www.yunphoto.net Open in urlscan Pro
192.254.235.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.yunphoto.net/
Submission Tags: falconsandbox
Submission: On August 20 via api (August 20th 2021, 9:50:45 am UTC) from US

Summary HTTP 97 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 14 domains to perform 97 HTTP transactions. The main IP is 192.254.235.162, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.yunphoto.net.

This is the only time www.yunphoto.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	192.254.235.162 192.254.235.162	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
3	52.68.156.115 52.68.156.115	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	52.194.50.40 52.194.50.40	16509 (AMAZON-02) (AMAZON-02)
1	52.198.26.114 52.198.26.114	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	54.168.158.14 54.168.158.14	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:219... 2600:9000:2190:4a00:c:2040:40c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:de00:1d:4ba6:de80:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:8600:c:2040:40c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
97	23

26 192.254.235.162 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-235-162.unifiedlayer.com

www.yunphoto.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.68.156.115 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-156-115.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.194.50.40 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com

www21.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.198.26.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com

www14.a8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.168.158.14 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-158-14.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:4a00:c:2040:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spdeliver.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:de00:1d:4ba6:de80:93a1 (United States)

ASN16509 (AMAZON-02, US)

spsvcpc-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:8600:c:2040:40c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

spcdnpc.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	408 KB
26	yunphoto.net www.yunphoto.net	370 KB
8	doubleclick.net googleads.g.doubleclick.net	61 KB
6	adingo.jp sh.adingo.jp i.adingo.jp	7 KB
5	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	51 KB
5	google.com 1 redirects adservice.google.com www.google.com	1 KB
5	i-mobile.co.jp spdeliver.i-mobile.co.jp spsvcpc-tls.i-mobile.co.jp spcdnpc.i-mobile.co.jp	169 KB
3	googletagservices.com www.googletagservices.com	102 KB
3	google.de adservice.google.de	409 B
2	googleapis.com fonts.googleapis.com	1014 B
2	google-analytics.com www.google-analytics.com	7 KB
2	a8.net www21.a8.net www14.a8.net	9 KB
1	googleadservices.com partner.googleadservices.com	659 B
0	shinobi.jp Failed adm.shinobi.jp Failed
97	14

	Domain	Requested by
26	www.yunphoto.net	www.yunphoto.net
21	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	pagead2.googlesyndication.com	www.yunphoto.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	i.adingo.jp	sh.adingo.jp
3	sh.adingo.jp	www.yunphoto.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	spsvcpc-tls.i-mobile.co.jp	spdeliver.i-mobile.co.jp spsvcpc-tls.i-mobile.co.jp
2	spdeliver.i-mobile.co.jp	sh.adingo.jp spdeliver.i-mobile.co.jp
2	www.google-analytics.com	www.yunphoto.net
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	spcdnpc.i-mobile.co.jp	spsvcpc-tls.i-mobile.co.jp
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www14.a8.net	www.yunphoto.net
1	www21.a8.net	www.yunphoto.net
0	adm.shinobi.jp Failed	sh.adingo.jp
97	22

This site contains links to these domains. Also see Links.

Domain
px.a8.net
wallpaper.free-photograph.net
www.akx.jp
www.yun.com
tmyun.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2021-03-26` - `2022-04-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2020-08-18` - `2022-03-31`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.yunphoto.net/
Frame ID: C5947A5B41D994C88E9132F87B4C4D29
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=600&slotname=2224162798&adk=4265426906&adf=422143281&pi=t.ma~as.2224162798&w=160&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453022888&bpp=17&bdt=4722&idt=112&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1764590359427&frm=20&pv=2&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=07KdBdSZfz&p=http%3A//www.yunphoto.net&dtd=131
Frame ID: F81E17535DE9DDEF067E3753D5309D1F
Requests: 17 HTTP requests in this frame

