc=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
track
aktrack.pubmatic.com/ 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aktrack.pubmatic.com/track?operId=7&p=158683&s=724308&a=2996719&ts=1619577098&wa=0&e=96&ier=901
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
Connection
keep-alive
Content-Length
0
Content-Type
text/html
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 34D7 		400 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
MNNOaYJZSLPjY2kHjqhk5UAwMuquxlkQI94z7SsvsV2udKsSmjm69owjpy1qwtiRcyKFKFpr19PtmreXrvLAZQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
uF0RL4E+h23ClLQmPOTTMw==
date
Tue, 20 Apr 2021 21:39:51 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
400
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 21:39:51 GMT
eqb-ZNc2NGv.js
www.facebook.com/rsrc.php/v3iUNC4/yq/l/zh_TW/ Frame 34D7 		483 KB
125 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iUNC4/yq/l/zh_TW/eqb-ZNc2NGv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 19:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XwJmHjvzygg3/8WCaBaY3A==
cross-origin-resource-policy
cross-origin
content-length
127881
x-fb-rlafr
0
x-fb-debug
q1rF6fOE3xAOl//xNbDvihFZow/Ms6VOLcsksNdEfZ/fkWdV6PFJv+KnRaHk5PVGVCJ3t0/izmsxP9Zi/n+mkw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 19:10:36 GMT
cm
c.holmesmind.com/ Frame CAC6 		0
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame CAC6 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=0.0.8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:40 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
sSUppTT8x2r.css
www.facebook.com/rsrc.php/v3/yX/l/1,cross/ Frame 00AA 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yX/l/1,cross/sSUppTT8x2r.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
600f006a59554ebe5bdbdfc625a844b3c05c3cccac65b436d89ff4a7c83bd8c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 18:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LDJD2c/5igIebx6KALRYVw==
cross-origin-resource-policy
cross-origin
content-length
6097
x-fb-rlafr
0
x-fb-debug
nHzTsHfKoh91s/Ps0b2MV9imuGzarBxKssA4vG1omQ2TkZqkp29I8GqUBbcDINDAIzvwDabE5YDlQqkNeRowaw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 18:33:18 GMT
s42o5npKlRj.js
www.facebook.com/rsrc.php/v3/yM/r/ Frame 00AA 		272 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 15:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy
cross-origin
content-length
73923
x-fb-rlafr
0
x-fb-debug
wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 15:10:55 GMT
-T_3VWEC8Ch.js
www.facebook.com/rsrc.php/v3/yS/r/ Frame 00AA 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yS/r/-T_3VWEC8Ch.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b37b99b0ba27589ff83639f4ab1b922e9fcdf3e695456a3aab0e6004fdd49f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 21:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yIJfmpLhqviYATRcL7OHpQ==
cross-origin-resource-policy
cross-origin
content-length
19634
x-fb-rlafr
0
x-fb-debug
v/H+oSurC5bhyPcTCMI+Nu02JcZ50WvR7vkTG8RQ+Y6wFLQphLJkeq5yvDTqYh7RdBH8mVwNLJE7pUYgcHTjMQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 21:19:18 GMT
N1Ujot6efHX.js
www.facebook.com/rsrc.php/v3iUNC4/y5/l/zh_TW/ Frame 00AA 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iUNC4/y5/l/zh_TW/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
907473ae1c59053a37c78d628e47db2bb702d9ab37e9b4fe1cedcf308a1f16e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 06:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vGhW4fy3dKUfQYSNoRYkwQ==
cross-origin-resource-policy
cross-origin
content-length
36608
x-fb-rlafr
0
x-fb-debug
+5jf2mO9iOQIRPdpNNKGJbBExn7Fg2GiwQaUxAFCCyGvHmPcXKBeY1K80Q/X+1TSwYkDDl+aS01yvzxIhzH7pw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 06:24:47 GMT
oYH4_Q4OBVP.js
www.facebook.com/rsrc.php/v3/y3/r/ Frame 00AA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y3/r/oYH4_Q4OBVP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SNHyGmMRoqgA28EMocpyhA==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
content-length
1723
x-fb-rlafr
0
x-fb-debug
RHAzMWnFwFPh8Jma5wcShdxmcST0lztSwZxneJz3mK6Y3mlUbF72Otf24zCBCD/99ejjwxRRDERTV37CM2T5cA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 17:04:23 GMT
47400383_1159214187593623_8007626142938824704_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-0/p118x118/ Frame 00AA 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-0/p118x118/47400383_1159214187593623_8007626142938824704_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dd9801&_nc_ohc=nDdwUPtBBO0AX8FphrY&_nc_ht=scontent-ams4-1.xx&tp=30&oh=a7850a24c58b7193742027903b23c459&oe=60AF6E23
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8f1c4a187ecad5f36ded9b34e2df74303fad32252ef266f1b5436959090e958e

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
910081480
date
Wed, 28 Apr 2021 02:31:39 GMT
x-fb-trip-id
115442006
last-modified
Tue, 04 Dec 2018 03:41:14 GMT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1608425491
x-fb-config-version-olb-prod
1075
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24880
20914413_832614776920234_6806561011632614961_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 00AA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/20914413_832614776920234_6806561011632614961_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=gVNdyvfRitoAX9-ShoB&_nc_ht=scontent-ams4-1.xx&tp=30&oh=2d21c0618adb8d4ac76e173b3860f90e&oe=60B0513C
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bea01fd3b396828a23da917e402644c1faed8405b38539bf018dfcb071f797ef

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
1832086584
date
Wed, 28 Apr 2021 02:31:39 GMT
last-modified
Tue, 15 Aug 2017 08:21:04 GMT
content-length
2319
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3065724428
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
sSUppTT8x2r.css
www.facebook.com/rsrc.php/v3/yX/l/1,cross/ Frame 82DD 		26 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yX/l/1,cross/sSUppTT8x2r.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
600f006a59554ebe5bdbdfc625a844b3c05c3cccac65b436d89ff4a7c83bd8c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 18:33:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LDJD2c/5igIebx6KALRYVw==
cross-origin-resource-policy
cross-origin
content-length
6097
x-fb-rlafr
0
x-fb-debug
nHzTsHfKoh91s/Ps0b2MV9imuGzarBxKssA4vG1omQ2TkZqkp29I8GqUBbcDINDAIzvwDabE5YDlQqkNeRowaw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 18:33:18 GMT
s42o5npKlRj.js
www.facebook.com/rsrc.php/v3/yM/r/ Frame 82DD 		272 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 15:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy
cross-origin
content-length
73923
x-fb-rlafr
0
x-fb-debug
wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 15:10:55 GMT
-T_3VWEC8Ch.js
www.facebook.com/rsrc.php/v3/yS/r/ Frame 82DD 		63 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yS/r/-T_3VWEC8Ch.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b37b99b0ba27589ff83639f4ab1b922e9fcdf3e695456a3aab0e6004fdd49f9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 21:19:18 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
yIJfmpLhqviYATRcL7OHpQ==
cross-origin-resource-policy
cross-origin
content-length
19634
x-fb-rlafr
0
x-fb-debug
v/H+oSurC5bhyPcTCMI+Nu02JcZ50WvR7vkTG8RQ+Y6wFLQphLJkeq5yvDTqYh7RdBH8mVwNLJE7pUYgcHTjMQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 21:19:18 GMT
N1Ujot6efHX.js
www.facebook.com/rsrc.php/v3iUNC4/y5/l/zh_TW/ Frame 82DD 		128 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iUNC4/y5/l/zh_TW/N1Ujot6efHX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
907473ae1c59053a37c78d628e47db2bb702d9ab37e9b4fe1cedcf308a1f16e4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 06:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vGhW4fy3dKUfQYSNoRYkwQ==
cross-origin-resource-policy
cross-origin
content-length
36608
x-fb-rlafr
0
x-fb-debug
+5jf2mO9iOQIRPdpNNKGJbBExn7Fg2GiwQaUxAFCCyGvHmPcXKBeY1K80Q/X+1TSwYkDDl+aS01yvzxIhzH7pw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 06:24:47 GMT
oYH4_Q4OBVP.js
www.facebook.com/rsrc.php/v3/y3/r/ Frame 82DD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y3/r/oYH4_Q4OBVP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SNHyGmMRoqgA28EMocpyhA==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/;
cross-origin-resource-policy
cross-origin
content-length
1723
x-fb-rlafr
0
x-fb-debug
RHAzMWnFwFPh8Jma5wcShdxmcST0lztSwZxneJz3mK6Y3mlUbF72Otf24zCBCD/99ejjwxRRDERTV37CM2T5cA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Apr 2022 17:04:23 GMT
47112787_2256948617915446_152849515173380096_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-0/p118x118/ Frame 82DD 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-0/p118x118/47112787_2256948617915446_152849515173380096_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dd9801&_nc_ohc=zo5C4Yc3xCsAX8KPZsL&_nc_ht=scontent-ams4-1.xx&tp=30&oh=911fe51ac11909e27e647f9a6cb9bb3e&oe=60AF4CEA
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b1c1dc71ae19e72be281db4591c91a4a6c287568801cd3f6e74a1c08effb4157

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
960170531
date
Wed, 28 Apr 2021 02:31:39 GMT
last-modified
Tue, 04 Dec 2018 03:42:40 GMT
content-length
61896
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
546223820
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
20882039_1963079643969013_6034038728191404835_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/ Frame 82DD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p50x50/20882039_1963079643969013_6034038728191404835_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=XXkrLMCxW3QAX9rafsq&_nc_ht=scontent-ams4-1.xx&tp=30&oh=eced3dabb5cb804744bd1dbe2c7a1e29&oe=60ACA0E5
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f6697ddc03263e57623aeed99c6485c422509662f7d4cf7850d1fbbb92a39f5

