s.yam.com Open in urlscan Pro
52.187.123.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.yam.com/etadx__;!!A4F2R9G_pg!L7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgEpjreDJzmmmGx8$
Effective URL:
https://s.yam.com/
Submission Tags: falconsandbox
Submission: On August 28 via api (August 28th 2021, 7:30:47 am UTC) from US

Summary HTTP 64 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 14 domains to perform 64 HTTP transactions. The main IP is 52.187.123.178, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is s.yam.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 13th 2021. Valid for: a year.

This is the only time s.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	52.187.123.178 52.187.123.178	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700:303... 2606:4700:3032::6815:1073	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::6815:3d44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
3	185.29.132.242 185.29.132.242	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 10	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
64	23

6 52.187.123.178 (Singapore, Singapore) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::6815:1073 (United States)

ASN13335 (CLOUDFLARENET, US)

hanalytics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:3d44 (United States)

ASN13335 (CLOUDFLARENET, US)

img.yamedia.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.132.242 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.164 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal900026.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	243 KB
13	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net static.doubleclick.net	610 KB
6	yam.com 2 redirects s.yam.com	116 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	google.com adservice.google.com www.google.com	1 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	36 KB
3	googletagservices.com www.googletagservices.com	101 KB
3	google.de adservice.google.de www.google.de	1 KB
3	hanalytics.eu hanalytics.eu	2 KB
2	redintelligence.net hal9000.redintelligence.net hal900026.redintelligence.net	4 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	yamedia.tw img.yamedia.tw	57 KB
1	googleapis.com fonts.googleapis.com	627 B
1	googleadservices.com partner.googleadservices.com	655 B
64	14

	Domain	Requested by
10	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
10	pagead2.googlesyndication.com	s.yam.com pagead2.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	static.doubleclick.net	googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	s.yam.com	2 redirects s.yam.com
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	hanalytics.eu	s.yam.com hanalytics.eu
2	www.gstatic.com	googleads.g.doubleclick.net
2	www.google.com	s.yam.com tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	s.yam.com www.google-analytics.com
2	img.yamedia.tw	s.yam.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	hal900026.redintelligence.net	hal9000.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	hal9000.redintelligence.net	s.yam.com
1	www.google.de	s.yam.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
64	22

This site contains links to these domains. Also see Links.

Domain
membercenter.yam.com
yam.com
member.yam.com
help.yam.com

Subject Issuer	Validity	Valid
*.yam.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-13` - `2022-08-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
redintelligence.net R3	`2021-08-20` - `2021-11-18`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://s.yam.com/
Frame ID: B5BFF8822B71FD8915030C7618E6803D
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html
Frame ID: 383573B70F4EB697E072187DD446301E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827127&bpp=27&bdt=340&idt=71&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=6611855871183&frm=20&pv=2&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MsjfjxfOYW&p=https%3A//s.yam.com&dtd=89
Frame ID: 3ACD3E0C2FFF8F41D12FF027848491E0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827155&bpp=1&bdt=367&idt=69&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tGW0gJy3sy&p=https%3A//s.yam.com&dtd=72
Frame ID: 911EC388E1A03D2936864B68CF41E81D
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&lmt=1630135827&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs.yam.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827465&bpp=1&bdt=677&idt=1&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
Frame ID: 73CC6C28B5B197D90B39439C97C6077F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js
Frame ID: B05D80DB3AF49FE516FE8E8449071139
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 976DABA80D44D66E10981F09EC25581D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B6F442D7B02021DAA3632E249F795766
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Short URL - 羊雪兒 - yamShare |蕃薯藤

Page URL History Show full URLs

https://s.yam.com/etadx__;!!A4F2R9G_pg!L7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgEpjre... HTTP 302
https://s.yam.com/detail/etadx__;A4F2R9G_pgL7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgE... HTTP 302
https://s.yam.com/ Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Page Statistics

64
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

22
Subdomains

23
IPs

5
Countries

1194 kB
Transfer

2102 kB
Size

1
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://membercenter.yam.com/Signin?URL=https://s.yam.com
Title: Login

Search URL Search Domain Scan URL

URL: https://yam.com/
Title: yam.com

Search URL Search Domain Scan URL

URL: https://member.yam.com/Notice/?duty.htm
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://member.yam.com/Notice/?privacy.htm
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

URL: https://help.yam.com/
Title: Help

Search URL Search Domain Scan URL

URL: https://help.yam.com/m/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.yam.com/etadx__;!!A4F2R9G_pg!L7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgEpjreDJzmmmGx8$ HTTP 302
https://s.yam.com/detail/etadx__;A4F2R9G_pgL7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgEpjreDJzmmmGx8$ HTTP 302
https://s.yam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_lp6ZOxCwCRiwCTII6QrrA_WT90M HTTP 301
https://tpc.googlesyndication.com/simgad/12005022035155591539

64 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
s.yam.com/
Redirect Chain

https://s.yam.com/etadx__;!!A4F2R9G_pg!L7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgEpjreDJzmmmGx8$
https://s.yam.com/detail/etadx__;A4F2R9G_pgL7_0PpWwp4HHkBBtKPl8aqF0EDHtfOD78wFPKwpjvJm4QmulQgEpjreDJzmmmGx8$
https://s.yam.com/

15 KB
5 KB

170ms
170ms

Document
text/html

52.187.123.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a1389c361348f923cc244eeb53461bae6e55070f1a424b87b329d05fabbbdd21

Request headers

Host: s.yam.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 28 Aug 2021 07:30:26 GMT
Content-Length: 5007

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://s.yam.com
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Sat, 28 Aug 2021 07:30:26 GMT
Content-Length: 134