Frame: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=27191&asid=195089&asn=1&width=728&height=90
Frame ID: 36CD65F1A334851315A2D65F3BA8DC0E
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12
Frame ID: 4F9530DB095358B35E14E412EDF593EE
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html
Frame ID: 2FA7D366AAAEB4BBF582030383B901DD
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3208E2B595E51AE93B09EA2C107A939A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html
Frame ID: B3E99CF509EECD5DE5746CE739A2D144
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&adk=1812271804&adf=3025194257&lmt=1558945943&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.yunphoto.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1629453027247&bpp=2&bdt=9081&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2621403279f97749-22543258b1c900d6%3AT%3D1629453023%3ART%3D1629453023%3AS%3DALNI_MaKtBajSeCcoPnXj5C6KYEfTZG6IA&prev_slotnames=2224162798%2C5465082803&nras=1&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&psts=AGkb-H-jfAp-qwZ53aooBOupp08WLXrNSx0X3QyHK_6mLPe5L636EBGTY4p3CVmqz6fMgy2_lXGVZabArQ4%2CAGkb-H9V04f49RVrceM383huS1iQz2V3Gj2USMjztU74KLZRSNmJCs97CDSQOaP6gyH5zq2Dln6Du7tuSVb8&pvsid=2712229243022421&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=17
Frame ID: 928347F50B48F58F92C3127B274960A7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6FB7B0F43A348609A94EC2F63C030F94
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B756ACA6B28553FB864ED22AC5F7947
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ゆんフリー写真素材集

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Page Statistics

97
Requests

65 %
HTTPS

73 %
IPv6

14
Domains

22
Subdomains

23
IPs

3
Countries

1188 kB
Transfer

2102 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://px.a8.net/svt/ejp?a8mat=1BRGOL+49LUUQ+K2I+ZRALD
Title:

Search URL Search Domain Scan URL

URL: http://wallpaper.free-photograph.net/jp/
Title: ゆん無料壁紙画像集

Search URL Search Domain Scan URL

URL: http://www.akx.jp/
Title: 世界遺産写真集

Search URL Search Domain Scan URL

URL: http://www.yun.com/
Title: English

Search URL Search Domain Scan URL

URL: http://tmyun.com/prof/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

http://www.google-analytics.com/urchin.js HTTP 307
https://www.google-analytics.com/urchin.js

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 78

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDXtJXyxgEQsAkYsAkyCM8gZDctHRbm HTTP 301
https://tpc.googlesyndication.com/simgad/2230487820005555892

Request Chain 86

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2000764065&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E3%82%86%E3%82%93%E3%83%95%E3%83%AA%E3%83%BC%E5%86%99%E7%9C%9F%E7%B4%A0%E6%9D%90%E9%9B%86&utmhn=www.yunphoto.net&utmhid=736228809&utmr=-&utmp=/&utmac=UA-212228-1&utmcc=__utma%3D244660749.910311688.1629453023.1629453023.1629453023.1%3B%2B__utmz%3D244660749.1629453027.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B HTTP 307
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2000764065&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E3%82%86%E3%82%93%E3%83%95%E3%83%AA%E3%83%BC%E5%86%99%E7%9C%9F%E7%B4%A0%E6%9D%90%E9%9B%86&utmhn=www.yunphoto.net&utmhid=736228809&utmr=-&utmp=/&utmac=UA-212228-1&utmcc=__utma%3D244660749.910311688.1629453023.1629453023.1629453023.1%3B%2B__utmz%3D244660749.1629453027.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

97 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.yunphoto.net/ 8 KB
4 KB 859ms
362ms Document
text/html 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: eece103d40501f32a95537071ddfad29bd9028987fb655e6bb5c48104e7b3e01

Request headers

Host: www.yunphoto.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 27 May 2019 08:32:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3790
Keep-Alive: timeout=5, max=75
Content-Type: text/html