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3404797434
date
Wed, 28 Apr 2021 02:31:39 GMT
last-modified
Wed, 16 Aug 2017 10:38:21 GMT
content-length
4084
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3195962953
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
showad.js
ads.pubmatic.com/AdServer/js/ Frame 196D 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=05B19AC1-F068-4226-95F7-1BB01DB299C8; chkChromeAb67Sec=1; DPSync3=1620777600%3A201_227_226_221; SyncRTB3=1620777600%3A21_13_161_7_220_54_56_3_71%7C1620864000%3A35; KRTBCOOKIE_27=16735-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&16736-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23019-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23114-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0; PUBMDCID=3; KRTBCOOKIE_336=5844-8932314486518883198; KRTBCOOKIE_391=22924-7002175123204593149&KRTB&23263-7002175123204593149; KRTBCOOKIE_377=6810-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&22918-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&23031-b015964d-4d16-42ed-9fd0-c7d670a54dd3; KRTBCOOKIE_57=22776-2773533202461637078; KRTBCOOKIE_80=16514-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&22987-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&23025-CAESEPtrsEDnWvTuuXRgqku-zuE; PugT=1619577098; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=75809
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Wed, 28 Apr 2021 02:31:39 GMT
Connection
keep-alive
Vary
Accept-Encoding
eqb-ZNc2NGv.js
www.facebook.com/rsrc.php/v3iUNC4/yq/l/zh_TW/ Frame 34D7 		483 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iUNC4/yq/l/zh_TW/eqb-ZNc2NGv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 19:10:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XwJmHjvzygg3/8WCaBaY3A==
cross-origin-resource-policy
cross-origin
content-length
127881
x-fb-rlafr
0
x-fb-debug
q1rF6fOE3xAOl//xNbDvihFZow/Ms6VOLcsksNdEfZ/fkWdV6PFJv+KnRaHk5PVGVCJ3t0/izmsxP9Zi/n+mkw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 19:10:36 GMT
lyJuTCgbODI.css
www.facebook.com/rsrc.php/v3/ym/l/1,cross/ Frame B66B 		29 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/ym/l/1,cross/lyJuTCgbODI.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d19493c330e56a04fedc833c0c387a8c9f80cf9d65b615e246651525db4a28d6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Apr 2021 19:57:20 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LqNVxp+HmEjXh1D1Bwq2Zg==
cross-origin-resource-policy
cross-origin
content-length
7291
x-fb-rlafr
0
x-fb-debug
9ABt9GtFlRjrpgRddFYuO2OhtjcAaBABPP4dhlJmFV7DeiDQwUWv6QzsBf9by5PAijr2A/mDDm9kWWNeF51DVQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 25 Apr 2022 19:57:20 GMT
FRAwJ-v_0Ni.css
www.facebook.com/rsrc.php/v3/yM/l/1,cross/ Frame B66B 		342 KB
95 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yM/l/1,cross/FRAwJ-v_0Ni.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6f684ad9ac1d482b0d11f2437e3d63a4acebbfa2fb756f8ca2b798d32eb3b52f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 01:29:06 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SFNslvwFVHzD8PQic40qrA==
cross-origin-resource-policy
cross-origin
content-length
96792
x-fb-rlafr
0
x-fb-debug
S1CyP5A4ULJnzwQsMz1j5AevoDIJDZwKdkutiwrkeO9iTLne3vB8BqSGoi5YnMaTcflphrgSs6uNShvEwto47g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 28 Apr 2022 01:29:06 GMT
tWLnH00NBXm.css
www.facebook.com/rsrc.php/v3/yk/l/1,cross/ Frame B66B 		54 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yk/l/1,cross/tWLnH00NBXm.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5f9604ba241a9186a1d888c8f0845279e34ae24e0a5f756781631714500f1ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 20:01:01 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HSe9M8xpuGqD6MmdQhfg8w==
cross-origin-resource-policy
cross-origin
content-length
10716
x-fb-rlafr
0
x-fb-debug
qxS7QLnDPE4OpxlQ+9Afdv2jAm5G+2ampQrfBSJvgJq6z6onakmkJuYrsT9wsG2PTjtqLnnchYl8WHy19I5v6A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 20:01:01 GMT
s42o5npKlRj.js
www.facebook.com/rsrc.php/v3/yM/r/ Frame B66B 		272 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 15:10:55 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy
cross-origin
content-length
73923
x-fb-rlafr
0
x-fb-debug
wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 15:10:55 GMT
Em5Bi_XZLvN.js
www.facebook.com/rsrc.php/v3i63m4/y8/l/zh_TW/ Frame B66B 		123 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3i63m4/y8/l/zh_TW/Em5Bi_XZLvN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b2c4a7d74ca722a3638e3b02a3f5feee21dda7253a3f339e02eec873ee0f267d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 02:05:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
D2mXLJE5nxj2H+ZBZIRAFw==
cross-origin-resource-policy
cross-origin
content-length
34774
x-fb-rlafr
0
x-fb-debug
KJmMO9l+DKgcpRM6e8h8ePLoe2B9HjeUM0wKhOt5HWVzjtUaDbtPpzgAmqNdMlpdjgoRgTpFPbXF4c+6rxWdFg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 02:05:37 GMT
rLnrYkBxuGJ.js
www.facebook.com/rsrc.php/v3/yt/r/ Frame B66B 		124 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yt/r/rLnrYkBxuGJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad8884af23d1d0339aaa04c27081e6c215e9de43158bfcd3cce29db743fb6246
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 05:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vsRHqgfD1xa9+xDx8W75HQ==
cross-origin-resource-policy
cross-origin
content-length
33468
x-fb-rlafr
0
x-fb-debug
bvDNwplfZ00gHF5YDtUFihZHTQH1HzE2SiGYac1am1d86TXnTfrHbvXwg7ltF2zRVURFwyuyH0Cl0Ubgn7kn5A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 05:20:30 GMT
hUPoqRk-K41.js
www.facebook.com/rsrc.php/v3itAj4/yL/l/zh_TW/ Frame B66B 		633 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3itAj4/yL/l/zh_TW/hUPoqRk-K41.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2db57ff8e674863ef794e35625e8725a53655efa1ed0d3263cd13ed3d26a8664
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jnuoxuZyofTBdGAjIZ9R7g==
cross-origin-resource-policy
cross-origin
content-length
155297
x-fb-rlafr
0
x-fb-debug
K9Fsoq2mg2MkPPiBQ6+XQdhhssoAMY40VYYduyV8at4KerBAUf2tgP54/9G24F+Shi/Fih0flN92bDgTiTbQqA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 23:28:59 GMT
A1rWxylyo94.js
www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/ Frame B66B 		563 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1440ce0d04e815a1d82cc8d51161b710caae5886e67f4cd6060b0766a5e3f02f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
z9usKxHt3eFo9ivdJivO0g==
cross-origin-resource-policy
cross-origin
content-length
133367
x-fb-rlafr
0
x-fb-debug
Ucd0XQz1ez5M8+lvFTvj7JPDLRFtkocDMmgA6r7wSHpu6S6LvKi4FpSCMP8mirjEjxVWP8ieqYKWZXrVGSmkCg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 00:45:42 GMT
QMsqRVBuhYq.js
www.facebook.com/rsrc.php/v3iqFQ4/yR/l/zh_TW/ Frame B66B 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iqFQ4/yR/l/zh_TW/QMsqRVBuhYq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98baf056584781a780f8b96b7b73404e988cd580eeefd725a9f6a4222ee8bf15
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 00:10:49 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8NjIMbVk7sD+ZLD/zbppPw==
cross-origin-resource-policy
cross-origin
content-length
11096
x-fb-rlafr
0
x-fb-debug
GLt6/p6Jwb2Di4jd2qI7ER7HzrJ3qx0HNEbLrvuisuAgisE/7T0wDQcYglVkCR5XzlZqipc+Ru7LhmW6pTmR0A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 00:10:49 GMT
0nrXoKXI_eA.js
www.facebook.com/rsrc.php/v3iCWZ4/yb/l/zh_TW/ Frame B66B 		648 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iCWZ4/yb/l/zh_TW/0nrXoKXI_eA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bfd3860a35bf35123d537967dd9e6f7f3681f294a5e03f72007a633bb421def
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 00:45:42 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Lnw9vq8XOeKTxAXnVmXhqg==
cross-origin-resource-policy
cross-origin
content-length
144771
x-fb-rlafr
0
x-fb-debug
fo3oPJij51kFehnr7FDSydriekpN/Ip7bV0MoMimmsoKWce2Im8nK/PiDYMLDZ5LQ9/fAZ1ZXJ6rtHSARYURbQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 00:45:42 GMT
etIETR2-uXi.js
www.facebook.com/rsrc.php/v3/yi/r/ Frame B66B 		117 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yi/r/etIETR2-uXi.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8adee86183717665f21cad5b21127c4a7db0740274df08f8693b01dee8b88376
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 21:52:03 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
01iKrytyq6fp03lX9J0aZg==
cross-origin-resource-policy
cross-origin
content-length
31729
x-fb-rlafr
0
x-fb-debug
ki+E/iLlI0JdroCsrclTSogoocXrTmcMmUWG6JbdKVeoPrq13TjIf9pN+/8XneA3ZGeecKhKRdiJS8i6zw+dig==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 21:52:03 GMT
Tv0ies4BLF9.js
www.facebook.com/rsrc.php/v3/ym/r/ Frame B66B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/ym/r/Tv0ies4BLF9.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c309217c2daf7b0d64662bc07c1081de1ba5e4b3cfd162d9508e140a1136063
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 17:43:40 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
RjmxWvTXgIMuNJSIBYcVqg==
cross-origin-resource-policy
cross-origin
content-length
1596
x-fb-rlafr
0
x-fb-debug
kxDTdyykEBTqt/ahVyUIFO36lKLPnzsW3DiHJZSgoZq+kr0seL6gCOUGuAOYmYxRJ+X3zMp3fFLMmRCJtDPhMg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 17:43:40 GMT
0tieSguTlGc.js
www.facebook.com/rsrc.php/v3ick14/yO/l/zh_TW/ Frame B66B 		640 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3ick14/yO/l/zh_TW/0tieSguTlGc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b01bd10b1795ae4fad4640ea623d1be24682573cb043563a7d4308c87910c1a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:28:59 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
e+SjT8to3E+HSyEQq1buqg==
cross-origin-resource-policy
cross-origin
content-length
146520
x-fb-rlafr
0
x-fb-debug
XpoH8pk/rFhvgrqXW/MFi/u5SwihSyYf1nQAag7LrVvdZrzWCIpTM/qWfeT/OnsHTEiWOLoayK/DT8oeim/qQA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 23:28:59 GMT
174435834_165626018806979_7113937195279960708_n.jpg
scontent-amt2-1.xx.fbcdn.net/v/t15.5256-10/p173x172/ Frame B66B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-amt2-1.xx.fbcdn.net/v/t15.5256-10/p173x172/174435834_165626018806979_7113937195279960708_n.jpg?_nc_cat=102&ccb=1-3&_nc_sid=08861d&_nc_ohc=D3RhtRdEp20AX9L1ACy&_nc_ht=scontent-amt2-1.xx&tp=6&oh=c34ec966cc16f789974bbe380b8c2fcf&oe=60ACB865
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:21:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
944703cc1ec95c7ce5304a3535ac7427f32da5901484f74702d47e79d4ef64e6

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3626916390
date
Wed, 28 Apr 2021 02:31:39 GMT
x-fb-trip-id
1425083115
last-modified
Mon, 26 Apr 2021 09:50:39 GMT
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
634820862
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
14101
20882039_1963079643969013_6034038728191404835_n.png
scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p40x40/ Frame B66B 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.18169-1/cp0/p40x40/20882039_1963079643969013_6034038728191404835_n.png?_nc_cat=1&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=XXkrLMCxW3QAX9rafsq&_nc_ht=scontent-ams4-1.xx&tp=30&oh=62b3f47069c375b5a250299463147fda&oe=60ADF9B7
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23d12999f000467999cbfde91b1773eb75b9811651d8fe4011a4efd060c84062

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3404797434
date
Wed, 28 Apr 2021 02:31:39 GMT
last-modified
Wed, 16 Aug 2017 10:38:21 GMT
content-length
2857
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3195962953
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
cavalry_endpoint.php
www.facebook.com/common/ Frame 2008 		67 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619577099362&t_start=1619577099362&t_domcontent=1619577099438&t_layout=1619577099577&t_onload=1619577099577&t_paint=1619577099577&t_creport=1619577099577&t_tti=1619577099438&lid=6956030675355878092-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v3.2/plugins/share_button.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3f1280e6b7fdc4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&layout=button_count&locale=zh_TW&mobile_iframe=true&sdk=joey&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
1d7izr/D7kg24/9Ez18rkjan4BZLGWiI4d5VCGd6xaGPYkDDqSP5yPTEIJupJoEzonfPmkU1zXq+UyLuBL61Zg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:31:39 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
3gKIw20zpPx.js
www.facebook.com/rsrc.php/v3/yc/r/ Frame 00AA 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 22:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy
cross-origin
content-length
5954
x-fb-rlafr
0
x-fb-debug
ADTO/ZQWImbJK+Gby3lT2NoZLsF2wZF2oWnkR2QZsePwomzuQ4ev0Eh/TQfyQNqr31DZTFVdcGyzldlgQ8QS1g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Apr 2022 22:38:07 GMT
JopZtdti8dq.js
www.facebook.com/rsrc.php/v3/y_/r/ Frame 00AA 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dff94ddbb1740dc%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fstormmedia&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy
cross-origin
content-length
2270
x-fb-rlafr
0
x-fb-debug
x3E1bSFwoqPvwnlWj5rGNb6vM7sLcuXeiF/dOiw6vAX0PlZhJltwt5afLjMT6gfY5biX2wbUnpcq+ecU5kP9xw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 10:03:27 GMT
cavalry_endpoint.php
www.facebook.com/common/ Frame 34D7 		67 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619577099419&t_start=1619577099419&t_domcontent=1619577099444&t_layout=1619577099742&t_onload=1619577099742&t_paint=1619577099742&t_creport=1619577099743&t_tti=1619577099444&lid=6956030675105309263-0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v3.2/plugins/like.php?action=like&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df93c2e3772246c%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fthejournalist&layout=button&locale=zh_TW&sdk=joey&share=false&show_faces=true&size=large
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
br
x-content-type-options
nosniff
x-xss-protection
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
o1msSgYzjeand1f3VVL1lhtlJWKzIu6sHuRIUBK3TAOJqoEZ7KpgZn30ClHpE5nWiOVf1c9R1k3rhNV9TjYBJg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 28 Apr 2021 02:31:39 GMT
strict-transport-security
max-age=15552000; preload
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
image/png
vary
Accept-Encoding
cache-control
private, no-store, no-cache, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
3gKIw20zpPx.js
www.facebook.com/rsrc.php/v3/yc/r/ Frame 82DD 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yc/r/3gKIw20zpPx.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 22:38:07 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
+WweuYtea66RPAEX0Vl2fg==
cross-origin-resource-policy
cross-origin
content-length
5954
x-fb-rlafr
0
x-fb-debug
ADTO/ZQWImbJK+Gby3lT2NoZLsF2wZF2oWnkR2QZsePwomzuQ4ev0Eh/TQfyQNqr31DZTFVdcGyzldlgQ8QS1g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 19 Apr 2022 22:38:07 GMT
JopZtdti8dq.js
www.facebook.com/rsrc.php/v3/y_/r/ Frame 82DD 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=false&app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18adbd1ffb8724%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=0&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife&locale=zh_TW&sdk=joey&show_facepile=false&small_header=true&width=300
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy
cross-origin
content-length
2270
x-fb-rlafr
0
x-fb-debug
x3E1bSFwoqPvwnlWj5rGNb6vM7sLcuXeiF/dOiw6vAX0PlZhJltwt5afLjMT6gfY5biX2wbUnpcq+ecU5kP9xw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 10:03:27 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 196D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=60226231&p=148803&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
27a7dc6cc013830178df5bcccfa687905e529de8454b1762efb551d0a4c4f69f

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
3vRI-J_FErh.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/ Frame 199E 		173 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/3vRI-J_FErh.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
24bfe71ebe171f665e83c3d5c30192b307a583d9c05cdb9d84b311cbceb2cdeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZdHfqESJ3YNt2AI4arwKuw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
27607
x-fb-rlafr
0
x-fb-debug
BLkg7Gti7UuT3AEMRYxX5M1+qlT8fSC0bKE207qZxPiJnBlLoiI1Qe+WhtyylYjSjacQWupq3Kgi0v7d+C7wOw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Apr 2022 18:04:50 GMT
of3W6kmxqoW.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/ Frame 199E 		127 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4d4f55e86aaaec67ff475cd585c6a8be05c07e1075ef07fe5bc3cc7fb476a76a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5C0vEFswqeawIJbK+UAQXQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20854
x-fb-rlafr
0
x-fb-debug
bgVwNUNZF2itHCqb8W+5IcNKYurdw/B3vrVYdyGPoxtbFEERRLlkCeEBi23+X3nr8qZxdePfnAGcKTiL0M8zhg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:27:27 GMT
s42o5npKlRj.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 199E 		272 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
73923
x-fb-rlafr
0
x-fb-debug
wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 27 Apr 2022 15:10:55 GMT
B5oe9mSZyw3.js
static.xx.fbcdn.net/rsrc.php/v3i63m4/yC/l/zh_TW/ Frame 199E 		156 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yC/l/zh_TW/B5oe9mSZyw3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8967d3c162eee5fc9e46d1bf74ac9f5dcaeac787d7f5d3bb90a94f85ea3f279b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
u6L9wnuQ1mk7INcGg2Otig==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44596
x-fb-rlafr
0
x-fb-debug
rFVZ+TAV7kb7Pbr8MYY5aWKGohohj2MRGMNgP7M6m0VJ24TvYh8nLygTAvvZfHMT/qJD6HNA3sgJoPFhNBcnBw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 06:24:57 GMT
yoh9mRMCKzZ.js
static.xx.fbcdn.net/rsrc.php/v3iAHa4/yG/l/zh_TW/ Frame 199E 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/yG/l/zh_TW/yoh9mRMCKzZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
106fffd94d1d8291649b3e1b11cb69d5114787f470c37030ab1970feb2d79bcd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
I+RMIFLM2pbxzsjXZej8+w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
11087
x-fb-rlafr
0
x-fb-debug
IUoU7z2h5BpBXIov6uPQ3igNZnk8kxhBEwyXa1ZWHR/84lnHI/JCdYUGRSKQ78dka85IhH9F3mt3koSDYaH0tg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 00:41:33 GMT
12d2c7VgQin.js
static.xx.fbcdn.net/rsrc.php/v3i2n64/y3/l/zh_TW/ Frame 199E 		1 MB
324 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i2n64/y3/l/zh_TW/12d2c7VgQin.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
708327e1b482f8d980aec658d3cb1dd18d60fe4629e24d17c3fdc63480f0d4bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uNSO99LRt1aX5CPDOBQ8fw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
331680
x-fb-rlafr
0
x-fb-debug
mgHdSw2iHcDb8FKAow3ooHC93D6mfn3ibhLKHitogpOQvG8IAlQK3hJ9RkvswCmm10DtmWdxihF19VBdR8W2kg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 22:35:54 GMT
LpAgiooQ2Qv.js
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 199E 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/LpAgiooQ2Qv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
810fd98b65b7fab1ebd27816f8409ef63cd341dee5e59766d694e002a49cafa2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GVXP9zCMEGxyu/K6PGxjvw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
10193
x-fb-rlafr
0
x-fb-debug
6mqUlNoXlsL7inNSMDZfqqrHy7s+wg9y6ewdQBzGM9Wo1vKWDavgOpfIjDoaMzk6p5KOtGBrOYA9CtRmhDWvoQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 26 Apr 2022 15:42:41 GMT
R-pDWyhQ5sl.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 199E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/R-pDWyhQ5sl.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e48542bb490c1f521178a7be1a31ec70ad2540e5e0acc08624c6808e07b5d06
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:39 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5i44pik56+A0WlJSqb+i1Q==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2063
x-fb-rlafr
0
x-fb-debug
4WOoifkw2ir+3uT4w+raqoDbkI1Uddpi01B8JMOApJ20gigvH/AXV+CiPHuE5YFrBfco65D+qCTIz6mD6GIicQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 26 Apr 2022 15:42:41 GMT
MHvFd5tXR93.png
www.facebook.com/rsrc.php/v3/yA/r/ Frame B66B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/yA/r/MHvFd5tXR93.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/1,cross/FRAwJ-v_0Ni.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee6a1f8a9fbaf5f4a1077ac8c06a18610228e04657ef9d4b4332811a3da46dbc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yM/l/1,cross/FRAwJ-v_0Ni.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
Cx586tzljnHw5MPrY/DyeTlJCrA2UcE0GRRdgUfTdQn9SdnTnfooUQqMU4CU7BSTkOiA7UvFOvD+68hhyqqU7g==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
F54Fojnkh8BkkX/xrkR8sQ==
date
Mon, 19 Apr 2021 19:49:09 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
content-length
2539
x-fb-rlafr
0
expires
Tue, 19 Apr 2022 19:49:09 GMT
NiRYaJ0mEAz.png
www.facebook.com/rsrc.php/v3/y_/r/ Frame B66B 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/NiRYaJ0mEAz.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/l/1,cross/FRAwJ-v_0Ni.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
051f7367648534d1f6b175f939f9ee2e4cb60c3964e35ae4823b20be2f82a04e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/rsrc.php/v3/yM/l/1,cross/FRAwJ-v_0Ni.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
9QzK6wghUU8um7+Xbdwkm/fqqyT8W68DAf0ZSFih+bxwTP6mHc0bL6X7SFGAIW7EpXOD7gVpye1G7FVDHJ5tBQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
etxjUkRsSy20bCVMQc/zHg==
date
Sat, 24 Apr 2021 17:52:44 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
6776
timing-allow-origin
*
priority
u=3,i
x-fb-rlafr
0
expires
Sun, 24 Apr 2022 17:52:44 GMT
match
c1.adform.net/serving/cookie/ Frame 36AE 		35 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=05B19AC1-F068-4226-95F7-1BB01DB299C8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=05B19AC1-F068-4226-95F7-1BB01DB299C8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=7002175123204593149
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 28 Apr 2021 02:31:40 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=7002175123204593149; expires=Sun, 27 Jun 2021 02:31:40 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 3DE0
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6956030677851764880
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6956030677851764880
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=05B19AC1-F068-4226-95F7-1BB01DB299C8; KRTBCOOKIE_27=16735-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&16736-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23019-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23114-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0; PUBMDCID=3; KRTBCOOKIE_336=5844-8932314486518883198; KRTBCOOKIE_391=22924-7002175123204593149&KRTB&23263-7002175123204593149; KRTBCOOKIE_377=6810-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&22918-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&23031-b015964d-4d16-42ed-9fd0-c7d670a54dd3; KRTBCOOKIE_57=22776-2773533202461637078; KRTBCOOKIE_80=16514-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&22987-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&23025-CAESEPtrsEDnWvTuuXRgqku-zuE; PugT=1619577098; chkChromeAb67Sec=2; DPSync3=1620777600%3A201_227_226_221_219_197_232%7C1619654400%3A174; SyncRTB3=1620777600%3A3_71_165_21_13_220_81_55_99_8_166_22_161_7_54_56%7C1620432000%3A63%7C1620172800%3A2_15_223%7C1622160000%3A203%7C1620864000%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 02:31:39 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6956030677851764880; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:39 GMT; path=/ PugT=1619577099; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 02:31:39 GMT; path=/
X-lat
amspug012:0:381
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 28 Apr 2021 02:31:40 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6956030677851764880; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6956030677851764880
adx
match.prod.bidr.io/cookie-sync/ Frame 7CEB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFON1kwN0JFWklBQUN0RmZfZ2t0Zw&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.151.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Host
match.prod.bidr.io
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bito=AAN7Y07BEZIAACtFf_gktg; bitoIsSecure=ok
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache, must-revalidate
content-type
image/gif
Date
Wed, 28 Apr 2021 02:31:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
43
Connection
keep-alive

