s.yam.com Open in urlscan Pro
13.76.85.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s.yam.com/mkvzg!
Effective URL:
https://s.yam.com/
Submission: On February 12 via api (February 12th 2025, 3:06:21 am UTC) from RU — Scanned from SG

Summary HTTP 46 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 9 domains to perform 46 HTTP transactions. The main IP is 13.76.85.56, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is s.yam.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 28th 2024. Valid for: a year.

This is the only time s.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 6	13.76.85.56 13.76.85.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	104.21.61.68 104.21.61.68	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	104.26.4.59 104.26.4.59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
2	172.217.194.100 172.217.194.100	15169 (GOOGLE) (GOOGLE)
6	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
2 4	13.33.88.55 13.33.88.55	16509 (AMAZON-02) (AMAZON-02)
14	142.251.175.102 142.251.175.102	15169 (GOOGLE) (GOOGLE)
1	172.253.118.155 172.253.118.155	15169 (GOOGLE) (GOOGLE)
2	74.125.24.132 74.125.24.132	15169 (GOOGLE) (GOOGLE)
1	172.217.194.99 172.217.194.99	15169 (GOOGLE) (GOOGLE)
46	11

6 13.76.85.56 (Singapore, Singapore) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

s.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.61.68 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

img.yamedia.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.26.4.59 (None, )

ASN13335 (CLOUDFLARENET, US)

yamedia.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.194.100 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.88.55 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-55.sin2.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.251.175.102 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.194.99 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 698 www.google.com — Cisco Umbrella Rank: 10	73 KB
11	yam.com 2 redirects s.yam.com yamedia.yam.com stats.yam.com www.yam.com	159 KB
7	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	270 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 76
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 301	7 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 505 ep2.adtrafficquality.google — Cisco Umbrella Rank: 508	20 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 115	22 KB
2	yamedia.tw 2 redirects img.yamedia.tw	1 KB
0	hanalytics.eu Failed hanalytics.eu Failed
46	9

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	s.yam.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	s.yam.com	2 redirects s.yam.com
4	sb.scorecardresearch.com	2 redirects s.yam.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
2	www.google-analytics.com	s.yam.com www.google-analytics.com
2	stats.yam.com	s.yam.com stats.yam.com
2	yamedia.yam.com	s.yam.com
2	img.yamedia.tw	2 redirects
1	www.google.com	ep2.adtrafficquality.google
1	www.yam.com
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
0	hanalytics.eu Failed	s.yam.com
46	14

This site contains links to these domains. Also see Links.

Domain
membercenter.yam.com
yam.com
member.yam.com
help.yam.com

Subject Issuer	Validity	Valid
*.yam.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-28` - `2025-06-28`	a year	crt.sh
*.g.doubleclick.net WR2	`2025-01-20` - `2025-04-14`	3 months	crt.sh
yam.com WE1	`2024-12-15` - `2025-03-15`	3 months	crt.sh
*.google-analytics.com WR2	`2025-01-20` - `2025-04-14`	3 months	crt.sh
*.google.com WR2	`2025-01-20` - `2025-04-14`	3 months	crt.sh
adtrafficquality.google WR2	`2025-01-20` - `2025-04-14`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://s.yam.com/
Frame ID: F87A2AAB12F1551372F9F1EC9786EC3F
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/zrt_lookup_fy2021.html
Frame ID: 9EB6F159170B4E2FCC4F22D17FD7AC95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&abgtt=13&lmt=1739329575&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1739329575867&bpp=4&bdt=149&idt=52&shv=r20250210&mjsv=m202502060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=2601115439275&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&oid=2&pvsid=2139563710149329&tmod=1204976785&uas=0&nvt=1&fc=640&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=79
Frame ID: D44A3186837EA9228F090F9195E0F27D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&abgtt=13&lmt=1739329575&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1739329575872&bpp=1&bdt=154&idt=96&shv=r20250210&mjsv=m202502060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250&correlator=2601115439275&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&oid=2&pvsid=2139563710149329&tmod=1204976785&uas=0&nvt=1&fc=640&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=110
Frame ID: AB02C2CBC92531A519787D28C188B70C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&abgtt=13&lmt=1739329576&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fs.yam.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.15&aiapmi=0.33938&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1739329575996&bpp=2&bdt=278&idt=2&shv=r20250210&mjsv=m202502060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250%2C300x250&nras=1&correlator=2601115439275&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&oid=2&pvsid=2139563710149329&tmod=1204976785&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=14
Frame ID: 63F5A326D2955A711A0A2F395EB05551
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/zrt_lookup_fy2021.html
Frame ID: 83B0066C8624892A90DE39F2C770EFCF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/zrt_lookup_fy2021.html
Frame ID: 4ECF688BE1054CCC572084D212CE9461
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: A30A7A11B0D6DC210AAD720AA6C94A91
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C07E6CC28F4ADA82DDEA8C5AB7752C31
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

短網址 - 羊雪兒 - yamShare |蕃薯藤

Page URL History Show full URLs

https://s.yam.com/mkvzg! HTTP 302
https://s.yam.com/detail/mkvzg HTTP 302
https://s.yam.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

46
Requests

87 %
HTTPS

0 %
IPv6

9
Domains

14
Subdomains

11
IPs

3
Countries

548 kB
Transfer

1477 kB
Size

17
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://membercenter.yam.com/Signin?URL=https://s.yam.com
Title: 會員登入

Search URL Search Domain Scan URL

URL: https://yam.com/
Title: yam 蕃薯藤

Search URL Search Domain Scan URL

URL: https://member.yam.com/Notice/?duty.htm
Title: 服務條款

Search URL Search Domain Scan URL

URL: https://member.yam.com/Notice/?privacy.htm
Title: 隱私權政策

Search URL Search Domain Scan URL

URL: https://help.yam.com/
Title: 服務中心

Search URL Search Domain Scan URL

URL: https://help.yam.com/m/
Title: 聯絡我們

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s.yam.com/mkvzg! HTTP 302
https://s.yam.com/detail/mkvzg HTTP 302
https://s.yam.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://img.yamedia.tw/2021/share/500_104.png HTTP 302
https://yamedia.yam.com/2021/share/500_104.png