GET
H/1.1 200
OK global.css
www.yunphoto.net/ 7 KB
2 KB 194ms
193ms Stylesheet
text/css 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: http://www.yunphoto.net/global.css
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: d8865d0c147e4721c50c6cf337564e759df64f7b5c4662fbccccc44de9bf85ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Mar 2008 05:04:10 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 1910

GET
H/1.1 200
OK / Show response
sh.adingo.jp/ 3 KB
2 KB 602ms
580ms Script
application/x-javascript 52.68.156.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://sh.adingo.jp/?G=1000016692&guid=ON

Requested by

Host: www.yunphoto.net
URL: http://www.yunphoto.net/

Protocol

HTTP/1.1

Server

52.68.156.115 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-68-156-115.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3e2765386d79d4335942180808ddf4a3391cf3c29c60412d13509baf8b16a804

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 20 Aug 2021 09:50:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Aug 2021 09:50:18 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 100 KB
36 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.yunphoto.net
URL: http://www.yunphoto.net/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3a59146eed5adf30e39790940994d8cebf0d9602e3f1023db23d7b9a8cdf9e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 20 Aug 2021 09:50:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13015674431668092314
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 36117
X-XSS-Protection: 0
Expires: Fri, 20 Aug 2021 09:50:18 GMT

GET
H/1.1 200
OK bgt
www21.a8.net/svt/ 8 KB
9 KB 598ms
565ms Image
image/gif 52.194.50.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www21.a8.net/svt/bgt?aid=080223285258&wid=001&eno=01&mid=s00000002601006006000&mc=1
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 52.194.50.40 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-194-50-40.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ac3c80232c39ae6b940bce3c38be4833950a58de62ff9cc223eae3257ee26d78

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 8674
Content-Type: image/gif

GET
H/1.1 200
OK 0.gif
www14.a8.net/ 43 B
184 B 589ms
556ms Image
image/gif 52.198.26.114
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www14.a8.net/0.gif?a8mat=1BRGOL+49LUUQ+K2I+ZRALD
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 52.198.26.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-198-26-114.ap-northeast-1.compute.amazonaws.com
Software: Apache /
Resource Hash: b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Server: Apache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK jp.png
www.yunphoto.net/images/ 3 KB
3 KB 415ms
390ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/jp.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 60c1a99ffed8258d85da44982b0e80cfecb1d377ce4ecc225dc61f3733a0d9be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:35 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 3241

GET
H/1.1 200
OK usa.png
www.yunphoto.net/images/ 3 KB
3 KB 395ms
370ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/usa.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: edcc08234bc94838d3f419396db30021004129269fe19cb211a1a303a9d5ea62

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:17 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 3034

GET
H/1.1 200
OK uk.png
www.yunphoto.net/images/ 4 KB
4 KB 395ms
370ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/uk.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 4eb3550b155ab491d533689788837e82f517139ee2b9ad951a123dc2668af6b9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:34 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 3991

GET
H/1.1 200
OK es.png
www.yunphoto.net/images/ 4 KB
4 KB 396ms
371ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/es.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 05b7b2444290ee43ce9e6daf0a2b56aa815ab17d9ca64e7aa21739a5e4dd9b1c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:38 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 3839

GET
H/1.1 200
OK de.png
www.yunphoto.net/images/ 3 KB
3 KB 395ms
371ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/de.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: fecc455bdf5c35652da0785d7813467c8d1459c9134bb6723cb72762fd263f22

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:15 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=75
Content-Length: 2924

GET
H/1.1 200
OK fr.png
www.yunphoto.net/images/ 3 KB
3 KB 229ms
229ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/fr.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 7f7c1e3961c6bf5c610471359f9f31192e03c66f55d3720e5da957332beefb01

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:14 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 2914

GET
H/1.1 200
OK it.png
www.yunphoto.net/images/ 518 B
759 B 224ms
221ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/it.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 1d18c193431b553d47e03870103a036854797f1335b105a826bb588d17995da4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 518

GET
H/1.1 200
OK hl.png
www.yunphoto.net/images/ 3 KB
3 KB 219ms
217ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/hl.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 6474de285c43240702b7c41bdd370809dcefbc900b16472e4a8630712bd4eabf