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
date
Wed, 28 Apr 2021 02:31:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
content-length
355
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge
cm.adgrx.com/ Frame 8A9D 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Wed, 28 Apr 2021 02:31:40 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 02C2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7328887421
  • https://sync.1rx.io/usersync/tradedesk/b015964d-4d16-42ed-9fd0-c7d670a54dd3
  • https://sync.targeting.unrulymedia.com/csync/RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Wed, 28 Apr 2021 02:31:41 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003&KRTB&17107-RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 02:31:41 GMT; path=/ PugT=1619577101; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 28-May-2021 02:31:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Tue, 27-Jul-2021 02:31:41 GMT; path=/
X-lat
amspug019:0:268
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Wed, 28 Apr 2021 02:31:42 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003%22%7D; path=/; expires=Thu, 28 Apr 2022 02:31:42 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-89d9e1c0-8694-49dd-8c47-29dfd53dad36-003
etag
RX89d9e1c0869449dd8c4729dfd53dad36003
/
pixel.onaudience.com/ Frame 196D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=05B19AC1-F068-4226-95F7-1BB01DB299C8
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=b015964d-4d16-42ed-9fd0-c7d670a54dd3&icm
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e865b87ac1a6f90ddc550133a0a5fd45
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e865b87ac1a6f90ddc550133a0a5fd45
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
146.59.148.16 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3181477.ip-146-59-148.eu
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Wed, 28 Apr 2021 02:31:41 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=e865b87ac1a6f90ddc550133a0a5fd45
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d7846088-c90a-4800-ad47-1cdea6aba8c0
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d7846088-c90a-4800-ad47-1cdea6aba8c0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:40 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 28 Apr 2021 02:33:17 GMT
Server
MT3 3660 495c301 master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=d7846088-c90a-4800-ad47-1cdea6aba8c0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 28 Apr 2021 02:33:16 GMT
/
loadm.exelator.com/load/ Frame 196D
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=71&buid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=&j=0
  • https://loadm.exelator.com/load/?p=204&g=71&buid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=71&buid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Wed, 28 Apr 2021 02:31:41 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=71&buid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=&j=0&xl8blockcheck=1
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=05B19AC1-F068-4226-95F7-1BB01DB299C8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7BXeyltE2uUg2cWvCvFtKbtvJZoIaGI-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7BXeyltE2uUg2cWvCvFtKbtvJZoIaGI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 01:59:53 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 28 Apr 2021 02:31:40 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-7BXeyltE2uUg2cWvCvFtKbtvJZoIaGI-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:40 GMT
X-lat
lhrpug017:0:462
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=p...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ddb2e56-3b2c-424d-aa89-30b83be18fa6&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ddb2e56-3b2c-424d-aa89-30b83be18fa6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:40 GMT
X-lat
amspug009:0:418
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7ddb2e56-3b2c-424d-aa89-30b83be18fa6&gdpr=&gdpr_consent=&gdpr_pd=
date
Wed, 28 Apr 2021 02:31:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2896681845941658827&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2896681845941658827&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
X-lat
amspug018:0:389
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2896681845941658827&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 28 Apr 2021 02:31:39 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIjJDAAAiThXagA4&gdpr=0&gdpr_consent=&_test=YIjJDAAAiThXagA4
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIjJDAAAiThXagA4&gdpr=0&gdpr_consent=&_test=YIjJDAAAiThXagA4
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
X-lat
amspug016:0:410
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619577100.346325,VS0,VE0
x-served-by
cache-hhn4025-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIjJDAAAiThXagA4&gdpr=0&gdpr_consent=&_test=YIjJDAAAiThXagA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5ce03fae-a4c2-41c2-947d-5d8340b2f23e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5ce03fae-a4c2-41c2-947d-5d8340b2f23e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:39 GMT
X-lat
amspug007:0:375
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:5ce03fae-a4c2-41c2-947d-5d8340b2f23e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Wed, 28 Apr 2021 02:31:40 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 196D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 28 Apr 2021 02:31:41 GMT
X-lat
lhrpug011:0:480
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:41 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 196D 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=05B19AC1-F068-4226-95F7-1BB01DB299C8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:40 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
10000000_167526308590770_2154051484895776849_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		296 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_167526308590770_2154051484895776849_n.webm?_nc_cat=110&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fNzUwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=iJa0Eu7ZYW4AX8NrS-N&_nc_ht=video-ams4-1.xx&oh=e0970a3afe6affcfc5de550d45bd0b21&oe=60ACDF69&bytestart=0&byteend=295
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90a54bf9bf31a81663d57ae10afe615d0e374bdf5c1dee0a5dad810642783800

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
x-fb-trip-id
115442006
last-modified
Tue, 27 Apr 2021 11:57:50 GMT
accept-ranges
bytes
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
296
10000000_167526308590770_2154051484895776849_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_167526308590770_2154051484895776849_n.webm?_nc_cat=110&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fNzUwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=iJa0Eu7ZYW4AX8NrS-N&_nc_ht=video-ams4-1.xx&oh=e0970a3afe6affcfc5de550d45bd0b21&oe=60ACDF69&bytestart=296&byteend=1653
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a0f462d377d7473f6cc79f8b9fe159cb3d0d080d12eb9853c39126de188fd861

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
x-fb-trip-id
115442006
last-modified
Tue, 27 Apr 2021 11:57:50 GMT
accept-ranges
bytes
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1358
10000000_167526308590770_2154051484895776849_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		576 KB
576 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_167526308590770_2154051484895776849_n.webm?_nc_cat=110&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fNzUwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=iJa0Eu7ZYW4AX8NrS-N&_nc_ht=video-ams4-1.xx&oh=e0970a3afe6affcfc5de550d45bd0b21&oe=60ACDF69&bytestart=1654&byteend=591454
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
05cf943c87a8e6d5370d3e16994ace550639aaea22840de579fe72735a146b10

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
x-fb-trip-id
115442006
last-modified
Tue, 27 Apr 2021 11:57:50 GMT
accept-ranges
bytes
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
589801
178528931_512370023459946_7698296819244865985_n.mp4
video-ams4-1.xx.fbcdn.net/v/t42.1790-2/ Frame B66B 		931 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t42.1790-2/178528931_512370023459946_7698296819244865985_n.mp4?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=d2GQce0wx14AX_gN5fK&_nc_ht=video-ams4-1.xx&oh=f1773422c9b38231d4198df917a3d892&oe=6088E90D&bytestart=0&byteend=930
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86fea9d75420afb5cbe16639c4de0abe59113070c1f9c4eedeea0cc5665a2030

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:40 GMT
x-fb-trip-id
115442006
last-modified
Mon, 26 Apr 2021 09:54:57 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3988547062
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
931
178528931_512370023459946_7698296819244865985_n.mp4
video-ams4-1.xx.fbcdn.net/v/t42.1790-2/ Frame B66B 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t42.1790-2/178528931_512370023459946_7698296819244865985_n.mp4?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=d2GQce0wx14AX_gN5fK&_nc_ht=video-ams4-1.xx&oh=f1773422c9b38231d4198df917a3d892&oe=6088E90D&bytestart=931&byteend=3302
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aeb4c60e6fc9b7c982125403412c5b6b5c3c9191f76928624d9d9e5f4ce18c68

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:40 GMT
x-fb-trip-id
115442006
last-modified
Mon, 26 Apr 2021 09:54:57 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3988547062
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2372
178528931_512370023459946_7698296819244865985_n.mp4
video-ams4-1.xx.fbcdn.net/v/t42.1790-2/ Frame B66B 		16 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t42.1790-2/178528931_512370023459946_7698296819244865985_n.mp4?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=d2GQce0wx14AX_gN5fK&_nc_ht=video-ams4-1.xx&oh=f1773422c9b38231d4198df917a3d892&oe=6088E90D&bytestart=3303&byteend=19944
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3iFvO4/y7/l/zh_TW/A1rWxylyo94.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c55309e5775a9176d08c5e7f8a4864e9bde39e645849c33b95ecbefb556fbc

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:40 GMT
x-fb-trip-id
115442006
last-modified
Mon, 26 Apr 2021 09:54:57 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3988547062
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
16642
JopZtdti8dq.js
www.facebook.com/rsrc.php/v3/y_/r/ Frame B66B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/y_/r/JopZtdti8dq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 10:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mTMNw9OoY8KLmzHcqJmeVA==
cross-origin-resource-policy
cross-origin
content-length
2270
x-fb-rlafr
0
x-fb-debug
x3E1bSFwoqPvwnlWj5rGNb6vM7sLcuXeiF/dOiw6vAX0PlZhJltwt5afLjMT6gfY5biX2wbUnpcq+ecU5kP9xw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 10:03:27 GMT
dOE9wYDaocS.js
www.facebook.com/rsrc.php/v3i22j4/yN/l/zh_TW/ Frame B66B 		135 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3i22j4/yN/l/zh_TW/dOE9wYDaocS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ae28ac4318b3829f561eb13fb7cde9d0bb280983d99c22327012688d45d5a386
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:29:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
jYFSAbrebz/22JMMKsmvZw==
cross-origin-resource-policy
cross-origin
content-length
30489
x-fb-rlafr
0
x-fb-debug
b69iiymPxfHdgO2gJoQ1ClfGyDN9qj5xC1fUxPEUHuroXTwEb/zOg4W3xD9uYBNdKNYrByUN0YXdVY/D+ennMg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 23:28:59 GMT
MF4YBUF0gDq.js
www.facebook.com/rsrc.php/v3/yS/r/ Frame B66B 		288 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4d756f067f92d30668347dfc74d622202bc3a9af95794ec0b1f8bd550136a47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SQM1Uc+PU301xq8kGVC3yg==
cross-origin-resource-policy
cross-origin
content-length
60686
x-fb-rlafr
0
x-fb-debug
KzBEWU1jWTHS9/6vPqwETbmPgTeISyr5PA094mmVz4ikq+jZ/HQRevn3hICbyY5E9SodvfRC80SuRp2REhkv1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 23:45:30 GMT
dOvZK0-au6X.js
www.facebook.com/rsrc.php/v3i0tr4/yl/l/zh_TW/ Frame B66B 		2 MB
300 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3i0tr4/yl/l/zh_TW/dOvZK0-au6X.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d940f569e51eadb2116a783fa6af03530da7d2ffcc0f094f9ae6b74de4675f27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 23:29:00 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vCyUcWXfY9grhq2LQ0lKwg==
cross-origin-resource-policy
cross-origin
content-length
306935
x-fb-rlafr
0
x-fb-debug
MNYV6XYhN0AyNNHeC3ltng9nmeXdf+QmIsvyjFJG4hwvkzApaVk36xctU9/FQ6fOSHvBMV3mSmLOH+jj49q6AA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 23:29:00 GMT
-mf0IjtUhF-.js
www.facebook.com/rsrc.php/v3/yx/r/ Frame B66B 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/yx/r/-mf0IjtUhF-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
798529ea81929c7a98926d29e4b43e358c0e680ffba893ddce453eb4c8a662c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 17:43:41 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZqZMHUo8HY19NCTAm7fxLw==
cross-origin-resource-policy
cross-origin
content-length
1286
x-fb-rlafr
0
x-fb-debug
P+3ZtweWiEndHWxDi5EdeGlKuaXvruzjZKjQeXU7JCMSec6eeFPewE0DEHHn6fxmB/wBOuq7U/tww9lTAiaekA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Apr 2022 17:43:41 GMT
VkdToK8w9w4.js
www.facebook.com/rsrc.php/v3irFN4/yp/l/zh_TW/ Frame B66B 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3irFN4/yp/l/zh_TW/VkdToK8w9w4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
022c38164c9612b2f118fa128a5c54709fdb4d90bbd97cf26dd54e5085f7e49b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 19:19:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zGhJulSmBohB+vH9KaZKWw==
cross-origin-resource-policy
cross-origin
content-length
6112
x-fb-rlafr
0
x-fb-debug
vxGSbKilLrlFuhJHd0DertTI5dQw3CARoYQV7POzVbjsH65wNVYUNPAKCrf6btNduTsbv6SYDcuJysBr2Ur2Zg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 19:19:27 GMT
VRzSVH5iU-V.js
www.facebook.com/rsrc.php/v3/ye/r/ Frame B66B 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/ye/r/VRzSVH5iU-V.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 17:36:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xP9c/D1lFTvbdouj8XbBew==
cross-origin-resource-policy
cross-origin
content-length
2065
x-fb-rlafr
0
x-fb-debug
4D9A5ztIk+uPhzzixwn8fNyGSnVTY2gLNvJs1he3bzXn8hqVjhmU0ce7uAtU05urw+Wm4/c+Ot4I2QGDUSFrmg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Apr 2022 17:36:37 GMT
3LPwbZi54-1.css
www.facebook.com/rsrc.php/v3/ym/l/1,cross/ Frame B66B 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3/ym/l/1,cross/3LPwbZi54-1.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d5d4e4f472ddcc7a4ec22f00d7b892a5b61188eefbc84ce002dd2cc5c5ca1041
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Origin
https://www.facebook.com
Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 19:19:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qEOkWRBKhReLwf7XYKXMhw==
cross-origin-resource-policy
cross-origin
content-length
9826
x-fb-rlafr
0
x-fb-debug
WYCSNQaZ6gNu89KPaXvGbCHhHn5z/SZOE04eu1SmVGYnGU6+Kn/vkRDmGfkhOTAQyBsAShnqRnZ+uCrddhAp3A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 24 Apr 2022 19:19:26 GMT
4vSS-ujAKMP.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 199E 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/4vSS-ujAKMP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
Mp65TO6o26/cbBrjaplEgV4FXaSESpD/7vr43jHYs6QOiS3VZvYivuzsXbGMcZ1w+QQgmJFk632e3D2nq2fEYw==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
umwqwUgDRbunxPVSLaal0g==
date
Wed, 28 Apr 2021 02:31:40 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-length
52671
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
x-fb-rlafr
0
expires
Tue, 19 Apr 2022 22:38:10 GMT
odA9sNLrE86.jpg
static.xx.fbcdn.net/rsrc.php/v1/yi/r/ Frame 199E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v1/yi/r/odA9sNLrE86.jpg
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug
P3p8yKQ88AXJAL2YiOYgLlcD1PGbkOLJn7x2TBQ5okgphJwqh2C4twR/GYj0CKx/m4sFuXQREz2D1H30+qSaBA==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
8E8V7SJfv5OQxsrCIaL7hQ==
date
Wed, 28 Apr 2021 02:31:40 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1131
x-fb-rlafr
0
expires
Wed, 20 Apr 2022 22:37:35 GMT
57411771_2293844604005509_3335501220168073216_n.jpg
scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/cp0/p48x48/ Frame 199E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-ams4-1.xx.fbcdn.net/v/t1.6435-1/cp0/p48x48/57411771_2293844604005509_3335501220168073216_n.jpg?_nc_cat=107&ccb=1-3&_nc_sid=dbb9e7&_nc_ohc=kpt7d-xayEwAX9gVnIs&_nc_ht=scontent-ams4-1.xx&tp=27&oh=7c2af5510a2bb998dcd55e30ac3e7343&oe=60AEFB37
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=917307478388825&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df35969a81eecc58%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=820&height=100&href=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&locale=zh_TW&numposts=5&sdk=joey&version=v3.2&width
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
48f84528137aff4e6a4edd77b1a7411a67b3188a6579cd85575f48e67f0b20d8