Request Chain 3

https://img.yamedia.tw/2021/share/loading.gif HTTP 302
https://yamedia.yam.com/2021/share/loading.gif

Request Chain 15

https://sb.scorecardresearch.com/cs/38111965/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 18

https://sb.scorecardresearch.com/b?c1=2&c2=38111965&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1739329576193&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fs.yam.com%2F&c8=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=38111965&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1739329576193&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fs.yam.com%2F&c8=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9=

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
s.yam.com/
Redirect Chain

https://s.yam.com/mkvzg!
https://s.yam.com/detail/mkvzg
https://s.yam.com/

16 KB
6 KB

8ms
8ms

Document
text/html

13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 770ec608c24c705d398933919ca08c84507766228ee122abb6318a552d6292ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 5885
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Feb 2025 03:06:15 GMT
Server: Microsoft-IIS/8.5
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

Redirect headers

Cache-Control: private
Content-Length: 134
Content-Type: text/html; charset=utf-8
Date: Wed, 12 Feb 2025 03:06:15 GMT
Location: https://s.yam.com
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-AspNetMvc-Version: 5.2
X-Powered-By: ASP.NET

GET
H/1.1 200
OK css
s.yam.com/Content/ 139 KB
33 KB 10ms
9ms Stylesheet
text/css 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://s.yam.com/Content/css?v=7o0cfeZ0KMurzfdrwp5cpiAQbfDOaWrXSBMqTp0wkPQ1
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4adae8cb864e019beb2cf6789cb31d599861c46eef7d51cda0ae44efe6da601a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

Cache-Control: public
X-AspNet-Version: 4.0.30319
Content-Encoding: gzip
Expires: Thu, 12 Feb 2026 03:06:15 GMT
Content-Length: 33757
Date: Wed, 12 Feb 2025 03:06:15 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Wed, 12 Feb 2025 03:06:15 GMT
Vary: User-Agent,Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET script.js
hanalytics.eu/js/ 0
0

GET
H3

200

500_104.png
yamedia.yam.com/2021/share/
Redirect Chain

https://img.yamedia.tw/2021/share/500_104.png
https://yamedia.yam.com/2021/share/500_104.png

8 KB
9 KB

136ms
127ms

Image
image/png

104.26.4.59
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://yamedia.yam.com/2021/share/500_104.png
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H3
Server: 104.26.4.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5fdc93029df6a244240020cb8b6349bcdc5a6c23b5f4b2a476858aafe9c3eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-md5: 3wycdh9BS9lBG+JCpucFVA==
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
etag: "0x8D8CCE211CE3D43"
x-ms-version: 2014-02-14
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YSJnIizO%2FMhPHIcjWkShv7Spac7zw6SHJAkPFzS6zVqPbOHu8wOzGTzjBhIp6ZjDvkKCzvCvz7sLJrwxhVD1Cs6%2By2PjvIHUI9XYAR%2BXaokkymG0ni6j4Ley7gH7iqfjKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ms-lease-state: available
cf-polished: origSize=15707
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1797&min_rtt=1503&rtt_var=289&sent=43&recv=28&lost=0&retrans=0&sent_bytes=36564&recv_bytes=7134&delivery_rate=11882689&cwnd=24000&unsent_bytes=0&cid=864ea6f2bf0675b0&ts=560&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: image/png
last-modified: Tue, 09 Feb 2021 10:04:20 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id: 4c68abdf-d01e-00ab-70ef-30f05e000000
cf-ray: 91095c9b4f583fbd-SIN
accept-ranges: bytes
content-length: 8302
x-ms-blob-type: BlockBlob
server: cloudflare

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://yamedia.yam.com/2021/share/500_104.png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xAcyljbkl5nlLfhn1nEtmkWdGF0ztkOXVyivgITEEXdHeHsQzRSa%2F%2FPpIPBcXjHBfj2LfUTutWn705E1QJyFpAQhdSamcyiCEbrKqxlDfwI1iDi9ZZUgtzB%2B3U5hHa1F%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 91095c9a5d3316a0-SJC
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=223809&min_rtt=223746&rtt_var=83950&sent=11&recv=8&lost=0&retrans=0&sent_bytes=5071&recv_bytes=4703&delivery_rate=14926&cwnd=12000&unsent_bytes=0&cid=b0705692551d9ca2&ts=256&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 143
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=1,i

GET
H3

200

loading.gif
yamedia.yam.com/2021/share/
Redirect Chain

https://img.yamedia.tw/2021/share/loading.gif
https://yamedia.yam.com/2021/share/loading.gif

28 KB
29 KB

131ms
121ms

Image
image/gif

104.26.4.59
CLOUDFLARENET

General

Check archive.org

Download Go to Show image

Full URL: https://yamedia.yam.com/2021/share/loading.gif
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H3
Server: 104.26.4.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59984a7a1117f83f4dd2fbf45b19f07d6b5d0cd7dda1ac676bb9736005290900

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-md5: AlOeK5j89stXWjZ5yAsFUw==
x-ms-lease-status: unlocked
cf-bgj: imgq:100,h2pri
etag: "0x8D8CC9C38BC7AED"
x-ms-version: 2014-02-14
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XT8BEmArK5ZTmQHIajfxYA8CAmL9K4foPj7N1ydy5wRJg90LHlqqSfQiev1yX3PEjgxrVn9cYY%2BHslOYFXZgjrHCH84TyYyQDEiv%2B7S997hBGKaCCwY4arAHlensf85tdg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-ms-lease-state: available
cf-polished: origSize=41005
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2238&min_rtt=1503&rtt_var=976&sent=17&recv=15&lost=0&retrans=0&sent_bytes=6510&recv_bytes=6575&delivery_rate=1207261&cwnd=12000&unsent_bytes=0&cid=864ea6f2bf0675b0&ts=553&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: image/gif
last-modified: Tue, 09 Feb 2021 01:44:21 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-ms-request-id: 64b90f90-a01e-0008-1469-67959b000000
cf-ray: 91095c9b4f563fbd-SIN
accept-ranges: bytes
content-length: 28534
x-ms-blob-type: BlockBlob
server: cloudflare