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:12 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 2877

GET
H/1.1 200
OK pl.png
www.yunphoto.net/images/ 3 KB
3 KB 222ms
221ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/pl.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 8cbd7cd9e19ced359ce0d63612cfa8e546ea3dfb8baa90534d89913d2db61e50

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:10 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 2872

GET
H/1.1 200
OK pt.png
www.yunphoto.net/images/ 4 KB
4 KB 223ms
222ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/pt.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 45d7a9f3414355d055a0a663169ae6b1a1a08cf344bb4dd6076fd2016fc89fe5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:11 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 3691

GET
H/1.1 200
OK ru.png
www.yunphoto.net/images/ 3 KB
3 KB 191ms
191ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/ru.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 5b424205cd587d11e17dc54c7eaa33b6994e606655df5749d374c3b4d97d207d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:18 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=74
Content-Length: 2941

GET
H/1.1 200
OK ukr.png
www.yunphoto.net/images/ 3 KB
3 KB 194ms
193ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/ukr.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: dcada69b729ce6c4a63f36571662fab5fabf8ee6d9bd05fe26b3cf754768d6ab

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:09 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 2860

GET
H/1.1 200
OK ar.png
www.yunphoto.net/images/ 3 KB
3 KB 192ms
192ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/ar.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 98064cec2d988908b1dba6f10c7b86361406612f3176a9d4308f6821b6b77d64

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:07 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 2870

GET
H/1.1 200
OK he.png
www.yunphoto.net/images/ 3 KB
4 KB 194ms
194ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/he.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 0785445543ff5950188b14bed42e8562ece6f4014e09f8c19e6f4eda5fdffffb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:06 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 3433

GET
H/1.1 200
OK cn.png
www.yunphoto.net/images/ 3 KB
4 KB 202ms
202ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/cn.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 5caa29f3ec715b4b586f45112fd5f23e6af51dcf86fc2e6783516902d05fb856

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:13 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 3407

GET
H/1.1 200
OK ko.png
www.yunphoto.net/images/ 5 KB
6 KB 203ms
202ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/ko.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 0b74806dd686b55db5cb9ab27f60bd39f2cd2c66a07a8145e7c788f302b50ee1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 05:07:16 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 5455

GET
H/1.1 200
OK / Show response
sh.adingo.jp/ 3 KB
2 KB 580ms
555ms Script
application/x-javascript 52.68.156.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://sh.adingo.jp/?G=1000016689&guid=ON

Requested by

Host: www.yunphoto.net
URL: http://www.yunphoto.net/

Protocol

HTTP/1.1

Server

52.68.156.115 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-68-156-115.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

406288f93726481cbcf36540013006611a062fbdeecd94e97bbc92a69f8eb154

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 20 Aug 2021 09:50:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Aug 2021 09:50:18 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK yun_2863.jpg
www.yunphoto.net/images/ 3 KB
3 KB 203ms
203ms Image
image/jpeg 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/yun_2863.jpg
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 2d11b2215f096ce38def08fb1fab981040ece30861ab1f834e616a60071f6b04

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:21 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 2915

GET
H/1.1 200
OK yun_banner.png
www.yunphoto.net/images/ 215 KB
216 KB 203ms
203ms Image
image/png 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/yun_banner.png
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: a735a32521ae342f9266746be9901a2fec042f959ece3e6b27721899b81c150c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:18 GMT
Last-Modified: Thu, 27 Jul 2017 15:55:11 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=73
Content-Length: 220470

GET
H/1.1 200
OK yun_3448.jpg
www.yunphoto.net/images/ 6 KB
6 KB 192ms
192ms Image
image/jpeg 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/yun_3448.jpg
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 9fd5516f373117459e0e3667bc570dbc445928ec980725b88c6712c780c04905

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:19 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:20 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 5790