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
3958817269
date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Sun, 21 Apr 2019 09:13:43 GMT
content-length
1683
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1571675333
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
finance_data20210428.json
resources.storm.mg/ 		1 KB
888 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resources.storm.mg/finance_data20210428.json
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
593960f2bab85e8957e7c0a6397454a3565511b5e86e0b72a1698509da74c838

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:42 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 02:31:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"9646949992d8add0d440227a6de3cdd4"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
x-cache
RefreshHit from cloudfront
x-amz-cf-id
_GDCUm8wmU9EXdmPR2rv_TF4ncPXYk5BGjNxNqZ0hl3VIEv0At9Ysg==
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
showad.js
ads.pubmatic.com/AdServer/js/ Frame 7334 		38 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js?
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js?
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=05B19AC1-F068-4226-95F7-1BB01DB299C8; KRTBCOOKIE_27=16735-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&16736-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23019-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23114-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0; PUBMDCID=3; KRTBCOOKIE_336=5844-8932314486518883198; KRTBCOOKIE_391=22924-7002175123204593149&KRTB&23263-7002175123204593149; KRTBCOOKIE_377=6810-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&22918-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&23031-b015964d-4d16-42ed-9fd0-c7d670a54dd3; KRTBCOOKIE_57=22776-2773533202461637078; KRTBCOOKIE_80=16514-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&22987-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&23025-CAESEPtrsEDnWvTuuXRgqku-zuE; repi=1; chkChromeAb67Sec=2; DPSync3=1620777600%3A201_227_226_221_219_197_232%7C1619654400%3A174; SyncRTB3=1620777600%3A3_71_165_21_13_220_81_55_99_8_166_22_161_7_54_56%7C1620432000%3A63%7C1620172800%3A2_15_223%7C1622160000%3A203%7C1620864000%3A35; KRTBCOOKIE_1101=23040-6956030677851764880; KRTBCOOKIE_153=1923-xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs&KRTB&19420-xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs&KRTB&22979-xOXWX5Hs3gTf54gFw7PDBJbjiwTf4t5ekbQKGyBs; KRTBCOOKIE_22=14911-2896681845941658827; PugT=1619577099; SPugT=1619575193; KRTBCOOKIE_218=22978-YIjJDAAAiThXagA4&KRTB&23194-YIjJDAAAiThXagA4&KRTB&23209-YIjJDAAAiThXagA4&KRTB&23244-YIjJDAAAiThXagA4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js?

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=75808
Expires
Wed, 28 Apr 2021 23:35:08 GMT
Date
Wed, 28 Apr 2021 02:31:40 GMT
Connection
keep-alive
Vary
Accept-Encoding
10000000_473918523949382_5054646191273428722_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_473918523949382_5054646191273428722_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fMjEwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=lcLNs-6hVW8AX_eB9DQ&_nc_ht=video-ams4-1.xx&oh=0a2239bd6f34f26efdf98338e9f2262b&oe=60B03C3C&bytestart=296&byteend=1611
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5953b6c652265db6196b77138539367ee4da734184b0ff80a9855b1ccee998f3

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 18:21:16 GMT
accept-ranges
bytes
content-length
1316
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1086
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_473918523949382_5054646191273428722_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		296 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_473918523949382_5054646191273428722_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fMjEwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=lcLNs-6hVW8AX_eB9DQ&_nc_ht=video-ams4-1.xx&oh=0a2239bd6f34f26efdf98338e9f2262b&oe=60B03C3C&bytestart=0&byteend=295
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
70a572929ff96ff9c355daa13de6f085510c4a43bd422d04d753ee10333fb11b

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 18:21:16 GMT
accept-ranges
bytes
content-length
296
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1086
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=294&byteend=1609
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e395d9052060c3693d657ab1c40cdaa141d7f59c10aea528612ea577d2c1c726

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-length
1316
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		294 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=0&byteend=293
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
845b1689c510a51583bd9e8e4ec701e1aa020a749e9aadb21c4dba848c349e92

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-length
294
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_2888059678102353_6991794798916675198_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_2888059678102353_6991794798916675198_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fNDAwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=m2Gr_8zw91MAX-ZDJfs&_nc_ht=video-ams4-1.xx&oh=b31426ebeb7088d3d94024b4ca26b07f&oe=60AF01DA&bytestart=296&byteend=1621
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fa01d7e9fe05d9bc68afb93f07f87812a4171bba0e2d4d4f2ac03c5d14e851d6

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 19:46:21 GMT
accept-ranges
bytes
content-length
1326
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_2888059678102353_6991794798916675198_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		296 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_2888059678102353_6991794798916675198_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fNDAwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=m2Gr_8zw91MAX-ZDJfs&_nc_ht=video-ams4-1.xx&oh=b31426ebeb7088d3d94024b4ca26b07f&oe=60AF01DA&bytestart=0&byteend=295
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7163232324080480c678b35baef5b5bcb2010ffbe633548b0579b0f984a33930

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 19:46:21 GMT
accept-ranges
bytes
content-length
296
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
10000000_283823566748078_5197661983116861538_n.webm
video-amt2-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-amt2-1.xx.fbcdn.net/v/t39.25447-2/10000000_283823566748078_5197661983116861538_n.webm?_nc_cat=102&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fMTUwMGtfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=a4MpwIscxkEAX-vlpfO&_nc_ht=video-amt2-1.xx&oh=628fe36666f0ed1d4c784d915c9c3415&oe=60AFA5DC&bytestart=296&byteend=1671
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:17:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
279e8af4c355de46dcb5f8c9b82531c0ab8fc0bd547c407bb53e010da77a6e0e

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:41 GMT
x-fb-trip-id
1425083115
last-modified
Tue, 27 Apr 2021 17:21:40 GMT
accept-ranges
bytes
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1376
10000000_283823566748078_5197661983116861538_n.webm
video-amt2-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		296 B
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-amt2-1.xx.fbcdn.net/v/t39.25447-2/10000000_283823566748078_5197661983116861538_n.webm?_nc_cat=102&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fMTUwMGtfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=a4MpwIscxkEAX-vlpfO&_nc_ht=video-amt2-1.xx&oh=628fe36666f0ed1d4c784d915c9c3415&oe=60AFA5DC&bytestart=0&byteend=295
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f006:17:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c1826cef9e999efd320d5d9a0cc05feba233ba65885558e4aceaf4b088cb12ef

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:41 GMT
x-fb-trip-id
1425083115
last-modified
Tue, 27 Apr 2021 17:21:40 GMT
accept-ranges
bytes
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
296
10000000_167526308590770_2154051484895776849_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		296 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/10000000_167526308590770_2154051484895776849_n.webm?_nc_cat=110&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fNzUwa19mcmFnXzJfdmlkZW8ifQ%3D%3D&_nc_ohc=iJa0Eu7ZYW4AX8NrS-N&_nc_ht=video-ams4-1.xx&oh=e0970a3afe6affcfc5de550d45bd0b21&oe=60ACDF69&bytestart=0&byteend=295
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90a54bf9bf31a81663d57ae10afe615d0e374bdf5c1dee0a5dad810642783800

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:40 GMT
last-modified
Tue, 27 Apr 2021 11:57:50 GMT
accept-ranges
bytes
content-length
296
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-fb-config-version-olb-prod
1085
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178528931_512370023459946_7698296819244865985_n.mp4
video-ams4-1.xx.fbcdn.net/v/t42.1790-2/ Frame B66B 		79 KB
79 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t42.1790-2/178528931_512370023459946_7698296819244865985_n.mp4?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=d2GQce0wx14AX_gN5fK&_nc_ht=video-ams4-1.xx&oh=f1773422c9b38231d4198df917a3d892&oe=6088E90D&bytestart=19945&byteend=101220
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1983fddbd482269dee6656f3d92b12eb47d0c189daa938e0cbcac639ea38ab00

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:41 GMT
last-modified
Mon, 26 Apr 2021 09:54:57 GMT
content-length
81276
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3988547062
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210422&jk=2656981039981739&bg=!ERKlElbNAAZUuIlwVLg7ACkAdvg8Wj4nHWocWsuUk37VQM1h9eEn-F3kUsNuIGIOmYpFUATjRnydPAIAAAKPUgAAAfRoAQcKALbHJsc0iHJBfNj6gSTeUsajnoxPB6HjnFHEKD0mFA2k70r0tmtRkCwbnEngYgkgsdenNe4lNX3U1g--R4DQT-1CodSFcDhVkDVSyJWImWx5JKGXUhQdtzmshGuLqg_rq1wq_TMlC_M-L8KNbLoZuU9YtXIO8KMbHcJlmWH4fOmGGmEhRNDurzKFavp1rktgW1chuwTDgF_ecMqNSTQPxCC5I42zWoHjnncLKIHm_NC5h_i9fLI0PJkCG-CiXSbiY1eukmRcJLtTwhIU1l_EdnA7sodMpqm8lcit6_YbBnGL70f0T2bc0RL_wBQSpO4P6AddILZXi4o1WbWMqlVJequjJFyHUCIYkhwEbdhN00-hfQqf5rf7sBldIqIjQwmgnkYLABVyRalPKMEYxbHf1cS3Yx4l0wKEwwMGsJPGbh8mwB_5t_2LL_rJ_393Qx4zT79zEcs5fRZ3L7GLuvvLSU9D9icGRWR4fV5QyPRj3l0w4YGjokTPyDoG-fy6bzSpA8NJD4hPXHPty6sNuuO2Dr9oK_fuGTRPab2KNAY4OYf71UwiOkHhCjlItCNuYX2qndqG4fK-La6xRBO3h_pE5VxB_Kr4SShPizSWfEqyG4S1PC3VwIKNY3tLEiqEL8qw6OgOvPKXxvBzKi-zHK9QDr5odC_19CuI5badFVbbSU3kwUmXzdIe6f8i486N8sfkc2xwr0oUuSU31bSRw4h0tIzcXfL0AMB3T9kUd5u0aTPN49zm-MZFoOwmybNBw-zfaxlu_VlAGHffPqmQMAohjETbQu-2BiF97moowCHsAj_9dUgnwK7GHxOZVaOyK-QFb-JTgswEEhRUgGgwc3avzdcu6X6C5afF5GpGDrL4Hxle5Y55cS9lb0sJ2kO3CYXRiY44_Gy-pvZYnMOhfumj8_4DuiXtw2kfBHrQQU7UEOsmykjywvpSuPUblfJIW-W0pUlbelov
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Apr 2021 02:31:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4F7A 		0
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158683&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection
close
Date
Wed, 28 Apr 2021 02:31:39 GMT
Content-Encoding
gzip
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-cache
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
/
www.facebook.com/video/unified_cvc/ Frame B66B 		289 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/video/unified_cvc/
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3i63m4/y8/l/zh_TW/Em5Bi_XZLvN.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5344d8e33b963fb6a166cea5676f42a49d90102bb7a25a67d0f9fe5fa58f0854
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.facebook.com/v3.2/plugins/video.php?app_id=917307478388825&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2efd39022bea4%26domain%3Dwww.storm.mg%26origin%3Dhttps%253A%252F%252Fwww.storm.mg%252Ff1786ccf76c08cc%26relation%3Dparent.parent&container_width=300&href=https%3A%2F%2Fwww.facebook.com%2FSMediaLife%2Fvideos%2F165624278807153%2F&locale=zh_TW&sdk=joey
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
EieNw7v8I5O6hGj7NwcJXXU9tQvaUGNwC+OsKlXQyF7TJaV92FbsE9d7pyZS6HD9Xa/mEAasXrgK81RWXqhScA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 28 Apr 2021 02:31:41 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
vary
Origin, Accept-Encoding
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
access-control-expose-headers
X-FB-Debug, X-Loader-Length
178528931_512370023459946_7698296819244865985_n.mp4
video-ams4-1.xx.fbcdn.net/v/t42.1790-2/ Frame B66B 		96 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t42.1790-2/178528931_512370023459946_7698296819244865985_n.mp4?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=d2GQce0wx14AX_gN5fK&_nc_ht=video-ams4-1.xx&oh=f1773422c9b38231d4198df917a3d892&oe=6088E90D&bytestart=101221&byteend=199240
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
59f7a3856fb87c8c4b6d3fd11390922a2c23ee7a0ca450a692f3e83535fcf772