GET
H/1.1 200
OK css
s.yam.com/Content/ 139 KB
33 KB 327ms
327ms Stylesheet
text/css 52.187.123.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c76b230a40cb927216612abe80a117c5546ec57111fb6b770d8fe67235815e6d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://s.yam.com/
Connection: keep-alive
Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Aug 2021 07:30:26 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public
Content-Length: 33813
Expires: Sun, 28 Aug 2022 07:30:26 GMT

GET
H2 200 script.js Show response
hanalytics.eu/js/ 744 B
1 KB 46ms
15ms Script
application/javascript 2606:4700:3032::6815:1073
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hanalytics.eu/js/script.js
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:1073 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b6796587883d5e526fd374f0f496f60d7c50c3aa6959c0b7fd5f32fada4b12e

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1414
cf-polished: origSize=746
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sat, 30 Jan 2021 11:54:50 GMT
server: cloudflare
etag: W/"2ea-5ba1cc9bcdd7d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Host,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2BF%2B5UsWqzoM%2BFYgSCJDBF3Ri0IC8qZWXV6x0%2FGHNDd7mUWCWtR1NMCbWiFc1XmtDmfpAiyXL0C5dtwWjusnlBEmEiVtFzEybe%2FEm2yjoJWNrVbqd0Sp6w%2FXxujY5jPm0nUDAmUaZOrGWeHX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 685bd5959817d6d1-FRA
cf-bgj: minify

GET
H2 200 500_104.png
img.yamedia.tw/2021/share/ 15 KB
16 KB 59ms
20ms Image
image/png 2606:4700:3035::6815:3d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.yamedia.tw/2021/share/500_104.png
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ece5bf231dbbc2118d2ee8a8ecbb335bca176c4de344f67a881b88afe18414a

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Aug 2021 07:30:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: 3wycdh9BS9lBG+JCpucFVA==
age: 2399432
content-disposition
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15707
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 09 Feb 2021 10:04:20 GMT
server: cloudflare
etag: "0x8D8CCE211CE3D43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TEvfMtYkzMlEJzsPKwQ7cTwLViBJ6NcrNyPSNKPsVCEFACrQeBFFsXKlZtsSLnsnYLEO7OFEzagzCIk4K3ax1Y0mypeRFJeGoJN0b4Bc91Q1qvmt6ePCUzBG%2B7NNTWXZ%2FDbdkRGvo2ARsHMWzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-ms-request-id: de66dd10-e01e-0009-681a-430315000000
cache-control: max-age=5356800
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 685bd595ac171e47-FRA

GET
H2 200 loading.gif
img.yamedia.tw/2021/share/ 40 KB
41 KB 53ms
14ms Image
image/gif 2606:4700:3035::6815:3d44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.yamedia.tw/2021/share/loading.gif
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:3d44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b142d36d6f95d9384d3c6203b94af5689bf0027475806a0349efe1fc43aeb9

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 28 Aug 2021 07:30:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: AlOeK5j89stXWjZ5yAsFUw==
age: 341403
content-disposition
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 41005
x-ms-lease-state: available
x-ms-lease-status: unlocked
last-modified: Tue, 09 Feb 2021 01:44:21 GMT
server: cloudflare
etag: "0x8D8CC9C38BC7AED"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8n%2BBmXXDSEt%2FjAbyWyizM0Vi92aGKzlDw900l%2FvzjsbQRmubFvKhbnhlqjFMT57D7npXbYQ6ycmakbC0XGrgyNwTi2F30dYqOySZD%2B3G7mTwli6fjbRhfax6qH23PgifZnX701O9xRkXf0R9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-ms-request-id: f212062e-201e-0014-7ec3-98daff000000
cache-control: max-age=5356800
x-ms-version: 2014-02-14
accept-ranges: bytes
cf-ray: 685bd595ac181e47-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 56ms
37ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49997
x-xss-protection: 0
server: cafe
etag: 15562034904911884318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 07:30:26 GMT

GET
H/1.1 200
OK default Show response
s.yam.com/min/ 141 KB
61 KB 511ms
179ms Script
text/javascript 52.187.123.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yam.com/min/default?v=XZQUDHUAffRknvcSQvv8izAVzhjAqUudJ5KeuVE2Xxg1
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bfad1784c489a413b512e4f03923dd6cd991811c5c49263125aa6930196d7f4d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: s.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://s.yam.com/
Connection: keep-alive
Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Content-Encoding: gzip
Last-Modified: Sat, 28 Aug 2021 07:30:27 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Content-Length: 61682
Expires: Sun, 28 Aug 2022 07:30:27 GMT

POST
H3-29 200 event Show response
hanalytics.eu/api/ 3 B
657 B 280ms
280ms XHR
text/html 2606:4700:3032::6815:1073
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hanalytics.eu/api/event
Requested by: Host: hanalytics.eu
URL: https://hanalytics.eu/js/script.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:1073 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.22
Resource Hash: 27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json, text/javascript; charset=UTF-8

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: br
vary: Origin,Host,Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.22
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 59
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE5OpOb93PZw%2FI1XVbHj5uB5urq5XxBr88DKmyS33xxZcJ5K60juNIXpjjdyc78PSDI74z9u1VMIFi6ttXaolNqpi21KVwFtJnNNS%2FMxDLUB4uNyZ813rp8sH6l%2BC3wMxck1GBNMMJqVHGTY"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://s.yam.com
cache-control: no-cache, private
access-control-allow-credentials: true
x-ratelimit-limit: 60
cf-ray: 685bd5975a19c2c2-FRA