GET
H/1.1 200
OK yun_3742.jpg
www.yunphoto.net/images/ 6 KB
6 KB 191ms
191ms Image
image/jpeg 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/yun_3742.jpg
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 615ec6b90f59ddb04edc9747b8c4cf31b263e2662b625f00d222c44d05903dae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:19 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:19 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=70
Content-Length: 5983

GET
H/1.1 200
OK yun_3763.jpg
www.yunphoto.net/images/ 5 KB
6 KB 192ms
191ms Image
image/jpeg 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/yun_3763.jpg
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 52f2a71277c09444724d4263a1b70395e8c66bbce180ee50f8526be1c0878ff9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:19 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:16 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 5619

GET
H/1.1 200
OK yun_3138.jpg
www.yunphoto.net/images/ 4 KB
4 KB 196ms
195ms Image
image/jpeg 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/yun_3138.jpg
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: 3ff2406333ff0b3259ef926d6984a7f28d7aea72a7398cc3d8ac5c9d6044151d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:19 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:15 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 4064

GET
H/1.1 200
OK / Show response
sh.adingo.jp/ 3 KB
2 KB 568ms
543ms Script
application/x-javascript 52.68.156.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://sh.adingo.jp/?G=1000016690&guid=ON

Requested by

Host: www.yunphoto.net
URL: http://www.yunphoto.net/

Protocol

HTTP/1.1

Server

52.68.156.115 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-68-156-115.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fafc622fb3a290b8ad6b525883ba6497cb28b93eac9392b2d2ec3c9d2d8545f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 20 Aug 2021 09:50:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 20 Aug 2021 09:50:18 GMT
Server: nginx
Vary: Accept-Encoding
P3P: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
Cache-Control: no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/x-javascript; charset=UTF-8
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

urchin.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/urchin.js
https://www.google-analytics.com/urchin.js

22 KB
7 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/urchin.js

Requested by

Host: www.yunphoto.net
URL: http://www.yunphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 02:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 26803
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=1209600
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6847
expires: Fri, 03 Sep 2021 02:23:35 GMT

Redirect headers

Location: https://www.google-analytics.com/urchin.js
Non-Authoritative-Reason: HSTS

GET 61c1139f1bea76d610c2cba6399ece72
adm.shinobi.jp/s/ 0
0

GET
H2 200 /
i.adingo.jp/ 43 B
294 B 868ms
288ms Image
image/gif 54.168.158.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=glmJ_BIBxUoEe7FwtMdA-S1f52wWYLLazqNTyWHUqJyNEh7OivdKKgSoO8lS95j8R0D6opijJYAyXg85PquXz1LERp0HL9dAOr3Dss3UCl_55ta8mviZ2OHh5qRcZru9NW1huqNN7o--sQBxnljr_pEAOwnnixsBw6Y88cs7CnXYHIbj5yK5LueDLJG-_en8ZOOa2ykGHISWa7dHYDd8l0NgdXUir88Cz8b05e_QMIS9uwkORbYJjZdxg7O1UZMTZ0TUCljkZB6r2Cxe5rXJXCAG7V4Of0f1niQTSIPUUq43ei0x3dnjBwesRRSHsKPw9Joca1VVs6bMRA..&v=oe8YyjLy350VdfU9&k=3&R=
Requested by: Host: sh.adingo.jp
URL: http://sh.adingo.jp/?G=1000016692&guid=ON
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.158.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-158-14.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 09:50:19 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/ 252 KB
94 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-3411073974495600&plah=www.yunphoto.net

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95446
x-xss-protection: 0
server: cafe
etag: 16230733116024533272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 09:50:22 GMT

GET
H/1.1 200
OK main-bg.jpg
www.yunphoto.net/images/ 29 KB
29 KB 207ms
207ms Image
image/jpeg 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/main-bg.jpg
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/global.css
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: da8dc51e2799f1950d73b9bd97746806671f16e831050cb2deb19489489cb901