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:41 GMT
last-modified
Mon, 26 Apr 2021 09:54:57 GMT
content-length
98020
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3988547062
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		294 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=0&byteend=293
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
845b1689c510a51583bd9e8e4ec701e1aa020a749e9aadb21c4dba848c349e92

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:41 GMT
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-length
294
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		62 KB
62 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=73143&byteend=136521
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc27dcde41491d9b559ff86ef7cdfd5869ebc5fa12f959aa364da9d556f3b1be

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:41 GMT
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-length
63379
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		120 KB
121 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=136522&byteend=259911
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9edfd2a5e17e6ee7eb4fe601deb9d3dc07395918e072f3dd0dd051453700e3e1

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:41 GMT
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-length
123390
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		108 KB
108 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=259912&byteend=370054
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c713eda88a6bec9c1d66a8a2111e06772a8dbd537f12f0bea9d7885e613b4bcc

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:41 GMT
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-length
110143
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=BE&cos=Windows&r=www.storm.mg&rs=www.storm.mg&sid=79763&t=1619577093&cip=82.102.19.136&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=5e60bfad28a0610ba100c7c4&test=&aafaid=&proto=https&uid=1619577093524-930871975591-006828-001-004658&cha=0.7&cb=38038100725&d9=1000&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e60bfad28a0610ba100c7c4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.163.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 28 Apr 2021 02:31:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
178528931_512370023459946_7698296819244865985_n.mp4
video-ams4-1.xx.fbcdn.net/v/t42.1790-2/ Frame B66B 		96 KB
96 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t42.1790-2/178528931_512370023459946_7698296819244865985_n.mp4?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=d2GQce0wx14AX_gN5fK&_nc_ht=video-ams4-1.xx&oh=f1773422c9b38231d4198df917a3d892&oe=6088E90D&bytestart=199241&byteend=297257
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e542a2c133b7f20f509f78fd557e701fcefba35e007df7c7ebe8f431761c4caa

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:44 GMT
x-fb-trip-id
115442006
last-modified
Mon, 26 Apr 2021 09:54:57 GMT
content-type
video/mp4
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3988547062
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
98017
finance_data20210428.json
resources.storm.mg/ 		1 KB
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://resources.storm.mg/finance_data20210428.json
Requested by
Host: www.storm.mg
URL: https://www.storm.mg/js/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
875c5de7a49dad97d2a7dc77b9e0b5d232da659fd6704181b33a35200707254c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.storm.mg/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 02:31:52 GMT
content-encoding
gzip
last-modified
Wed, 28 Apr 2021 02:31:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
W/"64ca8f65ac20768d3fdac1b331326187"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.storm.mg
access-control-allow-credentials
true
x-cache
Miss from cloudfront
x-amz-cf-id
Jpa4EDdE9iU71i0Dn2XT8L-TsbQyW21O0SesICFLpQxNpl3VzNg-Yw==
via
1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
178519288_306580724521177_742402693584503308_n.webm
video-ams4-1.xx.fbcdn.net/v/t39.25447-2/ Frame B66B 		112 KB
112 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ams4-1.xx.fbcdn.net/v/t39.25447-2/178519288_306580724521177_742402693584503308_n.webm?_nc_cat=1&ccb=1-3&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdnA5XzVzZWNnb3BfbWlucmVzX2hhbG9fOTVrX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=-kSHr68aHgUAX97h3gk&_nc_ht=video-ams4-1.xx&oh=5fb53d54a2a73ed09c6e922ce6b8bb4f&oe=60AE33E6&bytestart=370055&byteend=484828
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yS/r/MF4YBUF0gDq.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:a:face:b00c:0:1823 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f5c456d0121ea40c696d6c8410a7ff7e0c5870d907788a2e1c45ab40cce2094f

Request headers

Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
0
date
Wed, 28 Apr 2021 02:31:50 GMT
x-fb-trip-id
115442006
last-modified
Tue, 27 Apr 2021 18:48:49 GMT
content-type
video/webm
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
4133349032
x-fb-config-version-olb-prod
1085
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
114774

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.holmesmind.com
URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1619577093940&hb=1&ver=1.21
Domain
prebid.scupio.com
URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5963479174245616
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid
Domain
prebid.scupio.com
URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.9148129403534797
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/v1/prebid/bid

Verdicts & Comments Add Verdict or Comment

397 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 string| event object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| detect_mobile boolean| $is_ua_mobile boolean| $is_tablet boolean| $is_mobile boolean| $is_mobile_lg boolean| $is_ua_iOS string| $ua number| $window_width number| $window_height string| $user_browser object| dataLayer function| dable object| googletag object| ggeac object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots string| google_user_agent_client_hint string| content_group string| content_group_second function| getCookie number| $nodfp object| current_url_hash string| dfp_type object| gtpadslots object| gtpadslotsquick object| gtpadslotsidle boolean| $display_standard_dfp boolean| not_vip_show_dfp object| category_name string| StormTrackObject function| smg string| UnidataTrackObject function| unidata object| _bwtmdl function| bwtmOver object| OneSignal function| google_spfd number| google_unique_id object| google_sv_map function| fbAsyncInit string| check_n_hf undefined| body boolean| $is_index_category object| google_tag_manager function| postscribe object| google_tag_manager_external number| j object| GlobalSnowplowNamespace function| wolpwons object| FB function| dbljson1 function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired string| $page_type string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id object| _atrk_opts function| fbq function| _fbq string| id function| now function| hasOwnProperty object| adxTag object| google_tag_data object| Snowplow object| jQuery19105510811495686807 function| page_init function| getInternetExplorerVersion function| detect_browsers function| init_IE function| change_scrollElm function| set_slide_menu_height function| close_slideMenu function| fixed_nav function| mobile_nav function| popup_ad_impression function| show_popup_ad function| login_status function| login_status_after_ajax function| switch_top_carousel_autoslide function| breaking_news function| popup_server function| popup_server_loading function| popup_server_message function| htmlEncode function| floating_btn_position function| display_floating_btns function| close_search_bar function| search_keyword function| premium_flow_get_cookie function| paddingLeft function| init_stock_bar function| scroll_stock_bar function| init_takeover_ad function| init_list function| get_message_list function| thousandComma function| thumb_redirect_login string| article_is_restricted string| nid string| aid undefined| restricted_origin object| restricted function| IsJsonString object| TongWen string| toolbarId function| tot function| tos string| ua_lans string| ua number| msie undefined| ie_ua_lans undefined| lgs function| genetate_deep_link function| move_doms_mobile function| generate_live_video function| run_wait_counting function| move_idle_video function| show_idle_alert function| show_idle_dfp function| idle_vertical_middle function| close_idle_alert function| trigger_hidden_list function| insert_ads function| show_new7_popup function| fixed_header function| copy_url function| terms_agree function| get_short_url function| short_url_cookie function| scroll_to_donation_block function| related_article function| scroll_to_related function| detect_window_width function| getDableAds function| show_app_banner function| subscribe function| getSubscribeStatus boolean| is_premium_article undefined| article_nid undefined| csrf_token object| Laravel function| setImmediate function| clearImmediate object| gsapVersions object| intlTelInputUtils function| Vue function| webpackJsonp boolean| $is_submit boolean| $is_login boolean| $is_takeover_video_play boolean| $login_with_wsj number| $last_top object| $browsers number| $nav_height number| $popup_ad_cookie_hours number| $popup_ad_cookie_times number| $marquee_count number| $marquee_length object| $document object| $window object| $html_body object| $html object| $body string| $body_id object| $header object| $header_bottom_inner object| $container object| $footer object| $content_main object| $side_bar object| $side_bar_inner object| $search_funcBtn_wrapper object| $search_btn_header object| $search_bar object| $search_input object| $autocomplete_wrapper object| $autocomplete_inner object| $autocomplete_loader object| $autocomplete_content object| $autocomplete_content_default object| $main_nav_wrapper object| $main_nav object| $nav_list object| $mobile_menu object| $nav_funcbtn object| $slide_menu object| $slide_menu_btn object| $slide_menu_mask object| $slide_menu_content object| $slide_active_hidden_contents object| $popup_wrapper object| $popup_ad object| $member_btn object| $nav_member_btn object| $login_btn object| $nav_login_btn object| $login_btn_mobile_text object| $member_landing_wrapper object| $member_landing object| $author_donation_list_btn object| $popup_server object| $popup_server_inner object| $popup_server_loading object| $popup_server_message object| $top_carousel_split object| $floating_wrapper object| $lazy_load_dom object| $header_btn_mobile object| $header_dropdown_content boolean| is_msie number| $msie string| $browser_element boolean| is_chrome boolean| is_firefox object| $scrollElm undefined| $current_id object| $target_id number| $header_height number| $current_scrollTop number| $fixed_position number| $unfixed_position number| $slide_menu_height undefined| $smg_name_cookie undefined| $smg_member_crown_cookie undefined| $smg_member_premium_group object| lazyLoadOptions boolean| $is_init number| $content_size object| $donation_message_list object| $message_section_inner object| $message_loader object| $message_more_btn string| $content_id boolean| $is_wait boolean| $is_expand boolean| $is_show_new7_popup boolean| $is_emoji_show boolean| $relogin boolean| $is_video_clone number| $wait_time number| $lastScrollTop number| $font_size number| $load_page object| $date number| $ten_year number| $hour object| $font_size_btn object| $CMS_wrapper object| $category_cards_wrapper object| $popup_new7 object| $popup_idle object| $popup_idle_inner object| $new7_target object| $smg_live_video object| $sidebar_video_container object| $sidebar_module_video object| $sidebar_module_polls object| $sidebar_content_polls object| $article_bottom_target_video object| $article_bottom_target_polls object| $floaring_ad_wrapper object| $right_ad object| $bottom_ad_mobile object| $bottom_ad_pc object| $idle_video_target object| $app_download_banner string| $hashes number| $container_width number| $floatin_wrapper_pull number| $top string| $api_type string| $video_embed_id object| $related_link string| $related_link_title string| $related_link_url object| $related_link_copied object| $related_link_copied_target number| $wait_count string| $deep_link_url boolean| $is_iOS_greater_9_2 boolean| $is_android_greater_5_0_1 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| snowplow object| gaplugins object| gaData function| lintrk boolean| _already_called_lintrk function| _extends function| _typeof object| lazyLoadInstance function| LazyLoad function| onYouTubeIframeAPIReady function| atrk boolean| _atrk_fired number| eventid undefined| eventarg object| _bwq function| _bw function| dbljson2 object| Scupioads object| google_optimize function| asyncGeneratorStep function| _asyncToGenerator object| regeneratorRuntime function| bw object| aniplayerPos number| $content_length object| scupiosdk function| avPlayer object| storageAni object| closure_lm_887389 object| closure_lm_690131 function| dbljson3 object| closure_lm_629109 object| closure_lm_146000 object| closure_lm_726091 object| closure_lm_137305 object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PugT
Value: 1619577098
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&22918-b015964d-4d16-42ed-9fd0-c7d670a54dd3&KRTB&23031-b015964d-4d16-42ed-9fd0-c7d670a54dd3
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&16736-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23019-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0&KRTB&23114-uid:d7846088-c90a-4800-ad47-1cdea6aba8c0
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2773533202461637078
.pubmatic.com/ Name: SyncRTB3
Value: 1620777600%3A21_13_161_7_220_54_56_3_71%7C1620864000%3A35
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: DPSync3
Value: 1620777600%3A201_227_226_221
.doubleclick.net/ Name: IDE
Value: AHWqTUmmMk_gceRjack0VP66KkHuiOSr8iMgyykOzhUlrnMKzBzVJIYMrd0DOuC601E
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&22987-CAESEPtrsEDnWvTuuXRgqku-zuE&KRTB&23025-CAESEPtrsEDnWvTuuXRgqku-zuE
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8932314486518883198
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 05B19AC1-F068-4226-95F7-1BB01DB299C8
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7002175123204593149&KRTB&23263-7002175123204593149
.adnxs.com/ Name: uuid2
Value: 2773533202461637078

51 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js(Line 6)
Message:
The googletag.pubads().definePassback function has been deprecated. The function may break in certain contexts, see https://developers.google.com/publisher-tag/guides/passback-tags#construct_passback_tags for how to correctly create a passback.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+7+6&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323&cb=1619577095698
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&screenResolution=1600x1200&kdntuid=1&vwndh=360&vwndw=640&vwndurl=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-28 4:31:36&ranreq=0.07193621383793225&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:PM AdRequest Time: 0.847secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Ad Error Time: 0.849secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-info:Total Component Time since player call: 1.214secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577094323(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+7+6&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265&cb=1619577097669
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&screenResolution=1600x1200&kdntuid=1&vwndh=360&vwndw=640&vwndurl=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-28 4:31:38&ranreq=0.5681061098379767&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:PM AdRequest Time: 0.603secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Ad Error Time: 0.605secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-info:Total Component Time since player call: 0.746secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577097265(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Inside catch block, setting the value 1 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Finally, debug level set to 1
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - PM AD MANAGER RELEASE VERSION: 1.2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:VPAIDMain:handshakeVersion() - Player Version:2.0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:into initPreConfiguration method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Inside Logger.setDebugLevel to set the logger level.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Inside catch block, setting the value 2 received in the argument due to error:
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Finally, debug level set to 2
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:into initAd method
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+7+6&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282&cb=1619577098779
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Inside createQueryString() : QueryString created from adtag variables - SAVersion=2&inIframe=1&pageURL=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&screenResolution=1600x1200&kdntuid=1&vwndh=360&vwndw=640&vwndurl=https%253A%252F%252Fwww.storm.mg%252Flifestyle%252F3634588&vwndref=&vc=2&js=1&sec=1&kltstamp=2021-4-28 4:31:39&ranreq=0.6133673178893988&timezone=2&depth=0
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:PM AdRequest Time: 0.62secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Ad Error Time: 0.622secs.
console-api info URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-info:Total Component Time since player call: 0.84secs.
console-api error URL: https://vpaid.pubmatic.com/ads/video/PMAdMgr.js?adtype=13&pubId=158683&siteId=724308&adId=2996719&vadFmt=3&vapi=2&vminl=5&vmaxl=60&vh=360&vw=640&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vmaxbtr=1500&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&us_privacy=1---&kadpageurl=https%3A%2F%2Fwww.storm.mg%2Flifestyle%2F3634588&cbb=9577098282(Line 180)
Message:
pm-error:Invalid/Empty VAST Response from PubMatic Ad Server