OPTIONS
H3-29 204 event
hanalytics.eu/api/ Frame 0
0 258ms
246ms Preflight 2606:4700:3032::6815:1073
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hanalytics.eu/api/event
Protocol: H3-29
Server: 2606:4700:3032::6815:1073 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.22
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://s.yam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
x-powered-by: PHP/7.4.22
cache-control: no-cache, private
access-control-allow-origin: https://s.yam.com
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers,Host
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-max-age: 0
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytztMXaJSUFZSYQD511XEUH9BLOm4n%2BAavYuC7nr%2FwG9nlmUEsi%2BS8VN3UnyRfBaLYzscdq0bwA%2BTfgdsLO8hX4uvsmocwelhe%2BTlv25C6aGcveel%2B88e%2BPmruaY%2F5ONaGHGiVaPcGwHZVYS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 685bd595d856c2c2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/ Frame 3835 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210824/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210824/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.yam.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 27 Aug 2021 16:22:09 GMT
expires: Fri, 10 Sep 2021 16:22:09 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 54497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2675037296853968&plah=s.yam.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7089f6cbc081f79ba297f48c9c720869f325f9eedbe422279da1a4bee732bc4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95600
x-xss-protection: 0
server: cafe
etag: 9779198409284284208
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 28 Aug 2021 07:30:27 GMT

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
s.yam.com/fonts/ 16 KB
16 KB 328ms
327ms Font
font/x-woff 52.187.123.178
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.yam.com/fonts/glyphicons-halflings-regular.woff
Requested by: Host: s.yam.com
URL: https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 52.187.123.178 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://s.yam.com
Accept-Encoding: gzip, deflate, br
Host: s.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81
Connection: keep-alive
Origin: https://s.yam.com
Referer: https://s.yam.com/Content/css?v=9bZ4U4MJi32u47YlBMNLCOC4U2OuPMDfAVvRW05oeZ81
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Last-Modified: Thu, 17 Aug 2017 04:57:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "9c6d60521517d31:0"
Content-Type: font/x-woff
Accept-Ranges: bytes
Content-Length: 16448

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6836
date: Sat, 28 Aug 2021 05:36:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 28 Aug 2021 07:36:31 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=929602023&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2F&ul=en-us&de=UTF-8&dt=Short%20URL%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1216717610&gjid=1394366041&cid=642200571.1630135827&tid=UA-16227618-1&_gid=1654646902.1630135827&_r=1&_slc=1&z=91884108

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://s.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 197 B
655 B 89ms
42ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=s.yam.com&callback=_gfp_s_&client=ca-pub-2675037296853968

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2675037296853968&plah=s.yam.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

dcef45d5aee7d31310c3749ca51de8df3f7f46b6efbb9119a43db3a8aacdd46e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 189
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 34ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s.yam.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yam.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3ACD 19 KB
9 KB 240ms
240ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827127&bpp=27&bdt=340&idt=71&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=6611855871183&frm=20&pv=2&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MsjfjxfOYW&p=https%3A//s.yam.com&dtd=89

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

929da0923680df0e4242307a4dcac6272634ecbe310f3479c62010c3a982c4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827127&bpp=27&bdt=340&idt=71&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=6611855871183&frm=20&pv=2&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MsjfjxfOYW&p=https%3A//s.yam.com&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.yam.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 28 Aug 2021 07:30:27 GMT
server: cafe
content-length: 8960
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 28-Aug-2021 07:45:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 28 Aug 2021 07:30:27 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 34ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063795307439"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:30:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
84 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-16227618-1&cid=642200571.1630135827&jid=1216717610&gjid=1394366041&_gid=1654646902.1630135827&_u=IEBAAEAAAAAAAC~&z=1468245656

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 28 Aug 2021 07:30:27 GMT
content-type: text/plain
access-control-allow-origin: https://s.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 911E 113 KB
30 KB 519ms
519ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827155&bpp=1&bdt=367&idt=69&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tGW0gJy3sy&p=https%3A//s.yam.com&dtd=72

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30fb03160560fb897688723aca6e1e090d63906cb624f0130cda9e13ad6c8674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827155&bpp=1&bdt=367&idt=69&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tGW0gJy3sy&p=https%3A//s.yam.com&dtd=72
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.yam.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 28 Aug 2021 07:30:27 GMT
server: cafe
content-length: 30658
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 28-Aug-2021 07:45:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 28 Aug 2021 07:30:27 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
277 B 16ms
16ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16227618-1&cid=642200571.1630135827&jid=1216717610&_u=IEBAAEAAAAAAAC~&z=2028654072

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
18ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-16227618-1&cid=642200571.1630135827&jid=1216717610&_u=IEBAAEAAAAAAAC~&z=2028654072

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 38ms
38ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fs.yam.com%2F&tn=DIV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s.yam.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s.yam.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73CC 9 KB
4 KB 170ms
170ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&lmt=1630135827&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs.yam.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827465&bpp=1&bdt=677&idt=1&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c53b6cb7d08536cf24f407d9790774c5783e1386dccf0246d0269c321b7ea70e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&lmt=1630135827&plat=2%3A16777216%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fs.yam.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827465&bpp=1&bdt=677&idt=1&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250%2C300x250&nras=1&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=6
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.yam.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 28 Aug 2021 07:30:27 GMT
server: cafe
content-length: 4034
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 28-Aug-2021 07:45:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 28 Aug 2021 07:30:27 GMT
cache-control: private