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/global.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:22 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:18 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=72
Content-Length: 29907

GET
H/1.1 200
OK Untitled-3.gif
www.yunphoto.net/images/ 40 KB
40 KB 215ms
215ms Image
image/gif 192.254.235.162
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.yunphoto.net/images/Untitled-3.gif
Requested by: Host: www.yunphoto.net
URL: http://www.yunphoto.net/global.css
Protocol: HTTP/1.1
Server: 192.254.235.162 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 192-254-235-162.unifiedlayer.com
Software: Apache /
Resource Hash: d9cfffd82c0a03f3c514730b4dacdc21f016e5b1f9e896193adabcc132c2a2d8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.yunphoto.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.yunphoto.net/global.css
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.yunphoto.net/global.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 20 Aug 2021 09:50:22 GMT
Last-Modified: Thu, 13 Mar 2008 04:28:23 GMT
Server: Apache
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=71
Content-Length: 40932

GET
H2 200 ads.js Show response
spdeliver.i-mobile.co.jp/script/ 41 KB
13 KB 54ms
13ms Script
application/x-javascript 2600:9000:2190:4a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Requested by: Host: sh.adingo.jp
URL: http://sh.adingo.jp/?G=1000016689&guid=ON
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e3839bda12925cb48bacf414ced314c83f6067bce6ffae80ef798d2be4ce5d30

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Aug 2021 09:32:57 GMT
content-encoding: gzip
etag: W/"02e76504c7cd71:0"
last-modified: Mon, 19 Jul 2021 03:15:24 GMT
server: Microsoft-IIS/7.5
age: 1854
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 6SiwJdw6skG1Xdub8vWKf5Ft6hhKQsNMq1mXbch7x-TXvVLZkLN6Cg==

GET
H2 200 /
i.adingo.jp/ 43 B
293 B 286ms
285ms Image
image/gif 54.168.158.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=HouTHt8bvyUgZSP4YlJvFOmWsCg7HwYaiEnt8-CeMsz_BCXOXz6zOrkQyApnoOaT44NRZBBLe5GTXc4x6f2YT0Q_nlFpodtXbJK2kgLFoPKh_DT14iQknKfgoAkTO-RnGodJ05yoZMMpVnBS7VZMCtCxXhYJ1m4ZDGaJxIVwfZ0xHYf-ctMAkGEpxkaZ22-QipVtQGRm-L8m0AFBdLl95pweNw0GYrncAXmVECkM-1T0r45kE-epf-seHxH57-RBD_kttVKzBHbci6gkwosuL2VQXQDPWEPstTSVWTILc0gtBHRQrM0OceoIJM2pE9V5_7glFQ..&v=_zR-s2cob4o5P2kw&k=3&R=
Requested by: Host: sh.adingo.jp
URL: http://sh.adingo.jp/?G=1000016689&guid=ON
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.158.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-158-14.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 09:50:23 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
659 B 141ms
59ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.yunphoto.net&callback=_gfp_s_&client=ca-pub-3411073974495600

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108190101/show_ads_impl_with_ama_fy2019.js?client=pub-3411073974495600&plah=www.yunphoto.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

ac73d27f304143e1b177d0ad78128fe4acd0372bd0bb55cef63d853c93101632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yunphoto.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 14ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yunphoto.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F81E 73 KB
21 KB 688ms
687ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=600&slotname=2224162798&adk=4265426906&adf=422143281&pi=t.ma~as.2224162798&w=160&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453022888&bpp=17&bdt=4722&idt=112&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1764590359427&frm=20&pv=2&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=07KdBdSZfz&p=http%3A//www.yunphoto.net&dtd=131