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04d80e238d1025f8fc4d51158b2ab99f.safeframe.googlesyndication.com
1595e939843b8bf1b4a3324b9dba517a.safeframe.googlesyndication.com
5fa8e1420541ef0d974f5ba4594969b2.safeframe.googlesyndication.com
aa3f531f4d882b7290e791c0cacda595a.profile.phx50-c2.cloudfront.net
acdn.adnxs.com
ace-sync.toast.com
act.ds.kakao.com
ad.doublemax.net
ad.holmesmind.com
ad.turn.com
ad2.apx.appier.net
ads.adaptv.advertising.com
ads.pubmatic.com
ads.yahoo.com
adservice.google.be
adservice.google.com
adservice.google.de
adx.c.appier.net
adx.dable.io
ajax.googleapis.com
aktrack.pubmatic.com
analytics.ad.daum.net
analytics.google.com
api.dable.io
apn.c.appier.net
aud.pubmatic.com
banner-cfnetwork.cdn.hinet.net
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
c00781e3da26bee54d79c2ccd3c9dd07.safeframe.googlesyndication.com
c1.adform.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.viewdeos.com
certify.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d31qbv1cthcecs.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
hbopenbid.pubmatic.com
ib.adnxs.com
id.rlcdn.com
image.cache.storm.mg
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.dable.io
imasdk.googleapis.com
img.scupio.com
loada.exelator.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
mwzeom.zeotap.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel-api.scupio.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
player.aniview.com
player.viewdeos.com
polyfill.io
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px4.ads.linkedin.com
rec.scupio.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
resources.storm.mg
s0.2mdn.net
sb.scorecardresearch.com
scontent-ams4-1.xx.fbcdn.net
scontent-amt2-1.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
service-pvapi.storm.mg
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sp-api.dable.io
static.criteo.net
static.dable.io
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.targeting.unrulymedia.com
tag.1rx.io
tags.viewdeos.com
token.rubiconproject.com
tpc.googlesyndication.com
track.storm.mg
track.unidata.ai
track1.aniview.com
track1.viewdeos.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
vid.pubmatic.com
video-ams4-1.xx.fbcdn.net
video-amt2-1.xx.fbcdn.net
visitor.fiftyt.com
vpaid.pubmatic.com
ws.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.storm.mg
x.bidswitch.net
ad.holmesmind.com
ad2.apx.appier.net
prebid.scupio.com
103.132.192.30
104.111.225.233
104.111.230.142
104.117.200.100
108.174.10.14
115.88.123.125
13.209.165.138
13.224.106.110
13.224.106.119
13.224.106.33
13.224.51.212
13.32.21.3
142.250.185.98
146.59.148.16
15.165.227.126
151.101.114.49
159.65.196.12
162.210.196.208
169.50.137.190
172.104.121.22
178.250.0.165
178.250.2.146
178.250.2.151
18.156.0.31
18.176.63.232
18.179.248.189
18.195.54.133
185.29.135.233
185.59.220.193
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.75
185.64.190.78
185.64.190.80
185.64.190.81
192.96.200.41
2.18.232.130
2.18.233.180
2001:678:cb4:bbbb::11
202.39.143.235
203.133.167.207
210.59.219.175
210.59.219.180
210.59.219.31
210.59.219.34
211.231.100.211
213.155.156.164
213.19.147.42
213.19.147.45
213.19.162.51
2600:9000:206f:5600:1d:68e4:9700:93a1
2600:9000:206f:ca00:0:e06c:e940:93a1
2606:4700:10::6816:1857
2606:4700::6812:e134
2607:f8b0:4002:809::2003
2620:116:800d:21:f916:5049:f87f:108e
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2004
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:400c:c07::9c
2a00:1450:400c:c0a::9c
2a00:f48:2000:1023::3
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:296::25ea
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:bb19
2a02:fa8:8806:16::1370
2a03:2880:f006:17:face:b00c:0:1823
2a03:2880:f006:21:face:b00c:0:3
2a03:2880:f042:10:face:b00c:0:3
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f045:a:face:b00c:0:1823
2a03:2880:f142:82:face:b00c:0:25de
2a04:4e42:1b::621
2a04:4e42:400::621
3.123.110.9
3.219.93.236
3.221.134.89
3.35.111.161
34.234.163.11
34.96.119.68
35.201.76.93
35.201.96.126
35.244.174.68
37.157.3.30
37.252.172.250
51.75.146.160
52.11.78.200
52.210.189.83
52.28.254.214
52.48.151.83
54.178.71.123
54.78.254.47
54.95.42.61
65.9.66.80
65.9.66.82
66.155.71.149
69.173.144.165
69.173.159.35
72.251.241.204
77.243.60.138
85.114.159.118
99.86.2.29
01026883c36e63897d9df97cc68acdbc90410a50278d60165450a48d2238d007
011f65213dcc2dc9464f07a61c75125c3ef8061f37ca3921c4b6771421b4235b
0158605fb682a3ad8fa24a5c85517938fada7b1bd32bfa1ebb25327eb9d2b7c0
01a47da5ff270f45275a8e206f691137ed5be68ecc07f624c14a4c5553e4af45
022c38164c9612b2f118fa128a5c54709fdb4d90bbd97cf26dd54e5085f7e49b
027c3013857ef1841859edbc475b83a9aa6285d01cf771a8c24f83154fb32e05
034385d3ecf8a345dc53799aa76e9e600a8b321ab3fba473cd40f84cb68e30f8
0383d1b834f392c419a0ce8f5c5170836561e3644f9411964d7be2b5e7bf39bc
03b57ed1f944d098554c9de5c7ee93e167e0564d4a3b74233b53939ccc58d99d
03e69b8346e0fbb40d1c0d669e813b573d1517ba74f4db22e198a63d94188766
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
048d8ba1d0ba85dac69781e4bb5aa24cd344f61113ac093311df28c550741c4d
04b53924e054afe428a4482452f988f705775328c10a2e3432dfc95a4fd3a1fa
051f7367648534d1f6b175f939f9ee2e4cb60c3964e35ae4823b20be2f82a04e
05c7f3eb439f302c50256d83fd1e4077ba8d340af9da81754f2fe508cff4b434
05cf943c87a8e6d5370d3e16994ace550639aaea22840de579fe72735a146b10
06a46a74522d0403af3e4d8cfd87e21b3f4a23b81f0332fd2706fe0de66a1f2a
06ffed82c8f68117f46a399d7463f98916e6aec3cfc514aad30dd727e3f56c16
07e0b23c0678ed0d686efc05114548ecea6dcd2186c18df92a3254a864b5e179
07f5f2f66466d0a3765c3da154554f55dfebeef3b5c6fc67eabacfea839d9e4c
08541ee7fc91ef73f4de7db1230a539abbfbfb73d67dd118c3427ebe167fbed6
0960a5cb00e1f8f1934102cf94b63688f38bd747f7d951c8920f46744ccf8c3c
09e0498d34b2d12792bac483b39957e41b3b7212b01f8c43fed8865637037b63
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b64be60637c99c7e6b70899cc7308b4d217042290def4535e193bfb024cecc3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0badd1624b98fcec8556e69f7dbe63f29fe9df990ebe3b538f8154fdab2cb077
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0cf66004efc5cc420ff64e2efa55227a4dc404cdb6b66187d6642bad592f0dc8
0d02abe35c30d068129103f3ead44cc900290f8a64aa13419a6748a720153a50
0d3b3a3f34ffd3526eea2f77aebe34caa8e86c59002dfd89aa834b0986feeaa2
0d9b2a146a9b67885d54dedcefe722a8dbf4474d04a1c6df8d853fe782a72283
0d9f3d845fd24f8a8161da7c3d550ccee30980e52e4cecfacc09449d6731a248
0da7fc1ae23678b2872653962d147fcd1cbd0a5a9c8f84d44ae99bc581fd9062
0e2a6b78e1a5e0d3da06342efa10af3e0dc1f1abfb1dc3eb07b84b64184cb6cb
0e48542bb490c1f521178a7be1a31ec70ad2540e5e0acc08624c6808e07b5d06
0f783e92bc337bf9296313dfab3632ee0c4d2f63e989fd7b8b59b9975a0db9fd
106fffd94d1d8291649b3e1b11cb69d5114787f470c37030ab1970feb2d79bcd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
116f12bd4c52a2ef23e20d1855517c254b0af02eed3394efd71fe98541cbb586
11e0a199e41ad66919647c725de88700f8509a7a779aace9e2e6c1e4e132e860
11e5f6fcb0e9f167de2c70823137b29eab53c944c144a9e615ad0f92729db0ae
11f436a97bc0a6d6f2a7f171b8c1b89872e6af4d857af61db1c43235a5395ec0
12c555dd9feb86296b6e8ea8e8d03a373bc0dbc403800bb43d85de1bf6db1bf2
130a271a37e2485e80f277c813cdfb68a761f4e35d7b378e69c72ac6aab7ebca
1389babfb36c9e1ac183cae31e9969e934a85a548e569629927577874798fded
1440ce0d04e815a1d82cc8d51161b710caae5886e67f4cd6060b0766a5e3f02f
14454633f7fdcd13aa4d9e22443d4d508c0d80470d9c66e1c63fd3317fb28a45
14c0cf3877366a725f5b3d7096ac33979dadc47af37e757fb69005a976651e6f
156bdf38080c004b5bfd0c8ce46ed24740f5f38945369ac7d916782556860e69
1647efb75009be9d73fbc3a86b030fee31726537703fa762e01c6b50faabbe8d
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
17b988bc33e2b6c542f866ef473aaa3d20a9d4536a1ca636c061c5011a5ac5a1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1817454b4d24a71e5f7d419c298a3bac9c08d832b99900059bd6ab86b648bcc4
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa
18462eef1587a0d71d8c0f200753595708bf3a16e025142217472460a37edfad
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1983fddbd482269dee6656f3d92b12eb47d0c189daa938e0cbcac639ea38ab00
1a0ea87a3db6a51a139d6715810e32d48c6e89fc4e32cfc07ebaa13cf8b2b9ed
1a12eed3b9ceec96109aa7fb93c6647be2bf0153cdf8e5471e60371e2fbb45be
1a560aea80556ea47e9dcb6fcb80e0cb1243a63ae13cc2b2c01a74a2aecce71c
1b8d76df01f625c7664ded13227bc8aa61fa8065164b513ddd251d015bbd514d
1c2bbeefd7521fe2c51f0a277af305d3e95bc4a08213e6fa3f6e6eecf5bc319b
1c9f0cd222b8239deec86df1f482ea73866e23db590fd2334fd1145ee4f8a532
1d938720aaf6d016c860c53d8842628dedd7196dae458d9da48103ec114e1846
1e098854824b451813a520296891fb4812308917ad015e3303fc169c7bf7ef64
1efcfc65a4423dfe5ba0ed5b191a0fdb4e8bc19d3139ccee7240dd00ed27d209
1f2e28d35b7d608a3d098d5ecac6bcd4d892c79eb0f6f9c4684b8adb1dd63191
1f83c6e3eac9d41d51bc8e3b63f353ea889cc70b9938e2f701719aef80bf8528
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
216048dc3bdd248cd52a95707dac476c5db642dec3c52dbf5687b10619776bed
23a57e9dd3af1dab2159fcec6163290475a1053ae39861177db8fbafe77a32dd
23d12999f000467999cbfde91b1773eb75b9811651d8fe4011a4efd060c84062
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2419c33f4c493d40a3be87a124ff55e49ebb426c2165a424525418f33f02be75
244f7ca14e500da2db41b474f1ae53bfb4ae399c3d9e36d7e9608b3d808276c2
24bfe71ebe171f665e83c3d5c30192b307a583d9c05cdb9d84b311cbceb2cdeb
251991bbb69aceee7ddfc42109a8a3ed9df2bf7724db21bc3b048ff7643a2bc0
25b42b2e8792ff69c5e67b90ae7ec610405eaa1a1d17e2b32aa635dc1b993181
25cad4f681bb5aa3451c189db0377ada0f1d05a7d415047831bc02f8d53e0d2b
25fd4eed7ea1cdc3a1f73177caa53cc1209d0f9550492a4c2d5dd6024d179073
272510e0dafc3341dae1b3ad572d5f778cbc4507858ca30155433d3939250d24
27610c6febde0eab59f77460be3751d60ba33b1d7c4be656b8150a0320a6c818
278255d1afc1c4e47c4daaf0026b6fdd3218c6977029172f72f90c5f640aa9ed
279e8af4c355de46dcb5f8c9b82531c0ab8fc0bd547c407bb53e010da77a6e0e
27a7dc6cc013830178df5bcccfa687905e529de8454b1762efb551d0a4c4f69f
27cc3f2cff66cbe6eaca20b793b731b92f237e30c4caabe194ae9b9921ae0354
2812c4e6fb5db18c9a70640654c4bdb973427c4df56b96ec78bc1da5c6c443cf
2a7695bf1c26b3250de42c8ad42bc4e3abf7418876f76ad67bb58092c9244478
2ad824b925511af6f0bf109e7ed1362ddbd850acc44d545e8539017f1abb4bbf
2ada6a46c05d36ec3154aeac6ab2cac34563031441f1af2aabe59e107a64ef28
2c939157a9a046d7384b09965481ad73b41db5964782cd4a4efe84ff30fb94ed
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d02440e8d33ed422c8b81b46bcc4f98b8f34fd8bc76e61dec98ab379f5f913b
2db57ff8e674863ef794e35625e8725a53655efa1ed0d3263cd13ed3d26a8664
2db84904c133623cf6c14bbf915c09c4f3bf5b7456f80e6ea61b30a2cc8ede79
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb721e017921e69241b5bc831b9fa0a69b9d9e986911af1bdae3aec7d873d80
2f5da442d9e3c2f3fac68541006605f2d05906cb492847087abdabcc92233b97
2fcfd39f20f7a32027851d0f576f8ea303bbb124828bcbb09e2846f4496f7737
300df92095d6ff7978dcd182fe7dd96fd5a108797006ef95a0685aca6cf104e6
30abb66b6c9cc3e7a4c6eb0398a452d7b899d6f6e48cf85cd9df9fad14c21576
314c6b7c95012c5646ac120abbf788b1b2fca067dcb877a69596bbbeb380a8fe
31d52d16834e8b8c42cd19725d19a78de0841213640542e89781512630751beb
323b6be59631ba254bf462034e1fc43052c9bb820bf3c9be023bb0f3440604c0
32c787bb891e5830f3714a3284daec91cc3b1f229fed34f6378b96aae7099cd9
33151a71fe7134c6e14f52518d578a595c9704e620265d98be293dce7ffdcfbc
35adff49f4f7c4fa7112da10261ed1abecd865549fadc40690a4cc1f2e6bf832