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 3ACD 2 KB
2 KB 56ms
21ms Script
application/x-javascript 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWm1Ga056WmhPR1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0OTczNTQ2OTc3NDEzMDYwMjMvNjYyMjMyNi80NTYyMzA2LzQvQm5MVWF1aEFPMnlVVEdWSUZRYjJGcDJxWW5NQ1NuZ1ZtdFpPN2VaRjBoVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDk3MzU0Njk3NzQxMzA2MDIzL3pyaC8wLzgzLzM5Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjMwMTM1ODI3LzE2MzAxNDg0MjcvNC9wdWItMjY3NTAzNzI5Njg1Mzk2OC8/JHFWcfOaAe_anHyyAXo_WFc72g0&nodeid=2800&group=eu&auctionid=8497354697741306023&shardkey=8497354697741306023&sid=4562306&cid=6622326&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%26client%3Dca-pub-2675037296853968%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827127&bpp=27&bdt=340&idt=71&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=6611855871183&frm=20&pv=2&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MsjfjxfOYW&p=https%3A//s.yam.com&dtd=89
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: de1564dc2b91ef93ec204f1490e0b63bd8378864cd838053c608ffc0b45e6f18

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1630135827
Last-Modified: Sat, 28 Aug 2021 07:30:27 GMT
Server: MMBD/3.204.0
x-mm-latency: 6 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: zrh-router-x41, zrh-bidder-x155
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Sat, 28 Aug 2021 07:30:26 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 3ACD 2 KB
1 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827127&bpp=27&bdt=340&idt=71&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=6611855871183&frm=20&pv=2&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MsjfjxfOYW&p=https%3A//s.yam.com&dtd=89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 21:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 21:45:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3ACD 122 KB
37 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:30:27 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 3ACD 14 KB
7 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 19:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 19:58:44 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3ACD 0
0 31ms
31ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZpX-E-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnAFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhulmViV2tXjHBLdGDw7hJOGTMqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNjc1MDM3Mjk2ODUzOTY4GAA&sigh=LUYHBi1z3oY&tpd=AGWhJms80biTPGYCLoaMkcmEtyOOp395PsIMZlyYMcU_MoY4akOS2A4jqLs-0olIqAmMDBd-vf0lh6ZCn7Ee52Lj7_PbFz1x8_2D4GqplTgpKY8nIlyJzsV3HC4p5TFpYPV1CGkdpG7mJc-sfPdIqntRiaDzjiuSvnmMsD_8_oyVRi5bCm5rzmTWgokWHWMSFZmM56CBXN0K0BUvsHkxojFOKKzbN2CDyiEYW1HF-TQ-G8_LXOb_tGi0PeaWUkh-_p-TPscSO7fCHNEzciWvpQzTqa9CazZvNV8BmfN2Log8inzYGOuwRr2_LoZaW-o09uBNdewSX5eORpCVjOiSUsYAiPSbjoa2aMH3WmnlPycTKzE_BKGo4sOwXeTe9R2KUrob8_Wxe99GSpljJHyh_OXJno_UhC1jYSHVawpGBbYuidbqNt0Iv2z3nqW4cf8EA4ojSq4CUiW703vCXYPkdXBCcSR3hNDAvkn8xT3i-39CJqYDx8mkD83yxdx8ctr3LdSdzt9AP_Z38wmzERmzgWAgsxHFzma8vB8k5utW3-tKsAXFvK3PnJL8OEp7BUn-gK6ql8LCnvgqIpR6IpBOOjwr_Bnj7SRlvJ-WNNAhorveQ-TwWF1paBfuX4iRdQ05XLs1VrZwCNyRQrIFZVEKvNfMU8QXo390RUsQJem_IVhkk-Qw4JvaNvGwHmA98nKdyS4cOCYChE9hB9p8VfpUBKcjycKT-icF547o4JFnsJwEVISZ3Dw8Kjst6L7X4BXsALIgt4fMgAZ_ban3Hwtsn7txgvrPILHt-YY73x2vXBGb8cQgHsxHO0qLwb2MuvVYKiz5hCXzgFzo9aCq2q2uqmcCyOaj29w5HD7LIu9Q5Xb5031O1ClWIRy4ANEV71goY9ehPE1zf8r0eCiBSqJ_oZ5oBxiRlq63Fsqi1qjKESiUT-beNSBUw8TqNAwbppNJw-hT417Lzp6Kms66heLoJMq4-hxRlYDkE4AqgA_zZlGWNqcWuHcsysorSJzc-U9cHwn9Vq0DBuRZ4y8ff2H4wUcp8YHl4Ovd38nGq1oNnK_cTIvIhHkGy_sQvr4YxE9x2krMeA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827127&bpp=27&bdt=340&idt=71&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&correlator=6611855871183&frm=20&pv=2&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=408&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=MsjfjxfOYW&p=https%3A//s.yam.com&dtd=89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 28 Aug 2021 07:30:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:30:27 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 3ACD 10 KB
3 KB 86ms
27ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=8497354697741306023&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8497354697741306023%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D99ef6129-e613-4101-9084-84bf19ea55e1%26mt_cid%3D99ef6129-e613-4101-9084-84bf19ea55e1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%2526client%253Dca-pub-2675037296853968%2526adurl%253D%26redirect%3D
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3b2abe94915d1a8a0c95001f7bdcba916381919ffbf81b0b1d50945c98a48690