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ceb5ffcbdaaff606fe58b33dcac0c8b69cc5a3d49ab966f0fc0a27a86061fad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3411073974495600&output=html&h=600&slotname=2224162798&adk=4265426906&adf=422143281&pi=t.ma~as.2224162798&w=160&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453022888&bpp=17&bdt=4722&idt=112&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1764590359427&frm=20&pv=2&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=07KdBdSZfz&p=http%3A//www.yunphoto.net&dtd=131
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Aug 2021 09:50:23 GMT
server: cafe
content-length: 20982
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 10:05:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 09:50:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 1057ms
1038ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:24 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286089745720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27752
x-xss-protection: 0
expires: Fri, 20 Aug 2021 09:50:24 GMT

GET
H2 200 adcore_pc_inline.js Show response
spdeliver.i-mobile.co.jp/script/ 1 KB
887 B 14ms
13ms Script
application/x-javascript 2600:9000:2190:4a00:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:4a00:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: cdf3948b9a7adf8fa7e5130f8ac900ad1d7e1cb0dfb5b966c575dfb4cf52b83c

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 20 Aug 2021 09:48:19 GMT
content-encoding: gzip
etag: W/"0d4134e4c7cd71:0"
last-modified: Mon, 19 Jul 2021 03:15:20 GMT
server: Microsoft-IIS/7.5
age: 258
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: HS3V0Ylz34iWaFnPPE9Hf8z9EHx3rCAmY_1xhvlQG_u1C-9SCeySdQ==

GET
H2 200 ad_spot.aspx Show response
spsvcpc-tls.i-mobile.co.jp/ Frame 36CD 3 KB
3 KB 590ms
532ms Document
text/html 2600:9000:2190:de00:1d:4ba6:de80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=27191&asid=195089&asn=1&width=728&height=90
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:de00:1d:4ba6:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 7691d0340f24293c2f7ef772fedc98c1fcfb7936b4eee07afb6f5e143749c2f4

Request headers

:method: GET
:authority: spsvcpc-tls.i-mobile.co.jp
:scheme: https
:path: /ad_spot.aspx?pid=27191&asid=195089&asn=1&width=728&height=90
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

content-type: text/html; charset=utf-8
content-length: 2654
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
server: Microsoft-IIS/7.5
p3p: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
x-powered-by: ASP.NET
date: Fri, 20 Aug 2021 09:50:22 GMT
x-cache: Miss from cloudfront
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 4h2M-Ck3YRopOqszYoMeybZowli2drdRIxWR8iUYwRMcRhDCCQsi4g==

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 24ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yunphoto.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 25ms
22ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yunphoto.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F95 100 KB
36 KB 561ms
561ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e50be24ef2b3959f8675a9435911b34feed10abed904a81132ee31869e6eaadb

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_M-cSpv_ICFReMGwodXxMPrQ&gqi=33ofYZ2oBKa4nsEPtYuqoA4&layout=/sadbundle/%24csp%253Der3%24/17622593862510062529/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CN_M-cSpv_ICFReMGwodXxMPrQ&gqi=33ofYZ2oBKa4nsEPtYuqoA4&layout=/sadbundle/%24csp%253Der3%24/17622593862510062529/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 20 Aug 2021 09:50:23 GMT
server: cafe
content-length: 36040
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 20-Aug-2021 10:05:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 09:50:23 GMT
cache-control: private