Redirect headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
location: https://yamedia.yam.com/2021/share/loading.gif
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LXah1IoithpPBPcia8OYTyjmCl3Ecr3hP3C%2FtWdRWEcIHvEfBXEvE7pox3KdFwNBgbmhITMfapdT%2B%2B8e6RvWGdF6384nfAnM%2BJ7Cc66%2BhaY%2FnAxK6iY1EntXU6tFs9T42w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 91095c9a5d3616a0-SJC
expires: Thu, 01 Jan 1970 00:00:01 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=223809&min_rtt=223746&rtt_var=83950&sent=10&recv=8&lost=0&retrans=0&sent_bytes=4128&recv_bytes=4703&delivery_rate=14926&cwnd=12000&unsent_bytes=0&cid=b0705692551d9ca2&ts=253&x=1", cfExtPri, cfHdrFlush;dur=0
content-length: 143
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: text/html
vary: Accept-Encoding
server: cloudflare
priority: u=2,i

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
53 KB 34ms
23ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

a65af3fb9575d27aebe45924d4b8b6f9457c86ced883e1c11b06bc9b7e346eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: br
etag: 41390616543843171
x-content-type-options: nosniff
expires: Wed, 12 Feb 2025 03:06:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 12 Feb 2025 03:06:15 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53887
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK default Show response
s.yam.com/min/ 141 KB
61 KB 19ms
17ms Script
text/javascript 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://s.yam.com/min/default?v=tiAK3BFvUGbzNSWUd0s3r5-X5AzV8j9tGr19Ugm9IG41
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 881e8e872ae60f41b4594bd9ea0bced853b81134cb2a59b20d6f4400e15f17c1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

Cache-Control: public
X-AspNet-Version: 4.0.30319
Content-Encoding: gzip
Expires: Thu, 12 Feb 2026 03:06:15 GMT
Content-Length: 61697
Date: Wed, 12 Feb 2025 03:06:15 GMT
Content-Type: text/javascript; charset=utf-8
Last-Modified: Wed, 12 Feb 2025 03:06:15 GMT
Vary: User-Agent,Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

GET
H3 200 ya.js Show response
stats.yam.com/ 4 KB
2 KB 180ms
153ms Script
application/x-javascript 104.26.4.59
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stats.yam.com/ya.js
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 618345dbd605e9f5f771324ca1aae652c6e3ee89b452a965193b072492690acb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "8075c8adeab5d81:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=41J6gxwLSH5vwEBkoICaSE4uXpdNXteE2%2BZRBg7%2FaoonT0mIa%2F8iBJlYSMrNVvKGm9Rr0qZubdnDtJc7U%2BJltREICTvqdxbbPcVko4eYv9lz7HURzQMmXshyJxX%2FNto%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2310&min_rtt=1503&rtt_var=1110&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4381&recv_bytes=5679&delivery_rate=966&cwnd=12000&unsent_bytes=0&cid=864ea6f2bf0675b0&ts=163&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 12 Feb 2025 03:06:15 GMT
content-type: application/x-javascript
last-modified: Mon, 22 Aug 2022 05:47:35 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 91095c98abc33fbd-SIN
accept-ranges: bytes
content-length: 1314
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 17ms
4ms Script
text/javascript 172.217.194.100
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
age: 5270
report-to: {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 12 Feb 2025 03:38:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 01:38:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:225:0
content-length: 20994
server: Golfe2

GET
H/1.1 200
OK glyphicons-halflings-regular.woff
s.yam.com/fonts/ 16 KB
16 KB 13ms
11ms Font
font/x-woff 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://s.yam.com/fonts/glyphicons-halflings-regular.woff
Requested by: Host: s.yam.com
URL: https://s.yam.com/Content/css?v=7o0cfeZ0KMurzfdrwp5cpiAQbfDOaWrXSBMqTp0wkPQ1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Origin: https://s.yam.com
Referer: https://s.yam.com/Content/css?v=7o0cfeZ0KMurzfdrwp5cpiAQbfDOaWrXSBMqTp0wkPQ1

Response headers

ETag: "9c6d60521517d31:0"
Accept-Ranges: bytes
Content-Length: 16448
Date: Wed, 12 Feb 2025 03:06:15 GMT
Content-Type: font/x-woff
Last-Modified: Thu, 17 Aug 2017 04:57:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
448 B 6ms
5ms XHR
text/plain 172.217.194.100
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1723531366&t=pageview&_s=1&dl=https%3A%2F%2Fs.yam.com%2F&ul=en-sg&de=UTF-8&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=72683709&gjid=1798984211&cid=1765652730.1739329576&tid=UA-16227618-1&_gid=1022699661.1739329576&_r=1&_slc=1&z=712676720

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

report-to: {"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://s.yam.com
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgac:175:0
content-length: 3
server: Golfe2

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/ 430 KB
143 KB 4ms
4ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

3ee998b74d56098d0d0227ed61d8b7558c0d115a424daa7d5895debde9bb9017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: br
etag: 13126755004829533695
age: 4187
x-content-type-options: nosniff
expires: Wed, 26 Feb 2025 01:56:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 12 Feb 2025 01:56:28 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 146056
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/ Frame 9EB6 0
0 8ms
3ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

age: 33842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4144
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Feb 2025 17:42:13 GMT
etag: 7793694970870604198
expires: Tue, 25 Feb 2025 17:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D44A 0
0 435ms
433ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=4974166294&adk=1989567528&adf=1779873044&pi=t.ma~as.4974166294&w=300&abgtt=13&lmt=1739329575&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1739329575867&bpp=4&bdt=149&idt=52&shv=r20250210&mjsv=m202502060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=2601115439275&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&oid=2&pvsid=2139563710149329&tmod=1204976785&uas=0&nvt=1&fc=640&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=79