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3238
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 3ACD 49 B
330 B 44ms
16ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=8497354697741306023&node_id=2800&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWm1Ga056WmhPR1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0OTczNTQ2OTc3NDEzMDYwMjMvNjYyMjMyNi80NTYyMzA2LzQvQm5MVWF1aEFPMnlVVEdWSUZRYjJGcDJxWW5NQ1NuZ1ZtdFpPN2VaRjBoVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDk3MzU0Njk3NzQxMzA2MDIzL3pyaC8wLzgzLzM5Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjMwMTM1ODI3LzE2MzAxNDg0MjcvNC9wdWItMjY3NTAzNzI5Njg1Mzk2OC8/JHFWcfOaAe_anHyyAXo_WFc72g0&nodeid=2800&group=eu&auctionid=8497354697741306023&shardkey=8497354697741306023&sid=4562306&cid=6622326&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%26client%3Dca-pub-2675037296853968%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Server: MMBD/3.204.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x42, zrh-bidder-x155
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 28 Aug 2021 07:30:26 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 3ACD 43 B
360 B 106ms
48ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=8497354697741306023&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWm1Ga056WmhPR1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0OTczNTQ2OTc3NDEzMDYwMjMvNjYyMjMyNi80NTYyMzA2LzQvQm5MVWF1aEFPMnlVVEdWSUZRYjJGcDJxWW5NQ1NuZ1ZtdFpPN2VaRjBoVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDk3MzU0Njk3NzQxMzA2MDIzL3pyaC8wLzgzLzM5Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjMwMTM1ODI3LzE2MzAxNDg0MjcvNC9wdWItMjY3NTAzNzI5Njg1Mzk2OC8/JHFWcfOaAe_anHyyAXo_WFc72g0&nodeid=2800&group=eu&auctionid=8497354697741306023&shardkey=8497354697741306023&sid=4562306&cid=6622326&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%26client%3Dca-pub-2675037296853968%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 3865 cc0e612 master cdg-pixel-x15 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Server: MT3 3865 cc0e612 master cdg-pixel-x15
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 28 Aug 2021 07:30:26 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 3ACD 49 B
330 B 42ms
14ms Image
image/gif 185.29.132.242
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=8497354697741306023&st=4562306&time=1630135827&nodeid=2800
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWm1Ga056WmhPR1F0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzg0OTczNTQ2OTc3NDEzMDYwMjMvNjYyMjMyNi80NTYyMzA2LzQvQm5MVWF1aEFPMnlVVEdWSUZRYjJGcDJxWW5NQ1NuZ1ZtdFpPN2VaRjBoVS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC84NDk3MzU0Njk3NzQxMzA2MDIzL3pyaC8wLzgzLzM5Lzk5OS82Ni8yYTAxOjRmODoxOTI6Oi8wLjAwMC8xNjMwMTM1ODI3LzE2MzAxNDg0MjcvNC9wdWItMjY3NTAzNzI5Njg1Mzk2OC8/JHFWcfOaAe_anHyyAXo_WFc72g0&nodeid=2800&group=eu&auctionid=8497354697741306023&shardkey=8497354697741306023&sid=4562306&cid=6622326&bp=a_befcig&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.164&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%26client%3Dca-pub-2675037296853968%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.242 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.204.0 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Sat, 28 Aug 2021 07:30:27 GMT
Server: MMBD/3.204.0
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: zrh-router-x66, zrh-bidder-x155
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Sat, 28 Aug 2021 07:30:26 GMT

GET
H/1.1 200
OK request.php Show response
hal900026.redintelligence.net/ Frame 3ACD 0
394 B 141ms
81ms Script
application/x-javascript 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900026.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=f23dc19d58&subid=&uid=67fd705e0a608a9d&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8497354697741306023%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D99ef6129-e613-4101-9084-84bf19ea55e1%26mt_cid%3D99ef6129-e613-4101-9084-84bf19ea55e1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%2526client%253Dca-pub-2675037296853968%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2675037296853968%26output%3Dhtml%26h%3D250%26slotname%3D4974166294%26adk%3D1989567528%26adf%3D1779873044%26pi%3Dt.ma~as.4974166294%26w%3D300%26lmt%3D1630135827%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fs.yam.com%252F%26flash%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..%26dt%3D1630135827127%26bpp%3D27%26bdt%3D340%26idt%3D71%26shv%3Dr20210824%26mjsv%3Dm202108240101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D6611855871183%26frm%3D20%26pv%3D2%26ga_vid%3D642200571.1630135827%26ga_sid%3D1630135827%26ga_hid%3D929602023%26ga_fc%3D0%26u_tz%3D120%26u_his%3D2%26u_java%3D0%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_nplug%3D0%26u_nmime%3D0%26adx%3D408%26ady%3D904%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44747620%252C31062423%252C31062297%26oid%3D3%26pvsid%3D2039342492235246%26eae%3D0%26fc%3D640%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CleE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26xpc%3DMsjfjxfOYW%26p%3Dhttps%253A%2F%2Fs.yam.com%26dtd%3D89&ancestorOrigins=null&random=9200057586502&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=8497354697741306023&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D8497354697741306023%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D99ef6129-e613-4101-9084-84bf19ea55e1%26mt_cid%3D99ef6129-e613-4101-9084-84bf19ea55e1%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC_9BDE-YpYbiDDqnK7_UPud6VKM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMjY3NTAzNzI5Njg1Mzk2OMgBCagDAaoEnwFP0DZoyHArq9QZF1di3z1Sa4IIQgBigLC9JROJJE4stV8sAxUAUEQnSNBF-HyYNgWoZTFJwvQv576JQZKoQmqPajFHC-10LPiwEWggWRUyv1rPQFx4FNg7f7J0_mgMk6IDn3CiOzg83gb9oyWekYbffwheCL6023NV0jf3nINko2jVd0qq6nCfnhvnm1UHdkVHG595UJfjxDx2Ud4MmTqABpCl7O_hmIDO1wGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_2y-f3FVJRbTQJba9SzGFMPZ5CLXg%2526client%253Dca-pub-2675037296853968%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 Aug 2021 07:30:27 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 92316800025624300951393011700026
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 0
Expires: Sat, 28 Aug 2021 08:30:27 +0200

GET
H2 200 css
fonts.googleapis.com/ Frame 911E 2 KB
627 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827155&bpp=1&bdt=367&idt=69&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tGW0gJy3sy&p=https%3A//s.yam.com&dtd=72

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 06:00:51 GMT
server: ESF
date: Sat, 28 Aug 2021 07:30:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 28 Aug 2021 07:30:27 GMT