35c358ecf54dc1f9ab11ffa976bbadf8c60708a1ea7aca23fb5fb01e852d8f6e
37184b5b0c26342b3e4182bb81377106d50067c096aa1b3ded2bd4739e3b5d82
381daba80d5e3f8b95875b65e5dee27786d6de343ccb6507342edec0e32688d6
38323e859973802ff3755a155f8ab5c6114591764e2c86aee07e7e8d50cad058
38865b5a217b514dd4dab8928c80964c0d608b499997609d54966f8a14677eb2
38c72a709b3af085038687f9093aab86aee4b99696e59edc38689ec6682a6f76
3a37d66d3140138e52fbd57f8fa1164bac0ce1fd049acb4e5b0b68b189c83938
3abdc1011d067b84984c846d4d22a1d3683afe4467f204b0b2c438f433e55ddb
3b01bd10b1795ae4fad4640ea623d1be24682573cb043563a7d4308c87910c1a
3b69d91eeaf5019d14f1d266869ca98ae3c7e54e281b22db656ab63f93c48cc0
3bad69264aefa45b3cf2c482d1e9de36e7a234292974a993f2469960d5756d22
3c4176795e7304f2d0373d2c3edad1600cab1a1a0e8b202c6cfe3e06c7466172
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
3d278d324065ab89c5eef315040c5084d97db20be44db41440980c99988b3cf1
3d598110de86401d953833ee95fd21d91990c7e7e5fc51e78aef6733d839a01a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f548f3aba9560e8889c5f16ee0dd5dd30ad706fbfa9cc1e346df2631f08aae3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
402f233f8c678f6fad6e917790e4752cdd8357ae1a6a9e0b140aa7ffa5b9469f
411706da515591bc27df3eed07581439bf5b7a37ef094f795ce3655e48299a82
415b7221c1d06088143ed2dd3af4fb7eb67c489b46e43eaca19a143c418dcc82
41e3b5da84b51e3034e355b7e9ccd5c263667bfed5d8905728d82a341f55e65a
4391e76b48e70dcb06afff7c4e2e21722a17e0f840c08e936249943cf637d57e
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
454188d1723ff7312116a31abd14303cdf7b05cff28effe73c570fbddeb6b332
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
46e2697ce2e42273d07c64936c62db3faa5ef8bd5c2b0e905eb371f7c53cf99b
4736abc878880e5e13b646bbd5b46e6470c91b2959c616a865af1f265928b621
473d6cbef21a937d77c2079ce0b78fa7541a806999be0138930060716aecef61
4813a05d0d0fb1efdaeb730c134af8a9bfcb824f1993cd66026af4fd50f4b492
482f7aadd7dbfec9f7d97f2ecce024dbc5e057c94acba64f2be497ba54c3eddf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f84528137aff4e6a4edd77b1a7411a67b3188a6579cd85575f48e67f0b20d8
496832b29c05d19987bcc3c825498d6d43edc8874026a9b5d5795ba9ce4bf7d3
49c4f1302ac326351a80eff5d040084b56945c308de229eb403648d085edcb5c
4bbab60f12d147ee4454b2e4aac9c5ca4c75f39910bd87540eaa40802ca55dc8
4bfd3860a35bf35123d537967dd9e6f7f3681f294a5e03f72007a633bb421def
4cbc4bd9900691ec730e24678b055b3c0768f52f879eeebff707616fe36696df
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d3858fd6875118f687ea5fd972b3e88f1cbec0b84539bfe33585b6ea282af27
4d4f55e86aaaec67ff475cd585c6a8be05c07e1075ef07fe5bc3cc7fb476a76a
4df23d9a8cd6462ea12f1a2dab724715a347066d0e638de411dc69e6f0efc77f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0eaa9adcdff76abd7dfd7535d653d1a64c295005ab32c688a86c8584461642
4f6697ddc03263e57623aeed99c6485c422509662f7d4cf7850d1fbbb92a39f5
4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5
4fc2efe8d590d037af61708b1ff76c79ca06c4d1c8f7942dd3ab4ae2b48e8ee9
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
503c378121803d220eb1648a30ef2196a6f393add1a99abaa3e2bdc609d3fb0a
51757ea0933827a15266d7fd6881a2d82c6c3462bf2927854ecc68c663b25587
52f088b577901ceb0f4543cef3fd89dce338980d1790d041d2358ff6246f6e95
5344d8e33b963fb6a166cea5676f42a49d90102bb7a25a67d0f9fe5fa58f0854
53d498637d3729f9082115b547255e3741d328021543c3cc38814a1112a26901
542b9235786f24ca184692eb965b3bc559b911649df08f075a78175cfae91bdd
5472cbce3d59802ab140c5b8eecfca4d357343c47a1c9ea601ccf1d50145955b
55a78e38cdd095b28dbeacfa443bfecdb91046511f1cdef4a41c4128a20c0761
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
567b483e36f71896e827f0b7afbfe4182644e6d67075d2393ac80946057a81fd
56ed88293bc3b19239d5c0fe26672cfd7b41ed3bad4d974970cab9a373f0be98
57e7135d32625d7e1d8117a0571033a7564dc662dfe18bafdefd6633633858b9
58bf5b5478e5d1fb7441daeff9fd1ed60a4ad5fbfabc64715cd8608f3f59f6da
593960f2bab85e8957e7c0a6397454a3565511b5e86e0b72a1698509da74c838
5953b6c652265db6196b77138539367ee4da734184b0ff80a9855b1ccee998f3
59a98beecaaa2055592d1fec998eeb157f138e6843ba05b61d068b69338b02e8
59f7a3856fb87c8c4b6d3fd11390922a2c23ee7a0ca450a692f3e83535fcf772
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
5b43311cd3b32f81df683cbe244aa8358d5834e09522946ae7f735ee1b8501e8
5d05926362e43abfab6f30edefa30cb5877f0786d58095b8c03d788748d8040c
5d165beda02be992179d5c91a58e16cac29e5060d8e8bd477ea5dc67bcff9a78
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
5f51eb22d2e6e474c7552ad961060d0be8f0ecdae629318c60935adfe2953d54
600f006a59554ebe5bdbdfc625a844b3c05c3cccac65b436d89ff4a7c83bd8c2
6036237b63b1af989784217a45200bee32572b2bda8daf26f372c139be397a76
606f6930bdc73eb61aa10b7d5ce7765f24055621b63067a4a9fef4f76b758b67
61fb409fcea7eda0419035ff2d75faea6742fcccdf5ff99fa44eb783f5053bb3
63a218801054b8267a86e48b10025b463f4fc573ad1c58ea95ccbb69627e9905
63ad43322b006bf77c4e2b36c2c7fa7dad1e1da5282902036ddb440ff334dd3d
63dcc4ba7cdaf9808806eb018a10cdb871bb17e0dc45e172a8b7c8d31db5ad07
65a2e79effc94b4cc9b1ba76e7d17cd9a9ec867af7791fd68c3d64fbe4811149
66289bde64db020d57ccfdf3b595e4bd89c95a1f81865bf8a2e80ec12472408c
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
68b87cd327e2feeafde16f81a9d86e5e9b5d451e3e6d6e590535558eaf44721e
698dd94683a3239ed641af1eb7f987b862a0e87f67d85851845603e1f45e04e8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c309e0135099abef24ecba3d3e92e74338058ce3abe305e59e5fe4067ea2704
6c3b45883391f9bee5d62253976f509d35d0ce09466f09a9e0f036f51fa48a2b
6d97212a3a169f103afa6a81e0130591f90e49672082da5255bdc20ff1c1cfbd
6d9eaafc340c46807a31a00917fb95d51c33321d52f3bcf41297a84fccef4553
6dc4b9bf8e422c97cea924a04b673a14ead515cabf0be3da77fea3beb4a90dea
6df0e7d5050a9282bfb675e5a9ef30b4d6c9815cfb8240a570840172dbb11d8f
6e239a6620a4e7eeabfe5addc2e15ed70139dbf8b246841e4bdbae7a893b7a8a
6e7b88d82ae69b67aa09d6fe52b3a85e78ef66882f6ee8b80237aa43bddea121
6e905b2cc29716efef4d99106597fbae4e72030e60d7acbda798d453390dfa0f
6f684ad9ac1d482b0d11f2437e3d63a4acebbfa2fb756f8ca2b798d32eb3b52f
708327e1b482f8d980aec658d3cb1dd18d60fe4629e24d17c3fdc63480f0d4bb
70a572929ff96ff9c355daa13de6f085510c4a43bd422d04d753ee10333fb11b
70e32922e0fb8fbaf3501493ac01bb478e920347447652c6ac4bf2dee75472c0
715263829d8eab12dcfedf56a208b1e6c958995413a47cddb3ed532d75aca6c8
7163232324080480c678b35baef5b5bcb2010ffbe633548b0579b0f984a33930
717de30a4e041b92e5d3aa230aeede4e08434647e627279477a2f642ac2861eb
71887a7000c4565ff13cb7856d492ea6ab3f7b032c95625d48580fbc5925d4c4
720540fdf6be1b3d2aee9c54172a0b328457b3e6860da752f37c88a0860607cb
72117c9e6b3d1d4da49199889920bb1aeaf2a6fe30eaf514276ed79257732081
72734d3407cbef3b6f46479db0b938e9afb3ff9fdcbd86b0e772f14f17469940
727dc8fdc7e925a8557fff31749df1ae2b0ba759fa4bb3e052978c09ac1be735
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
732f2d6e7767e7978cf70554aec8f7b40d5d6da4b601e528f136473c1b965c93
737b549f7deacd95e92ea4b0b0e2ecd208e17eecf05b1b241b021492ffc18658
739ccd1c7967a0521b879f45f6099deb14f85f8894f287dab6d7b76748415c71
76064ddd12bf9fe3cb8055771f4790d2a4a391a04e4e961bce6a6f3f89d6235b
773d1ef672f8d86b6a73e58d29ea656b3b2a6db3baa031ed5084c88b7b37312f
77c3d215298f95357de947f102cc00bded45bdb71ab3c20f9dfdc64e490729c6
798529ea81929c7a98926d29e4b43e358c0e680ffba893ddce453eb4c8a662c9
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c19a43c3cbd95939921f06bdb9fee7cf89eab36ed21f52b71bc344bf7823da3
7c88d5e8481802f5ba7b1ab85653d4e9bac0ec003984f76887677600e803f7c6
7e61f5417431e000124fbcf81b86ae6c08999e6f229f2ebffc748d82c2516ba4
7efe5fbd74b183b583f0c7cf328ff613dbbbf971ccbabbbbe2a8450f619c9e4c
8020b1e882b7a30f74626c155842fd4f4d5b20e238c31a34d9f83b9eea542550
802fa850549fbc67d45600c105c26b9a422bde2764752e1bd2d999b16f1aff6f
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
80e628671fae196d14078f3a827cd2dbcc049ee3b5c80c9ad9b8b708e8ef4218
810fd98b65b7fab1ebd27816f8409ef63cd341dee5e59766d694e002a49cafa2
813e44281bc30d24c69706ba9de28a356111cf651fba494ee024dc655615347c
824285763fce9cf21d757a1941021001de9627d523af08881ad420790ca84423
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8320a5fa8b7e5b43abe1359be9de3e9d7e93256f27f4c0f812444be3eb2ee3af
83243044c8bc2d271334c3fb3bdc2d80376631776747919f49c1cb41a2a3d835
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83617fdf42c2457abd24c043606c8ad4bacfd7fe6fce42dfa5d16f4fbec523dc
83cd2cbe493ce7473825a2d628b6cdeeceea0632dd5e6c253fc57e1b2cf9e798
845b1689c510a51583bd9e8e4ec701e1aa020a749e9aadb21c4dba848c349e92
847240dd4e1c45b3091ed30ce53ba4a8ddd9dbe5babffe1f9b161c8021d9e2d4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85996bd026a2d1a1a78d9686cbaad97d9b734c5a1ea94ebd3a2865c6ee9715ff
86647e9774d23e7f7ea8c262399a56016b0ea394027a1cb0590d1bacb3674e51
86fea9d75420afb5cbe16639c4de0abe59113070c1f9c4eedeea0cc5665a2030
875c5de7a49dad97d2a7dc77b9e0b5d232da659fd6704181b33a35200707254c
8765d36f78db0ac4b1202bfb64d7f13abed6e7889c5503200ef6d9972ff35535
880ceba6ed002e0e4cfb47168aaff3735535e987795a13e145adeb9afef68acb
8967d3c162eee5fc9e46d1bf74ac9f5dcaeac787d7f5d3bb90a94f85ea3f279b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab124cddf3a4b49de6342194137b67540b462cfa1bbd55f72014973593b46f1
8adbd2dbbc75e843b43c81760fa11dfc0399efc139182b3a7f500528fdf11bfc
8adee86183717665f21cad5b21127c4a7db0740274df08f8693b01dee8b88376
8afb4e8baa2ec27159a9f1b678e3c7b3287a354c679711e1d7a9e8cb0a0ae798
8bc3c8a0714acaa44b769b97c4191bc7f39ace808f4d0187afcdca5d0d3ce92c
8c0301b3dba5061632d7321cd8bb7bd527f48288d5cb15ff614ea0c1dcc1ad69
8c309217c2daf7b0d64662bc07c1081de1ba5e4b3cfd162d9508e140a1136063
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d17e337798056804093b014e6c1d8b371141742ec9df9408ea587a14f74e765
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d805e1c2cfc4d461ac38a234fdc8c26f767952c75301b21644940dbb3374a5f
8f02432b412c10a37b712c026a8a6c8abf64512d253950f079fd31e83b4af1f5
8f1c4a187ecad5f36ded9b34e2df74303fad32252ef266f1b5436959090e958e
8f7abefb15bb45806215e2c20e834844820f1db6080071ddaf14289122710243
907473ae1c59053a37c78d628e47db2bb702d9ab37e9b4fe1cedcf308a1f16e4
90a54bf9bf31a81663d57ae10afe615d0e374bdf5c1dee0a5dad810642783800
910be6b777cdf2764581d6bb526c92fbc6b4bece8b81aeae46390c3cf5596744
9414f596af0c8d3e7475b9cfb0eeda088145158fd58cae722bf2ee07203d730f
944703cc1ec95c7ce5304a3535ac7427f32da5901484f74702d47e79d4ef64e6
94787763c97e2505befdf1b883d5fde64c1f1df7547ec5d9c44db6aa5158c1c0
957ccf45e2619f36e82c0418e1ef953dc3230da4c8c07dde0ca87f4fbb7152f9
95bcb6d696911beec2943cf8333b6d926ef3dd3f872dffa02d1c7a8747be4de4
95d95840165ea5fc374a27f1cffe88a1b3d033562916ef1071393c9c8adbfe86
9625dd5f36e9196b741bfb4558fb8809318495207eb6213427f4ee42b7baa57e
96a8198d0b92c175322a1cf167c65f8f410a46758ad62c0ed614baa635a55022
98baf056584781a780f8b96b7b73404e988cd580eeefd725a9f6a4222ee8bf15
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0d4f663cf14d5417afdc1b49cc230169f2c2b6c0c779ae1c768fb2ee416625
9aaf95bff49ded25af2864e357e18663e7921a178fcb0d7bd00c47e0e03fe5c4
9b4ee9baeb2f6a64d46848a9afabc5965b4fe73645344aa653ab0d8e04cc5156
9bf6939a73061027ee157fe8a6febe3f62d88e060837f81c3dffbdcc331b6a77
9c175d534cf98c238750824b23ac92954963b9edcddce8ccfc1e03f66e8dace2
9c373948c00ea2211bd9a9282ed0a0731b73d79d8b2c0051f2de9434c116d3ad
9c7e640507607d3ab4182c58d339ce00248d46cfcd03c8f1940d1095c0dcda5f
9e7e9f7a519a5afeb72daacee64e924d7f922bac38631a9ff3f5a51ecc403098