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 403
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Feb 2025 03:06:16 GMT
expires: Wed, 12 Feb 2025 03:06:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame AB02 0
0 506ms
506ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&h=250&slotname=1229953282&adk=622561713&adf=4042470402&pi=t.ma~as.1229953282&w=300&abgtt=13&lmt=1739329575&format=300x250&url=https%3A%2F%2Fs.yam.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1739329575872&bpp=1&bdt=154&idt=96&shv=r20250210&mjsv=m202502060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250&correlator=2601115439275&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=897&ady=907&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&oid=2&pvsid=2139563710149329&tmod=1204976785&uas=0&nvt=1&fc=640&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Feb 2025 03:06:16 GMT
expires: Wed, 12 Feb 2025 03:06:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
stats.yam.com/y/collect/ 1 KB
1 KB 366ms
365ms Fetch
text/html 104.26.4.59
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://stats.yam.com/y/collect/?v=1&cid=s.yam.com&uid=yam.17393295750000994&ul=en-sg&sr=1600x1200&dl=https%3A%2F%2Fs.yam.com%2F&dr=&dt=%E7%9F%AD%E7%B6%B2%E5%9D%80+-+%E7%BE%8A%E9%9B%AA%E5%85%92+-+yamShare+%7C%E8%95%83%E8%96%AF%E8%97%A4&en=page_view&ea=&ev=
Requested by: Host: stats.yam.com
URL: https://stats.yam.com/ya.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 755c3fb42f99b07eb1035c6102d2842616761ab2ccd8d45d996324fdaf952253

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hM99nf%2BQn8qXpqSctVFGBh6soRV6pVpuHYh7CX2vc16wTTLx8L4fCs8Yc%2Fox2aJhSEgX%2BulqDESHmnmTIGDqEmEpgElMi08uELmH3hid8Oknjf%2Bw4Z0bMZRcGWB3X4%3D"}],"group":"cf-nel","max_age":604800}
x-ms-middleware-request-id: 00000000-0000-0000-0000-000000000000
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1650&min_rtt=1349&rtt_var=312&sent=12&recv=11&lost=0&retrans=0&sent_bytes=2732&recv_bytes=5725&delivery_rate=1042&cwnd=12000&unsent_bytes=0&cid=10dab04cdd90e60c&ts=362&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
priority: u=1,i
cache-control: private
x-aspnet-version: 4.0.30319
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 91095c9a0f7e6bd9-SIN
access-control-allow-origin: *
x-powered-by: ASP.NET
server: cloudflare
x-aspnetmvc-version: 5.2

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/38111965/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

16 KB
6 KB

3ms
3ms

Script
text/javascript

13.33.88.55
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H2
Server: 13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-55.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"c22322b3d030360971584a98c60b6e0b"
age: 28436
via: 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: yj8p4oLWHA9bXfKJxRhBIhBQmXwESRLyBua4Iz0vREq4JDG1wYyX8w==
date: Tue, 11 Feb 2025 19:21:40 GMT
content-type: text/javascript
last-modified: Mon, 16 Dec 2024 11:25:59 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/default/beacon.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: rj41h7gB-whuBCcfKAd7zavm0ql8VFAee-g8hWCKlwHrWlYjBdPeDQ==
date: Wed, 12 Feb 2025 03:06:16 GMT
x-amz-cf-pop: SIN2-P2

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 6ms
5ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 12 Feb 2025 03:06:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 63F5 0
0 457ms
456ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2675037296853968&output=html&adk=1812271804&adf=3025194257&abgtt=13&lmt=1739329576&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x945_l%7C140x945_r&format=0x0&url=https%3A%2F%2Fs.yam.com%2F&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiapm=0.15&aiapmi=0.33938&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1739329575996&bpp=2&bdt=278&idt=2&shv=r20250210&mjsv=m202502060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250%2C300x250&nras=1&correlator=2601115439275&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&oid=2&pvsid=2139563710149329&tmod=1204976785&uas=0&nvt=1&fsapi=1&fc=896&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 100376
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 12 Feb 2025 03:06:16 GMT
expires: Wed, 12 Feb 2025 03:06:16 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=38111965&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1739329576193&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fs.yam.com%2F&c8=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20...
https://sb.scorecardresearch.com/b2?c1=2&c2=38111965&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1739329576193&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fs.yam.com%2F&c8=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%2...

0
223 B

179ms
177ms

Image
text/plain

13.33.88.55
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=38111965&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1739329576193&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fs.yam.com%2F&c8=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9=
Requested by: Host: s.yam.com
URL: https://s.yam.com/
Protocol: H2
Server: 13.33.88.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-55.sin2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

via: 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: EevckgieO16p8LguzntSJtEZ5ISl1wpzcu8g49ugUT-z_NuDd8z3cQ==
date: Wed, 12 Feb 2025 03:06:16 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: SIN2-P2

Redirect headers

location: /b2?c1=2&c2=38111965&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1739329576193&ns_c=UTF-8&cs_cfg=1001110&c7=https%3A%2F%2Fs.yam.com%2F&c8=%E7%9F%AD%E7%B6%B2%E5%9D%80%20-%20%E7%BE%8A%E9%9B%AA%E5%85%92%20-%20yamShare%20%7C%E8%95%83%E8%96%AF%E8%97%A4&c9=
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 9725312341802185c9ebf086bf95544e.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: GliQKiSFV-2xVmrlTlIu39stNuIJmnjdVKmO659m4qn_-3MM5B2-aQ==
date: Wed, 12 Feb 2025 03:06:16 GMT
x-amz-cf-pop: SIN2-P2

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/ 179 KB
59 KB 4ms
3ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

88d906a0bc45fd77c0bf5ac9e7846aa71c10a2139d3b4e24fc0d912fe45ee75e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: br
etag: 7749959142079062983
age: 55785
x-content-type-options: nosniff
expires: Tue, 25 Feb 2025 11:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 11 Feb 2025 11:36:31 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60841
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-2675037296853968 Show response
fundingchoicesmessages.google.com/i/ 192 KB
63 KB 34ms
19ms Script
application/javascript 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2675037296853968?href=https%3A%2F%2Fs.yam.com&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