GET
H2 200 28960c8a32e8dcc49d8dc53b67dce604.js Show response
www.gstatic.com/mysidia/ Frame 911E 11 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/28960c8a32e8dcc49d8dc53b67dce604.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 09:51:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4667
x-xss-protection: 0
last-modified: Tue, 24 Aug 2021 06:33:32 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 09:51:55 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 911E 1 KB
857 B 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 19:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 19:35:22 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 911E 18 KB
7 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:20:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 597
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 11 Sep 2021 07:20:30 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 911E 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 21:45:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 21:45:41 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 911E 122 KB
37 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630063810880246"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:30:27 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 911E 14 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 19:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Sep 2021 19:58:44 GMT

GET
H3-29 200 bf370751b3c301aa27eddd739f5e1f7e.js Show response
www.gstatic.com/mysidia/ Frame 911E 26 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bf370751b3c301aa27eddd739f5e1f7e.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 08:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Thu, 19 Aug 2021 09:42:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 24 Nov 2021 08:03:55 GMT

GET
DATA 200
OK truncated
/ Frame 911E 358 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 51e605522df9a8b4bb144071a80eb44ad99f770a9bdcb762be7948440166c4e2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 2249563812812686242_12898680868565401912.png
static.doubleclick.net/dynamic/5/300016163/ Frame 911E 98 KB
98 KB 45ms
21ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/300016163/2249563812812686242_12898680868565401912.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d94e0adf3b015d8ac6bdac40ad6f2d8f1c88ee303f268c3ec672bdf4a38602d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 00:57:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 05:46:11 GMT
server: sffe
age: 282765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100676
x-xss-protection: 0
expires: Thu, 25 Aug 2022 00:57:42 GMT

GET
H2 200 635331459662894911_3242485523690960466.png
static.doubleclick.net/dynamic/5/300016163/ Frame 911E 95 KB
95 KB 53ms
30ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/300016163/635331459662894911_3242485523690960466.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f182d91131b764a8e3bd1c9c0ff638d8fcf3d36997844dec695d3ca011e42f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 23:39:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 24 Aug 2021 05:45:58 GMT
server: sffe
age: 287483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97352
x-xss-protection: 0
expires: Wed, 24 Aug 2022 23:39:04 GMT

GET
H2 200 11811268303750357063_16305608424975945834.png
static.doubleclick.net/dynamic/5/300016163/ Frame 911E 103 KB
103 KB 31ms
8ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/300016163/11811268303750357063_16305608424975945834.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd7106617a7704b216e5b33d76a9228d9f52d2f20f1728dd109d93b6454509fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:36:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 15:21:27 GMT
server: sffe
age: 154437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105105
x-xss-protection: 0
expires: Fri, 26 Aug 2022 12:36:30 GMT

GET
H2 200 7891767557051429516_654585527444796255.png
static.doubleclick.net/dynamic/5/300016163/ Frame 911E 100 KB
100 KB 46ms
24ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/300016163/7891767557051429516_654585527444796255.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e6956c387dfc89d3342cae8e2987cfc5ddb805963becec4f9c605948f392657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 23:26:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 17 Aug 2021 03:44:30 GMT
server: sffe
age: 201833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102443
x-xss-protection: 0
expires: Thu, 25 Aug 2022 23:26:34 GMT

GET
H2 200 1045979815122307234_2825317161646400933.png
static.doubleclick.net/dynamic/5/300016163/ Frame 911E 81 KB
81 KB 53ms
31ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/300016163/1045979815122307234_2825317161646400933.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfe8a98521d6524f9510e2a1d96c039ef44786ef7e4f3cf4005595c171e8f322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 09:14:14 GMT
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 15:22:51 GMT
server: sffe
age: 80173
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82870
x-xss-protection: 0
expires: Sat, 27 Aug 2022 09:14:14 GMT

GET
H2 200 4161328183076782070_8015491748595440115.png
static.doubleclick.net/dynamic/5/300016163/ Frame 911E 84 KB
84 KB 37ms
15ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/300016163/4161328183076782070_8015491748595440115.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53638dd3a18945aa880a678b9b8d5a15fc1ee511cd37758c065804bb71b5acff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 18:44:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 19 Aug 2021 03:45:02 GMT
server: sffe
age: 132385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85834
x-xss-protection: 0
expires: Fri, 26 Aug 2022 18:44:02 GMT

GET
H3-29

200

12005022035155591539
tpc.googlesyndication.com/simgad/ Frame 911E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKC_lp6ZOxCwCRiwCTII6QrrA_WT90M
https://tpc.googlesyndication.com/simgad/12005022035155591539

30 KB
30 KB

8ms
7ms

Image
image/png

2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12005022035155591539

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d2a475bfac60d9f332569e10df25c67c97abcec0f175df038c2a533cf5cd9a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 26 Aug 2021 12:08:00 GMT
x-content-type-options: nosniff
age: 156147
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31097
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 12:37:45 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Aug 2022 12:08:00 GMT