9e9ac9a4008262b7824e7c6b4668507db4ea3b69ec84f2516b535d4453c4c3cf
9edfd2a5e17e6ee7eb4fe601deb9d3dc07395918e072f3dd0dd051453700e3e1
9f9ea46aa1149113f9ba1f0912ec90809f852870308b0f716701ead9ce5d0ada
9ff6f75c824bb86682a24ca9f4c8f8a7f1e316172cb84390f0113b431fa6bbc7
a038881d961d91391d58e40d1885a61991217897d8970533fa9e2715d2f5effe
a03984b10b32dd354d5037b86d7177b6fbc8577aa4d81f15c9d870be7da2ed6d
a0f462d377d7473f6cc79f8b9fe159cb3d0d080d12eb9853c39126de188fd861
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1cbb4274973c20c76835fe1988bb587775b9dcd4359b8d5f3fd2e3ec643e47d
a1dfc18ce1fe4f8d6f7a3c3ba0e61566fd7e9c88914f94edefcba73431b81748
a1e6db17beead6421070bed74c889ccf58b7b28dea2cb631d1341297bdaa2da9
a210e1ad2e4ae8010dbe5f9ac8b5291a26cd6ebb7a4851cb0b977092289c0413
a2469b91c0bb4ca4f8f1d67b79f1ada540029e248827717b22e0e8333e18f818
a2a2fae052ec59eaf3ab6d15de7e4f0fbff178c1b990c34a669320285507db0b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5af4fc508d900876f8a13db0104bfa864c9aa17be11914045813ac9cf3317de
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a622399a4b0a279b22545142a1cccb503cd4684ea96b43cd879810b7a0ffd661
a66e3146dcb250f2910c46843b1db91994fea95a24ce4dc76a6ec7459ff983e9
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7f9dbb1f0fb13357f2813f984bde4abae3c78e379b72e380843e74b54875841
a8b1d478b7bb9316d230f5be129aa063dee9c920b0151e64d9d8fa3a88ac6569
aa74f95434cc49a876fe89d252b8f933b67b954340c6353675781340b3d8f7d3
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab68148e458b1cc15545201921726abe01f830cf254f33c6d72db9a419fdc5f9
ad8884af23d1d0339aaa04c27081e6c215e9de43158bfcd3cce29db743fb6246
ad9fdfac0e1db77fc2dac89227102ccba3bbd01604c75a11127fea77f648eec7
ae28ac4318b3829f561eb13fb7cde9d0bb280983d99c22327012688d45d5a386
aeb4c60e6fc9b7c982125403412c5b6b5c3c9191f76928624d9d9e5f4ce18c68
af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c
af391daab639e9edca60f1da104865061f97adca1969f92ab786507d58accaef
b17322c9274aeada4df3efd7b68f1ad1ccb677b24f76caaac9f7adcc9f3eb137
b188dcbcd0c2a414a7fa08bb92e2d412fd8690831b8fc28882f56c83bf14f607
b1c1dc71ae19e72be281db4591c91a4a6c287568801cd3f6e74a1c08effb4157
b1ed587eda401e449edfe34318d55e185497ec21a52b907ee05cf6656e961d9f
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2ab2cc2b6dd8cbb13eab745209c5fd7487b18b0f14872db1224f1feef2930e2
b2c4a7d74ca722a3638e3b02a3f5feee21dda7253a3f339e02eec873ee0f267d
b2effcb18f514a7896e737bdda537f2ef3b5bb989eb247f4ab2aa3facf1148ea
b31f0b11ef3bf1d226360b88af4292dcda2ee57292b9107beb0a618552de9891
b37b99b0ba27589ff83639f4ab1b922e9fcdf3e695456a3aab0e6004fdd49f9e
b44ae8cf55e41c9a488ac6d5db7e2b79a8a3f81a9b41316a7c9d86a9d440fc95
b50277b2389bfdda3bb9148d0c26c07324d1eb8db70a9c703d41325d66b4af6b
b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4
b7422e8f025032bbe6f4cf2063b738f19a8c6038b8f4804490d18ee2178e1c12
b7526219d7e242db2a370db23aa101dc51ba2ea4417f3fefbc31ee10fea31c2b
b7944543f8f03e3681933e4deec312a3cba365795a7082a30a3ea75869bc7d11
b7c0bdade1d5e6e47bb8043701ecbf368a592475704ba1d554f180c501cf94d1
b95161460d1f4437aa714cfa1876d0419defa2c6ea42a2fbc78dd487900a1d3d
babbcc6a2a621b34b0c46e47970998e0a08053b8b1ca6614abadb0970d908863
bb659fdd4ff3fab5e762c667f05841ea8c82b858cfa5942b7e193e8425b4fd37
bcf0e78c18004ffc4127da2980215056aea5baabb45ac557897720780c7e666f
bdab32d46bcfb16404852800eee580017a130d12791874d685bcc01446fd6ce2
be1c5a434aa56c5c209e3448b5868e994abdd59945240c053260f8cd4fcea8df
bea01fd3b396828a23da917e402644c1faed8405b38539bf018dfcb071f797ef
c088e0a33db26229df70d6fef18c9fa1a7503fa38d265845f3977a97b349de41
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c14811543c43177335c8ba22be194d26067fa76bcf0c1b12bb4c0bdab9f6397e
c1826cef9e999efd320d5d9a0cc05feba233ba65885558e4aceaf4b088cb12ef
c1cbcd6a92e442332195ef40b66f2fb869596d5fdd012f3428c4c27082e21af7
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c2abab588ed1aa226fff507bb12cc00b354738c203f4b6cd202f40352cdc6591
c3345a03ef3a8173ed822cd9b66614ea262e88bf47b4eb0c67830ee1e5d62acb
c461bde258551f192898f0dcbd6ac484493f753660153a97d96b5ff3fb298dad
c4be0e2f5ac2ac697e5618e12517d0399a36de4cf25d3eb845bfaa3e3634b42f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c67a5e3d6fbd1acde50766699ebb4c9c1ed2228d412700afe197af4aae664e2d
c69739431e5aff1b7174a81209cbd0658da6c4d1b6527580f9f2f070df848290
c6ae3eb1be0bf3b77b26fde2cf511bb009f7c577c14f8aa606546673b2246b57
c6f6eb10a4472f02adf0f74f0805afb04a0bd0f4644a1eeff94d9b36d2ffeaf6
c713eda88a6bec9c1d66a8a2111e06772a8dbd537f12f0bea9d7885e613b4bcc
c735b602c1d0416e80fc3a525e9421d67acf31a247749da9d284a072fe39bd99
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
c9f94f957c781ac27e4257c276659d678b1cd9dcd5931b6c0b068da46198378e
ca66e264d4906c08646740254c325851bf0d83e203369d776d82202ec3c04c65
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbb4c47c1c8ef22efb5eaa7b514338b98b47573cd2dabe1473a9b012129148c2
cc64a742ead51c8d3c7ab29597287ffcfae6b93ff22d4d35fd646187ab6a4fde
ccd4de925fdcf3b6de31ccc8e58e176879dedd2c6dc19cae65e7e89f2e340d4e
cd68a6e55fe88aa4ec6dfce4a35ba9c3cd69a6954e5ecb4e3d091d819c4a5375
ce0b837dd2586f5f77a0802fbcce5c9c591c1834131d7d7a9c02e86c5a8efd09
cebbc19e0feeebe142c76ec258d601b7df8f69af908b786610a474a315a40c59
cebf8f32a230d27c7a1564af0de7e56697391e99356c143ff3924d154ac9b619
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08dce2573c8f59ca7519fd9e278a89ee1e504cb3287dcaabf27af75cd8c2f64
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19493c330e56a04fedc833c0c387a8c9f80cf9d65b615e246651525db4a28d6
d19d9de9bbafb40238e5d2b02a6ec1546158f7956dbc641a5f292befed381647
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3743330192c96b9b8f5b72f69f932359bb892b65535311b1ffb1fef98536c23
d3943ec911e260859a37ed76f52bfa9a8b9cf1c51d54cb15ace61b54157c85db
d4d756f067f92d30668347dfc74d622202bc3a9af95794ec0b1f8bd550136a47
d4d902f10380ef4cc0107aacc4eddcd7de75ac0fc989aca2faf91f9b2902eb80
d5a369d3d8be69eaf6a54f958015e687947252be07dbb197750fa8147caea4dc
d5b31ebf4f096cec7354dd6d17ca3f2e0763c56ea0a25c642089fbd981cd0558
d5d4e4f472ddcc7a4ec22f00d7b892a5b61188eefbc84ce002dd2cc5c5ca1041
d5f9604ba241a9186a1d888c8f0845279e34ae24e0a5f756781631714500f1ab
d605b8016e96843b147169071b1b1442b000a65f71a0cd4b3a7164d4fc9dc282
d605f1fb10b5ee49f59328d98df7757e135c1d247fe79392b1ce97afaf6e34ad
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6f8735ff725fbb0c014df86972e858f749a01f581798fccf0511c0b79eb3d2b
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d794625b678a8c160730301011f833dd7759fba70300edc2f780c9d93aa17954
d7af70fd2dab0fadd7b57438ae80cd4cbfc69384ace14284c990e2916631ff3b
d88253f5fa17497bfdc4546ccf644a8f954c7f2314e41f09354f70b2282e48ae
d8ba9fb2de0b8e4fd095428c12c70f58c181366598c3e2813022ae05108bb2ac
d940f569e51eadb2116a783fa6af03530da7d2ffcc0f094f9ae6b74de4675f27
d98d14669eb4616f42bc62d7af02f1b23925c61929f9a10736bab32fa2b5b87b
d9dbb676c4a844ee34b38c48b41a16f2ee145a6135d72d42d9fc9ec9abb2355c
daf45cb93bda55323577c5bd61644ada57be15e2439d9775a679046c3f10bd2b
db4300a98dbe2244a5465b49d09a24a1a317c7c1795568cca7fd075e8d504efc
db61f486ba7252bbd3042c8a7f65e31ed96b9bde2916430cfd4249ea39eecbdb
dc112845e0332dba03a6f95e82748b2ba96cd61298a904a9828255df94320a1c
dc46343f4589fedcba61b549d5c3877301846da5b4a40bd836619d0d6fb00df4
dc495854a8ac178d94730aeea4fc42d704c1af5e0dcbcc79f13b6d9792cbbb49
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df18f6d97724aedc00931593f05d46795219aba0c1a5c4c5f1e11c210a1f016f
df3a65774238efc1c607c9d2c5a28f5c915060a0031a35876db416a22f45b000
df4e4a1ced817cdf2b03316c0c3d3ae51bd50c25fd97fdb576bb88a89c55cd10
df58290cf86ae01f1520480069489b2f49df743f0030f489248facd006104eb1
dfdd5a406ceb45adfb9be6532281486fc85f58a7eb09ecdf37886bfb94f879ff
e01ed48b46ba66a795b7b6357ae5ffe11591108af156d8fd9067dec5b06a8265
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
e395d9052060c3693d657ab1c40cdaa141d7f59c10aea528612ea577d2c1c726
e3a6edac4585c512e36c35202b1a96b92743a91ec00d327398ca20580bccee1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c0eec3f0a6bfb56273512939516c1bbf6feec940a74e64097d3df91d7a8c8d
e542a2c133b7f20f509f78fd557e701fcefba35e007df7c7ebe8f431761c4caa
e64cd3d63467a570ac7dcc5dc9925a9d37f846a6bbfa7b11abec507bbc4cc53f
e6d0d8b5a3762e6ff40145806256d29effc0b512f794d7f4ed08aa457b224c63
e8302fd5182f82cc4a5c075f501ab1d4de04d39d70dd14fae4014c885c0b9043
e913d0c8195023fea768aa63161cfe870b077cd360806e3905002e74acc7423e
e93c890255c2f00e56e0f1d83af4c08fd4456f8e2ae064f04c1d944ebb5ae26b
e9a29fd9fd25252bf85425ce063b9a30117f500a9c4af96595c9457b4f1e693e
e9c55309e5775a9176d08c5e7f8a4864e9bde39e645849c33b95ecbefb556fbc
ebee68be41e07a6a7ee0218311f4fbced58f41020507ef6eae08ef7f029d2d5d
ed05afea1d3578981db83b3d1732720ccf15dd91054ca328207ac7f0fb7c7b5b
ed493954dc29f271b07eab86f6c032ddd2f20b8ee39f0cf6ee54498e78dd5fd8
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ede6c1a3c585742554555e636acc48d7008124e7726a000abf6bb4b627c62d38
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee6a1f8a9fbaf5f4a1077ac8c06a18610228e04657ef9d4b4332811a3da46dbc
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7ddeaf31d487bf07b79b1aeb4f9cad24ffa35c280e0702c276dd5cf709cf67
efba10b7c8dbd37216f0269338f49892f8c6215cc6f239d98dea601873dd0934
efe152ba98883c66458c49efb93e47ee9b409810c9337cdbe3707bc9bb5306f3
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f32e5a054bca9ebc3601a7a908ca341f2de553f2a18b83b61e8f1c040cb936bc
f3d4cc027a4bd44718916c10794829c1f06009be51e392c7e003ff81a09d20eb
f4d937ffea77fb48f07d4459a8077e27054614c937ac5f269e77950aae90493d
f52e14e4a3116fcf0400a1de1775e7f5707d2859d04bb5362459f232ff101a8b
f552246407a4f8b34a08fc42783296a8579d8f934081a0086cf37d051f334d6d
f5820244a2bb1a21fb966e2a417d1c12f43ad67d33c1275338d1b3d67caad567
f5c456d0121ea40c696d6c8410a7ff7e0c5870d907788a2e1c45ab40cce2094f
f659fd1cedd9e8114983a076a71633ad47411c7ff0f515ebebce6860dc48b45d
f76abd1ec35fbff8e74391c8b99316037ee5f9f006421bc83a202a8d4dbfdb1d
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f90e7568b57ed05279115c74d859451f01003444ccf1777450475ca11d65a4bd
f93f7f637d21584b9121a40f6b2fc2795fd8c454e37fc4a4ad8d11471cb3b7d8
f949b99d6501fcfbf2d40d0bf0d2b6b189a25f245f62c9070b463752bae93eba
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa01d7e9fe05d9bc68afb93f07f87812a4171bba0e2d4d4f2ac03c5d14e851d6
fa4f6f67cae8ebdfb32ef792bfc98c325b1282de2db5fe0b59e8d332cd0b29fa
fac37d72be5f38ca147c85ba0921206d661cff46d14612d6a0029ffd332a68f3
fb3a0498aee818a46155e25a3d3204fe55b0bfc4a685413a8074a4d6139de815
fc27dcde41491d9b559ff86ef7cdfd5869ebc5fa12f959aa364da9d556f3b1be
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fd902dfd010088990a20dd6b6b0dffa68c30c5c0bc8749a35c268d0c1e62d426
fdbb995458f6b6f28ba8ad20b662687f9b83edb8f74034f7243161086e7e54cb
fdbe8d58f0533f6d5be3c57ee68f06db56d4e6c8c8178618f08c517e809d4b2c
fdd3e502fbd1bda1da8283465cb8fe741ed9543e851e645711d9383280fbe3b3
fddf9e42ec2c42150e0396945088c41b1291104d971e817b4a7551a6aee949e7
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
ff48734d304a507bbb0c11a2664b0a0f45bdbd39f935863a8f357b4b537942bf
ff73967a98dbf0e26497c62c5d6e0fd9d0968f92031da77900e05a2ec344d3e5
ff9dd2020328ceb632372acc069ca580300ae28e8a6c338e968c977ee7705adf
ffcc0f5b5458b5e9eaa54a148c555593dde0d3e797314cffe8933e09fdb48586
ffe1703d6adf284d92bfc1731706618610c977b81ba5f52c556559142648ee7c