2c19d2d1b015ae75cacbc1b5ce201299ffe57efb8fa4185e76c18bbf94168405

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-IvbPSI_biGn0m7pPScZR5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStDikmJw1ZBiOHnrNtNFIG69eY51OhAbrT3P6gLEhgqXWJ2B-P66S6zPgfhD_WXWH0BcJHGFtQWIGb5eYeUA4pMuV1kvAvFlIL4NxFW_rrI2AbEQD8eKBRv2sgl0TDvYxKSkkZRfGJ-cn1dSlJlUWpJflJacllqcWlSWWhRvZGBkamBkaKBnYBpfYAAATsZAfg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-IvbPSI_biGn0m7pPScZR5A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 7ms
6ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=31090260%2C31090267%2C95344789%2C95352068%2C95349396%2C95340252%2C95340254&hl=zh-TW&pvc=2139563710149329

Requested by

Host: s.yam.com
URL: https://s.yam.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 12 Feb 2025 03:06:16 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 204 AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 16ms
9ms XHR
text/html 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.myFQHk79Gbo.es5.O/d=1/rs=AJlcJMyCsK-XJIVU3baedcbArBNRZhOIyw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VlAwiR08Gcilsfv7sYLo6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw1pBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLNiwl03gxuSO6UxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyNBAz8A8vsAAACanL5Y"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VlAwiR08Gcilsfv7sYLo6g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxW5oQnxsAfhSHATLJD1nqTQVtDivoawkSCSmEpGsMRO1wGqYILp2MOm4yD4XpsgGzIX0hX_hzTCvBvrSW-55aA42vz96-WHex5mET3pC-tAWof_9VCjniquzzsi3n3DjF_ZaFlpEg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
4 KB 20ms
19ms Script
application/javascript 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW5oQnxsAfhSHATLJD1nqTQVtDivoawkSCSmEpGsMRO1wGqYILp2MOm4yD4XpsgGzIX0hX_hzTCvBvrSW-55aA42vz96-WHex5mET3pC-tAWof_9VCjniquzzsi3n3DjF_ZaFlpEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM5MzI5NTc2LDYwOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9zLnlhbS5jb20vIixudWxsLFtbOCwibXlGUUhrNzlHYm8iXSxbOSwiZW4tR0IiXSxbMjMsIjE3MzkzMjk1NzUiXSxbMTksIjIiXSxbMjQsIiJdLFsyNSwiW1s5NTM0MDI1Miw5NTM0MDI1NF1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

2f735215b2eaf17611e9f9a56de5b265b90318256e94731b5a1b03f1c8741967

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mCdfYV9iRvyUKZUiaqML4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYgZvl5h5QDiky5XWS8C8WUgvg3EVb-usjYBsRAPx4oFG_ayCfw4fmg1k5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgZGhgZ6BaXyBAQCeXDw3"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-mCdfYV9iRvyUKZUiaqML4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/ Frame 83B0 0
0 0ms
0ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

age: 33842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4144
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Feb 2025 17:42:13 GMT
etag: 7793694970870604198
expires: Tue, 25 Feb 2025 17:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/ Frame 4ECF 0
0 0ms
0ms Document
text/html 142.251.12.154
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20250210/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Sec-Browsing-Topics: ();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

age: 33842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4144
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Feb 2025 17:42:13 GMT
etag: 7793694970870604198
expires: Tue, 25 Feb 2025 17:42:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 11ms
4ms Fetch
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f157.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://s.yam.com/

Response headers

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 20ms
12ms XHR
application/json 172.253.118.155
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20250210&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

447084e39427fb8746f6ba7902d13402025c3a18849807bc4d8b1aae1e1bcd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13075
date: Wed, 12 Feb 2025 03:06:16 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 favicon.ico
www.yam.com/ 318 B
816 B 47ms
37ms Other
image/x-icon 104.26.4.59
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://www.yam.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.4.59 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4850257a2c4f08dead3246f744557f1738056664fd17cf427ef1574df44d22d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"358873766b10d91:0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOtbtLZADxH2W8suWZG5ewmbwyWQjWsWijtVSE11q0J7rn3Mz%2BTL81%2F3yeEHtzQBYHKNtKfBM%2Fw3XPQDAeV4OzEMvc3e2wt7Hddl3oEnoHUdFKGDqgHWk7v5THnG"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1715&min_rtt=1503&rtt_var=190&sent=52&recv=33&lost=0&retrans=0&sent_bytes=45949&recv_bytes=7930&delivery_rate=6035643&cwnd=24000&unsent_bytes=0&cid=864ea6f2bf0675b0&ts=1226&x=1", cfExtPri, cfHdrFlush;dur=0
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: image/x-icon
last-modified: Thu, 15 Dec 2022 09:56:11 GMT
vary: Accept-Encoding
priority: u=1,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 91095ca00d8c3fbd-SIN
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 25ms
4ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202502060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 12 Feb 2025 03:06:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:16 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame A30A 0
0 9ms
3ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 1340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Feb 2025 02:43:57 GMT
expires: Wed, 12 Feb 2025 03:33:57 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame C07E 0
0 17ms
15ms Document
text/html 172.217.194.99
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f99.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OR700LmTD16SIUlZM7FHSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OR700LmTD16SIUlZM7FHSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 12 Feb 2025 03:06:17 GMT
expires: Wed, 12 Feb 2025 03:06:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
fundingchoicesmessages.google.com/f/AGSKWxU1zUM4q2FlsPOP1YHSBTSNI2gH0TNV7Nxkws5-9C1tYOduWOE02BaxQ27MCNoH0eDaT1FcKuuOPDx2vuRmlCV7uzf4BVab2tQ9gCFnyYLvqakmnitIGjcyNeefpyYAzIyyz9pLGzZry0ewYKrSECQnC7gj2... 54 B
109 B 12ms
11ms Script
application/javascript 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU1zUM4q2FlsPOP1YHSBTSNI2gH0TNV7Nxkws5-9C1tYOduWOE02BaxQ27MCNoH0eDaT1FcKuuOPDx2vuRmlCV7uzf4BVab2tQ9gCFnyYLvqakmnitIGjcyNeefpyYAzIyyz9pLGzZry0ewYKrSECQnC7gj2aGSMlCs0KRQSmfz2R-6jHWQInD04aIf/_/top_ad.-ads-init&/public/ad?/adfootleft./spo_show.asp?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.myFQHk79Gbo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyCsK-XJIVU3baedcbArBNRZhOIyw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

d2fa36da11ba2b89a965f62be434d14ff237a1cb8c70dd6f78187142a95b35c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yxngr4X2pAAmteQEdSbDrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw1pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYgZvl5h5QDiky5XWS8C8WUgvg3EVb-usjYBsRA3x8oFG_ayCWzo-F2tpJGUXxifnJ9XUpSZVFqSX5SWnJZanFpUlloUb2RgZGpgZGigZ2AaX2AAAFnWO7c"
content-security-policy: script-src 'report-sample' 'nonce-Yxngr4X2pAAmteQEdSbDrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 4ms
3ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.myFQHk79Gbo.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyCsK-XJIVU3baedcbArBNRZhOIyw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