Redirect headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 03:15:49 GMT
x-content-type-options: nosniff
server: cafe
age: 15278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12005022035155591539
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Sep 2021 03:15:49 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 911E 0
0 30ms
30ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdLUBE-YpYcnlDsrmgQeQxoWYDtS1_tpk2IbHjtoOvuPJtv8oEAEgzN2HIWCVAqABldi1yAPIAQmpAoi1zv07Frc-qAMByAPLBKoEtwFP0IuQjVqDdBy7ru-m32P8tPhBRHyekFwCiVBVvW0xP6Hu9SHcoTCWf4KuiLFPhpkBFoT5HUVrUE95FnFCgsOo2z0ib0gqCBJYLaloDUpgLXE7CUUCDrBoWOAD2CRY0vHa0BamqM_BmafIF079flWvYqFj6GlBdeJussNphniiW7vxDdDD14Mtbs57KJsvHT205Jai-urzJq53oPDVMnopz83SSuWDTHupbiP3Ph9r59t2GYIkqI7ABNCH7eXvA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfdnPViqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDz2QzSCAkIgOGAEBABGB-ACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItMjY3NTAzNzI5Njg1Mzk2OBgA&sigh=oE_4jtC5QpY&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&lmt=1630135827&psa=0&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1630135827155&bpp=1&bdt=367&idt=69&shv=r20210824&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=300x250&correlator=6611855871183&frm=20&pv=1&ga_vid=642200571.1630135827&ga_sid=1630135827&ga_hid=929602023&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=897&ady=904&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062423%2C31062297&oid=3&pvsid=2039342492235246&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=tGW0gJy3sy&p=https%3A//s.yam.com&dtd=72
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 28 Aug 2021 07:30:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:30:27 GMT

GET
DATA 200
OK truncated
/ Frame 3ACD 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92d697bb7ca72233fca9890278ba06bbaf037c13fc53ff9248ca39c5f95210e0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 911E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbcbe9bc33ee477b2d624159285cc4e32738dea69686ef83c418d0d441062c1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 911E 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 07:30:47 GMT
x-content-type-options: nosniff
age: 345580
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 07:30:47 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 911E 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChEIASoNdG93ZXIyLXNxdWFyZQoKCAIqBnNlcnZlcgoYCAQqFG15c2lkaWFfcmVsZWFzZV9wcm9kCjoaG21heGltYWxfdGFnX2V4cGVyaW1lbnRfbmFtZSoZRnJlcXVlbmN5Q2FwUG9pbnQ1Q29udHJvbDABChMaB3RhZ19pZHMqBmJiYmJiYjABCigaEXByb2R1Y3RfYm94X3dpZHRoKhE5Ny4zMzMzMzMzMzMzMzMzMzABChsaEnByb2R1Y3RfYm94X2hlaWdodCoDMTAxMAEKGBoMYmFzZV90YWdfaWRzKgZiLmIuYi4wARIaQ0ltN3JKZVowX0lDRlVwejRBb2RFR01CNHciEmdwYS9tYXhpbWFsX3YxX29jaCgM

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/28960c8a32e8dcc49d8dc53b67dce604.js?tag=pingback

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
34ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210824&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f31c69d61d8dbdbf836375ab0a01e78d5c42fd01ca9fda16e8bc80ec2390604a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 28 Aug 2021 07:30:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8592
x-xss-protection: 0

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame B05D 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 20:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 20:54:38 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 07:30:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sat, 28 Aug 2021 07:30:28 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 976D 12 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.yam.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 27 Aug 2021 20:54:37 GMT
expires: Sat, 27 Aug 2022 20:54:37 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 38151
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B6F4 783 B
761 B 16ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

91dfe662a2af8c724157e22ed7c45a697bd58ea92a6c69dea76165d629751ef0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4j0qI1Rv5oUCDsN/d9csCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://s.yam.com/

Response headers

expires: Sat, 28 Aug 2021 07:30:28 GMT
date: Sat, 28 Aug 2021 07:30:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4j0qI1Rv5oUCDsN/d9csCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 976D 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 20:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38150
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 20:54:38 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210824&jk=2039342492235246&bg=!2Nul25_NAAZOkH6FTpA7ACkAdvg8WtOqWgvgOFWlhKXQM0dgNHd4I5qL1i0f-1jlxOcQPNe83KOl3QIAAABcUgAAAAtoAQcKACnBF1lLMMoZfb_5EMXpaGSXun4VCNNcPKPLIcvbX-OPVnUQVlqqSY3SRpkCd-TSDnD5k9Q1m-ebueX3-ndDw-fjgCzLqGFbDTXK6gWcfeqafEjkbfvfhwpl5BF70xBR4gOZUB4TEGexzY-2DfVvnvVpwTK10BZpcSyQndiMpRlrN4XJMWNSYjzrOLSVSvLfCrERXOYWhkowgg3GrxrNS-RMWNT3uNCxxb0_Dp7oYEtLZ7VFCQIlF1Vd0BO8Da_Il2VDgxpMu6eiE_11yt4IL8nCR0ybEp88CTp7JnTh1Fjd0e2rmCg3KQIfx1PHtaslAUoBdf4keOesXnFDRS4QmWgwysQOaTJQgm1LhoBc2KCDD7rWhq4WmByMa8sBRwUrWQIvMyLJMSiqwMjVoC7BeMF3VDnarJJvfNsVAu85A2adt5_6jxc3CMG2y8PmQB16bP-y7XOlY0NI8Kbo-E_E80JBFLxUpLOb6mqgHt_WvfJ0WqeY5Ndmm0q7oBc1v47KwYxKN4ehQU-RgeOf5xmv4SbK4HjYAVG9nr20Vefogs_peeztzL8nNOmpWwi4z5JSJmrpgtJv8ncujq0AsiB2XDWWAK0eIdvjUioVBhGlAHnIuJKS3ktWQcJHGJ_jYhKc14YkOiHNFUAydMhqXIv7FEMpqdfC29AKL9HkltwnXZwx4Ceor1ZUxctPXlc7yU05TB0t8XMv1lpPJm78dj0k2MR2rE4XsN5butcPlinoF-zWvTL9RjCp5VrPSSVUAcXTReFJjlXDsyt6-XB5tE6pE0VGm-sDoO-ZDJztqGzJElz5hI_HoKQ0bXSImDUn_2yJqhawrkQ0QxB335Z-NOPJcDwWWIdqmQWbn_duQwcWC9tlM-Cfu_atJUENVLUPlw8T3ZhoWXg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://s.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3ACD 42 B
64 B 27ms
26ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWBWWar4x5ezTATpUFQidwGl7FXY0zb3MU224x4dA_jejvLmNuWxTxqVFZVFejGXJrvcsRAhbmjjFJYzb169-Zp9DgnnE-dA&sig=Cg0ArKJSzCaNJrwYk5SgEAE&id=lidar2&mcvt=1000&p=904,408,1154,708&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1989567528&rs=2&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630135827217&rpt=624&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 911E 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdTTI1i0PnXHGiBPaKQ-DxSfVmb5c8itEOSeAsfBc3E2fYAlpr5kF3oUtgLtlpIHQBynPSljlN25Y8MrIEauBzbsFmoE0AOaCilT_pwnD6DLM8CnspbtaEx0fB8Q&sai=AMfl-YSf5TR0PpC1_SeHX12MlTukxDIg3wj2TtW9aqOu5VIR4UFnSKdeM30_ul1MSjQv4c6I4hPsPAp4pEmt&sig=Cg0ArKJSzLvk5UfQgOBaEAE&id=lidar2&mcvt=1000&p=904,897,1154,1197&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210827&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=622561713&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630135827228&rpt=707&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 28 Aug 2021 07:30:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 06:10:31	Name: IDE Value: AHWqTUkG_TgC2UfmAYWz77ykXOY-73k0r7rtDYVdWU2td0hAHpWhIkyC0C08ALfbtJs