92ccefb49d364b6b9651a1c3a2e3297e61ec5e840c51a16aeca370b9e4f5c7a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: br
etag: 8013649548708772055
age: 1113
x-content-type-options: nosniff
expires: Wed, 12 Feb 2025 03:47:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 12 Feb 2025 02:47:44 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15098
x-xss-protection: 0
server: cafe

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BCFlhjL_qFeK9a3QqCq33w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFuDlWLtiwl01gQ--CWiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkamBkaKBnYB5fYAAABDMvaQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BCFlhjL_qFeK9a3QqCq33w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kHewZTJwXKKkoVHCaEov_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw0pBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLtiwl01gx_U1zYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyNBAz8A8vsAAADUlL8k"
content-security-policy: script-src 'report-sample' 'nonce-kHewZTJwXKKkoVHCaEov_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ucGRL5zlRc8-p0eQX7b5tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmJw15Bi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLtiwl03gx_RrzYxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyNBAz8A8vsAAAEO3L_g"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ucGRL5zlRc8-p0eQX7b5tA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vEQZVTk-atjljAjQH7D6hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0pBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLtiwl02gY9L7FkYll6T8wvjk_LyS1LwS3cSUYl0QuygzqbQkvwiFnVoGUpGTn56emZceb2RgZGpgZGigZ2AeX2AAACpGL6A"
content-security-policy: script-src 'report-sample' 'nonce-vEQZVTk-atjljAjQH7D6hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWLSDQ46jPw8LDialhy735w7dT1c5WqyeG4kVNs818ItnlpTpZsa5zUtM1gdFDc0dM_cp1M98k_Tq9EG_scb5bSW8Ozjza8YMkeW14YEfwQt3r8rdQUsW0K-ETu0ewHEXgw2uuvTA== Show response
fundingchoicesmessages.google.com/f/ 6 KB
2 KB 18ms
18ms Script
application/javascript 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWLSDQ46jPw8LDialhy735w7dT1c5WqyeG4kVNs818ItnlpTpZsa5zUtM1gdFDc0dM_cp1M98k_Tq9EG_scb5bSW8Ozjza8YMkeW14YEfwQt3r8rdQUsW0K-ETu0ewHEXgw2uuvTA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM5MzI5NTc3LDI2NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcy55YW0uY29tLyIsbnVsbCxbWzgsIm15RlFIazc5R2JvIl0sWzksImVuLUdCIl0sWzIzLCIxNzM5MzI5NTc1Il0sWzE5LCIyIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTIsOTUzNDAyNTRdXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

82e761aadd0cd633c6e20ceaab75774de9ce6a0c14cfc6d6559740ecc8a99eff

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uyT084zX79oler1uZqupWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw0pBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYgZvl5h5QDiky5XWS8C8WUgvg3EVb-usjYBsRAPx8oFG_ayCcz42NvOqKSRlF8Yn5yfV1KUmVRakl-UlpyWWpxaVJZaFG9kYGRqYGRooGdgGl9gAACERTun"
content-security-policy: script-src 'report-sample' 'nonce-uyT084zX79oler1uZqupWw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gOWTW5dYjRdiYx9NfQqvRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw1pBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLtiwl01gxak5_YxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyNBAz8A8vsAAAC-7L7E"
content-security-policy: script-src 'report-sample' 'nonce-gOWTW5dYjRdiYx9NfQqvRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxULQYPwhLFn_E6IcH-fGDMjvSCtxY0nj5yy1D5MlZ9EEK_nsZEwZsHZNdQeqqt7JgHF5d6mc634cEqofQbF0TyhEP_YIW-3OAzCifdIOrNZ96Rd5Sa1CaZ7Y-LnzsODFKIGAK-Zbw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
1 KB 22ms
21ms Script
application/javascript 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxULQYPwhLFn_E6IcH-fGDMjvSCtxY0nj5yy1D5MlZ9EEK_nsZEwZsHZNdQeqqt7JgHF5d6mc634cEqofQbF0TyhEP_YIW-3OAzCifdIOrNZ96Rd5Sa1CaZ7Y-LnzsODFKIGAK-Zbw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM5MzI5NTc3LDI5MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcy55YW0uY29tLyIsbnVsbCxbWzgsIm15RlFIazc5R2JvIl0sWzksImVuLUdCIl0sWzIzLCIxNzM5MzI5NTc1Il0sWzE5LCIyIl0sWzI0LCIiXSxbMjUsIltbOTUzNDAyNTIsOTUzNDAyNTRdXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

d0bd029d37b03ba1dd30dfaf396fda2e26ccf5f85465a02c8dc593e4f7eb1439

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VlV3rV1Dmbax7XYEZBsfeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmLw0JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYgZvl5h5QDiky5XWS8C8WUgvg3EVb-usjYBsRAPx8oFG_ayCbzYuHYyo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgZGhgZ6BaXyBAQCSbTvp"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-VlV3rV1Dmbax7XYEZBsfeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxWIcjgzyMUJ8S1ylvpuYev7r7qHplialpAVRN-r2ZCrdmugWXFSIlIGlAfCE-tEPa9DErf0viloLdWGtO8EHWC4r9J40JWykwoW9XByOasNP5UUsXHktydeGoT9pdGXp9n_lutiEA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 23ms
23ms Script
application/javascript 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWIcjgzyMUJ8S1ylvpuYev7r7qHplialpAVRN-r2ZCrdmugWXFSIlIGlAfCE-tEPa9DErf0viloLdWGtO8EHWC4r9J40JWykwoW9XByOasNP5UUsXHktydeGoT9pdGXp9n_lutiEA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzM5MzI5NTc3LDMxNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9zLnlhbS5jb20vIixudWxsLFtbOCwibXlGUUhrNzlHYm8iXSxbOSwiZW4tR0IiXSxbMjMsIjE3MzkzMjk1NzUiXSxbMTksIjIiXSxbMjQsIiJdLFsyNSwiW1s5NTM0MDI1Miw5NTM0MDI1NF1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

0ccbb495eb77bbf9cf2b60b6192d970e1307ea40b9cfd86d9a858bc3f4b6ba2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J8J5Ha285JWDgyKrdLaqcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Referer: https://s.yam.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjitDikmJw0JBiaL15jnU6EButPc_qAsSGCpdYnYH4_rpLrM-B-EP9ZdYfQFwkcYW1BYgZvl5h5QDiky5XWS8C8WUgvg3EVb-usjYBsRAPx8oFG_ayCax4dG8Bo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGpgZGhgZ6BaXyBAQCV9DwQ"
content-security-policy: script-src 'report-sample' 'nonce-J8J5Ha285JWDgyKrdLaqcQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUxqBHehOZLhYBSMPtjAidzLqsdv-OAbUBGLAxqA27Hqkm8DZqR-3g-Y8WxGe5WK3x3BjpCAtLgMRFNVgBYD1E2Dx3TM9NTqa8ihtatUq4zL3RgnmdJ6MnMT67ckYh6M-CBNYCc8Q== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 10ms
9ms XHR
text/html 142.251.175.102
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUxqBHehOZLhYBSMPtjAidzLqsdv-OAbUBGLAxqA27Hqkm8DZqR-3g-Y8WxGe5WK3x3BjpCAtLgMRFNVgBYD1E2Dx3TM9NTqa8ihtatUq4zL3RgnmdJ6MnMT67ckYh6M-CBNYCc8Q==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rHHAasWkz1j9euCFtkltOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw15Bi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLtiwl03gQcfR5YxKLkn5hfHJ-XklqXkluokpxbogdlFmUmlJfhEKO7UMpCInPz09My893sjAyNTAyNBAz8A8vsAAAEFgL-w"
content-security-policy: script-src 'report-sample' 'nonce-rHHAasWkz1j9euCFtkltOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

General

Check archive.org

Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXgB5A7j9nInueDE0HCGtmM6cKN9tOjxw6sL1_GXki1rQCof4z2PRWsH4j278LbVkrdB6fZnVaLW50fySF72d1-BWxx2oE2yuV94OULMEnHnW0Go6xj2TFPs8qDa9aCuopkAPSawQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.102 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nOuzQRtL0Z4ok-67GDB8pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://s.yam.com/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 12 Feb 2025 03:06:17 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmLw0JBi-FB_mfUHEDN8vcLKAcQnXa6yXgTiy0B8G4iFeDhWLtiwl03gx55FaxiVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkamBkaGBnoF5fIEBAEuVMBM"
content-security-policy: script-src 'report-sample' 'nonce-nOuzQRtL0Z4ok-67GDB8pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: https://s.yam.com
content-length: 0
x-xss-protection: 0
server: ESF

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hanalytics.eu
URL: https://hanalytics.eu/js/script.js

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20250210&jk=2139563710149329&bg=!bG-lbyDNAAaXL7X-ty87ADQBe5WfODNfSHtoOyuUw0UiusEahyzZucO4-zIXCd_HvTh1cmM2AIBRmYjOX7ZH5nY0F2I4AgAAAFVSAAAABWgBB34ANrgLY0jxPS3_B43nKfkSHdC3P3hLUsLCJQDLyLuYqjDMc1aodSZWUGFhELu8bjvqiDFU8UwSlwoAlnUuZ5swzrXayGwaP8A5MStpjJ7vneHePOxNLsaREFCFa6TsQULReeeLfYCeQGsk6vuWk5Sokp7I78rn9jdqSdHfaCjtQ6QggPPBFTax6ZQrZFJ-MEhqnoye6UVlosVg-fRbzEAx6YuNG-Nby3qOg4GuI1f0F17wV-DvE7wbBl6wBgV92ctI2GU6PzyxSGsZtzTBVp0Qk5kCos5gBWEF-XtibcB8eKHzmz8pI2QBM5gAEdYg3ZdyxHnavx9wFsR3sZnIiFxR1QL12ocMgXO5q_49BwOhp5xN6fvbk3hfiftvXHR8TL9GFfvYl0q75xAp78QekF1AgrrdTGrxwRI5ut7_Vuu7_3AYm4D7CdoDXc_x4ZuEia8YtCm1pPGBNTH401yWQGRCga0kBnCdjDf0i-cl_GKtECgHKumovPTxJyJSEy2XYz_J2wU54MzwfoWWup_w8CadUT3uL6DvfOksn9uiAD42dff1EnevmRv5NYqOl-uvclFJQcoOgvepOQKqSbisDeR3wjv6XJptBI4dpj0xGZhWbYkICdtDKk8iY3ftxmqSW7CDFeOb80zmlYsz8qMuOvywjxQ7TSoqUhSJUgyHpmhLWna6rUbk7wd0aO18b2ziN_BkBDJeeZnSfGTVYyMY4OvK0SkIMV1pxjdP0Nq1D3fTVIdXZgMPbb8TP2RzNpEKssriMW1OQpzYB6TZ-BdZ9X3l_NKA-BlOpQkbzVFsKPfPl0rQLxXk5mSb5OfBLKW5wDj7aamy0wJRV8BJy2RolK15--ilCvgr34kpskwVWxn3LHGl79vZLui3cipXf1trUDns_JWuaePdPSMELoHzeEAcdlsWklEQCi5OA2GC4G7zPsK0UKHjVllvdqridR7FiJN9FR_LFIWM7KTCZVzh1rICr93T3QXkYQaMayrNvDiF8ERHPtnnlPN9dNuu5pFfQLe0P71F--ZTe_sEtq0b9WHl1V5nRgVtBVlRSYvhfFpM3xVIty_1eUXL5Jel1C2G3xID59-dxR7NwL7zoRBrqc0f3dtoyt55SiVJdyb5uq_lgY_qFTZwqbhqlDX0c1UirsMxKqM452HNhtRIqnBiAANf0vDpPTte