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900026.redintelligence.net
hanalytics.eu
img.yamedia.tw
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.mathtag.com
s.yam.com
static.doubleclick.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
138.201.63.164
138.201.84.244
172.217.23.98
185.29.132.242
2.18.233.201
2606:4700:3032::6815:1073
2606:4700:3035::6815:3d44
2a00:1450:4001:801::200e
2a00:1450:4001:803::2006
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
52.187.123.178
0d2a475bfac60d9f332569e10df25c67c97abcec0f175df038c2a533cf5cd9a0
0ece5bf231dbbc2118d2ee8a8ecbb335bca176c4de344f67a881b88afe18414a
1067c971caffd7df8cd9067373c51d11760f7222c741238f36df1ca218620ece
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d94e0adf3b015d8ac6bdac40ad6f2d8f1c88ee303f268c3ec672bdf4a38602d
27badc983df1780b60c2b3fa9d3a19a00e46aac798451f0febdca52920faaddf
30fb03160560fb897688723aca6e1e090d63906cb624f0130cda9e13ad6c8674
3b2abe94915d1a8a0c95001f7bdcba916381919ffbf81b0b1d50945c98a48690
41c36545904182a753a5d6d64356fb7dea4eb2cc5f6c62dd6cc3b4da8809a6e8
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51e605522df9a8b4bb144071a80eb44ad99f770a9bdcb762be7948440166c4e2
53638dd3a18945aa880a678b9b8d5a15fc1ee511cd37758c065804bb71b5acff
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
6b6796587883d5e526fd374f0f496f60d7c50c3aa6959c0b7fd5f32fada4b12e
7089f6cbc081f79ba297f48c9c720869f325f9eedbe422279da1a4bee732bc4b
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
7e6956c387dfc89d3342cae8e2987cfc5ddb805963becec4f9c605948f392657
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
91dfe662a2af8c724157e22ed7c45a697bd58ea92a6c69dea76165d629751ef0
929da0923680df0e4242307a4dcac6272634ecbe310f3479c62010c3a982c4e2
92d697bb7ca72233fca9890278ba06bbaf037c13fc53ff9248ca39c5f95210e0
a1389c361348f923cc244eeb53461bae6e55070f1a424b87b329d05fabbbdd21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfad1784c489a413b512e4f03923dd6cd991811c5c49263125aa6930196d7f4d
c53b6cb7d08536cf24f407d9790774c5783e1386dccf0246d0269c321b7ea70e
c76b230a40cb927216612abe80a117c5546ec57111fb6b770d8fe67235815e6d
cbcbe9bc33ee477b2d624159285cc4e32738dea69686ef83c418d0d441062c1d
cfe8a98521d6524f9510e2a1d96c039ef44786ef7e4f3cf4005595c171e8f322
db242ac40ea13e23c0c47b046e1b9d1ee790392070ee6b58bd1b3dfd1279dd45
dcef45d5aee7d31310c3749ca51de8df3f7f46b6efbb9119a43db3a8aacdd46e
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
dd7106617a7704b216e5b33d76a9228d9f52d2f20f1728dd109d93b6454509fa
de1564dc2b91ef93ec204f1490e0b63bd8378864cd838053c608ffc0b45e6f18
e12ca129385ec88177c0fb34c59fd33dd1cd5d4f6531eb1b0b44cab8c3167ac6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b142d36d6f95d9384d3c6203b94af5689bf0027475806a0349efe1fc43aeb9
e87d7c59119397293cf71c27dd7eac13e19f0f3cc3f2b85fc52a74864757b251
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f182d91131b764a8e3bd1c9c0ff638d8fcf3d36997844dec695d3ca011e42f0f
f31c69d61d8dbdbf836375ab0a01e78d5c42fd01ca9fda16e8bc80ec2390604a
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

s.yam.com Open in urlscan Pro 52.187.123.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

100 %HTTPS

73 %IPv6

14 Domains

22 Subdomains

23 IPs

5 Countries

1194 kBTransfer

2102 kBSize

1 Cookies

6 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s.yam.com Open in urlscan Pro
52.187.123.178 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

100 %
HTTPS

73 %
IPv6

14
Domains

22
Subdomains

23
IPs

5
Countries

1194 kB
Transfer

2102 kB
Size

1
Cookies

64 HTTP transactions
3 data transactions