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yam.com/	1970-01-21 12:44:49	Name: _ga Value: GA1.2.1765652730.1739329576
.yam.com/	1970-01-21 03:10:15	Name: _gid Value: GA1.2.1022699661.1739329576
.yam.com/	1970-01-21 03:08:49	Name: _gat Value: 1
.yam.com/	1970-01-21 03:52:01	Name: yama Value: ID=yam.17393295750000994
.scorecardresearch.com/	1970-01-21 12:30:25	Name: UID Value: 1324c1e419ffe106996a9c01739329576
.scorecardresearch.com/	1970-01-21 12:30:25	Name: XID Value: 1324c1e419ffe106996a9c01739329576
.yam.com/	1970-01-21 12:30:25	Name: __gads Value: ID=fb1f602582e43675:T=1739329575:RT=1739329575:S=ALNI_MZ9WaiJSwEbD8lO_-I2eyi5e_2Wqg
.yam.com/	1970-01-21 12:30:25	Name: __gpi Value: UID=00000f1703e6c266:T=1739329575:RT=1739329575:S=ALNI_Mbvn_tQLzwGvMVWv8dS6uR1x2gqVg
.yam.com/	1970-01-21 07:28:01	Name: __eoi Value: ID=a45ade888b0b2a59:T=1739329575:RT=1739329575:S=AA-AfjYQXdkEfeBn6p6gbX16uz8U
.doubleclick.net/	1970-01-21 12:44:49	Name: IDE Value: AHWqTUlK8PoFpLcHZCKHFgW076yXs3fxl3YC8tAWUKIujFm8QJAzMmaq9NKkYoqs
.adnxs.com/	1970-01-21 12:44:49	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 11:54:25	Name: CMID Value: Z6wQKIsFVpYAJEVpAc-tYgAA
.casalemedia.com/	1970-01-21 05:18:25	Name: CMPS Value: 5340
.casalemedia.com/	1970-01-21 05:18:25	Name: CMPRO Value: 5340
.googleadservices.com/	1970-01-21 05:18:25	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 03:08:53	Name: DSID Value: NO_DATA
.yam.com/	1970-01-21 11:54:25	Name: FCNEC Value: %5B%5B%22AKsRol8ckqaQZKcGA7V2qF3Xh_dpaK9J2tTWanCReIk05gGlYzMBFXmKlDbOH7P_TEsurwVTGxTmOYszL4rpKSP6iXeqs-Zhvsb9bg_g-pcD7BqCdcdazolV5-FBU5vORP6LTRy5hXqzjCiAMx2hous6lLcb5aeisg%3D%3D%22%5D%5D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://hanalytics.eu/js/script.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hanalytics.eu
img.yamedia.tw
pagead2.googlesyndication.com
s.yam.com
sb.scorecardresearch.com
stats.yam.com
www.google-analytics.com
www.google.com
www.yam.com
yamedia.yam.com
ep1.adtrafficquality.google
hanalytics.eu
104.21.61.68
104.26.4.59
13.33.88.55
13.76.85.56
142.251.12.154
142.251.175.102
172.217.194.100
172.217.194.99
172.253.118.155
74.125.24.132
74.125.24.157
0c5fdc93029df6a244240020cb8b6349bcdc5a6c23b5f4b2a476858aafe9c3eb
0ccbb495eb77bbf9cf2b60b6192d970e1307ea40b9cfd86d9a858bc3f4b6ba2f
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2c19d2d1b015ae75cacbc1b5ce201299ffe57efb8fa4185e76c18bbf94168405
2f735215b2eaf17611e9f9a56de5b265b90318256e94731b5a1b03f1c8741967
3ee998b74d56098d0d0227ed61d8b7558c0d115a424daa7d5895debde9bb9017
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8
447084e39427fb8746f6ba7902d13402025c3a18849807bc4d8b1aae1e1bcd1b
4850257a2c4f08dead3246f744557f1738056664fd17cf427ef1574df44d22d5
4adae8cb864e019beb2cf6789cb31d599861c46eef7d51cda0ae44efe6da601a
59984a7a1117f83f4dd2fbf45b19f07d6b5d0cd7dda1ac676bb9736005290900
618345dbd605e9f5f771324ca1aae652c6e3ee89b452a965193b072492690acb
71c12656535e99119c2a952c10554cd6f47c6923d2d96155a7833276e68992af
755c3fb42f99b07eb1035c6102d2842616761ab2ccd8d45d996324fdaf952253
770ec608c24c705d398933919ca08c84507766228ee122abb6318a552d6292ce
82e761aadd0cd633c6e20ceaab75774de9ce6a0c14cfc6d6559740ecc8a99eff
881e8e872ae60f41b4594bd9ea0bced853b81134cb2a59b20d6f4400e15f17c1
88d906a0bc45fd77c0bf5ac9e7846aa71c10a2139d3b4e24fc0d912fe45ee75e
92ccefb49d364b6b9651a1c3a2e3297e61ec5e840c51a16aeca370b9e4f5c7a4
a65af3fb9575d27aebe45924d4b8b6f9457c86ced883e1c11b06bc9b7e346eec
d0bd029d37b03ba1dd30dfaf396fda2e26ccf5f85465a02c8dc593e4f7eb1439
d2fa36da11ba2b89a965f62be434d14ff237a1cb8c70dd6f78187142a95b35c0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

s.yam.com Open in urlscan Pro 13.76.85.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

87 %HTTPS

0 %IPv6

9 Domains

14 Subdomains

11 IPs

3 Countries

548 kBTransfer

1477 kBSize

17 Cookies

6 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s.yam.com Open in urlscan Pro
13.76.85.56 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

87 %
HTTPS

0 %
IPv6

9
Domains

14
Subdomains

11
IPs

3
Countries

548 kB
Transfer

1477 kB
Size

17
Cookies

46 HTTP transactions
0 data transactions