GET 0d9e2dd01ad85de608c5ab3991cbf0b8
adm.shinobi.jp/s/ 0
0

GET
H2 200 /
i.adingo.jp/ 43 B
293 B 286ms
285ms Image
image/gif 54.168.158.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.adingo.jp/?p=qAhSrAe0OguUdgFj4ZXFVyh_0gOeY8Jd8Ez6Rg5MguPQCLa9fE3UsM99ppJHzZejhidQCizpXd0hhHbwpqVBc4QFYb-35ktK-xPoEsr8C1pB9-BsGRN10U8BJwGdGxrIIa8ZPRmrXpfc4Cdhl7tp-pfeMPlJJ-Vpwg1_FaaN4X9sdghPMOhk3f2xwAuFgRVAZgPWlh8H1NxRdW5OXBWQkUIfiRD6-S192nxwc78zmf98bTp_sFNqRe0-2eyGnbhKsKyFlRvCztaKz0KVnkomy_lfyaCGia9kQ-evpdKuZPE5RnIFKbvmy445MBAyLn1laAlrXnmsOznf&v=RUwnmbnFUI1UJE5n&k=3&R=
Requested by: Host: sh.adingo.jp
URL: http://sh.adingo.jp/?G=1000016690&guid=ON
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.158.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-158-14.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 09:50:23 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame 4F95 18 KB
8 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:46:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4F95 2 KB
1 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:48:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4F95 124 KB
38 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 09:50:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame 4F95 14 KB
6 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:44:24 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/ Frame 2FA7 11 KB
5 KB 25ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4209e7e2208618e463ae2990959d90af722205e93aad66eec379c1b7eea3f8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/17622593862510062529/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3299
date: Tue, 17 Aug 2021 06:43:25 GMT
expires: Wed, 17 Aug 2022 06:43:25 GMT
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 270418
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4F95 0
0 39ms
38ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkW9s33ofYZ_hBJeYbt-mvOgK_IHFzmTSlq-sqg6uAhABIPv9jQJglQKgAdDGo-EDyAEJqQKnyJbwUIR-PqgDAcgDSKoEtQFP0GJ0GexO5dKvOkFSikrVhH2bhDUP0JpVmvAQwcERXe0EMbYumTngtm9JTdPKqjV3tKFPRreytGegeoKK3QIKOc58JQGXR1_S8yNtMA2TW-vFK9zUKmMqetknOt-hWLU7qYV0m-i3pHLvmrwObAeEbEyyo7n1E4OfWl1bxHVf3Oy9J6-zp0ck_Usof4rtBeIu9stUlyptTeA1NKQyrKMHrQjRPOpXgJe-XkXoxNIyXpPsfMTMwATfl-DQmQKSBQQIBBgBkgUECAUYBKAGLoAHmLncHqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDZqg3SCAkIgOGAEBABGB-ACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMzQxMTA3Mzk3NDQ5NTYwMBgA&sigh=H2_3Nq9dUIQ&template_id=419

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 20 Aug 2021 09:50:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Aug 2021 09:50:23 GMT

GET
H2 200 style.css
spsvcpc-tls.i-mobile.co.jp/css/ Frame 36CD 5 KB
6 KB 13ms
13ms Stylesheet
text/css 2600:9000:2190:de00:1d:4ba6:de80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/css/style.css
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=27191&asid=195089&asn=1&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:de00:1d:4ba6:de80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998

Request headers

Referer: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=27191&asid=195089&asn=1&width=728&height=90
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 13 Aug 2021 11:20:55 GMT
via: 1.1 08c5e904e2f0226b2d9c1417f32b12f2.cloudfront.net (CloudFront)
etag: "0a04ec467cd71:0"
last-modified: Mon, 19 Jul 2021 02:36:48 GMT
server: Microsoft-IIS/7.5
age: 599367
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 5537
x-amz-cf-id: 7u8OCHr0Ygp8U9OoGcYeAmNLlR97QUIAcVqcWtXlZGBE6v7KAR8m2Q==

GET
H2 200 ad_creative.ashx
spcdnpc.i-mobile.co.jp/ Frame 36CD 146 KB
147 KB 68ms
14ms Image
image/gif 2600:9000:2190:8600:c:2040:40c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spcdnpc.i-mobile.co.jp/ad_creative.ashx?advid=6509738
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=27191&asid=195089&asn=1&width=728&height=90
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:8600:c:2040:40c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a3561af1b731d29f4d360766fefd2cedd2efa9a4e06efaedf84047055ae91e0b

Request headers

Referer: https://spsvcpc-tls.i-mobile.co.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 05:33:00 GMT
via: 1.1 b103085320b440f2b61bad94c412ff70.cloudfront.net (CloudFront)
last-modified: Mon, 12 Jul 2021 02:29:12 GMT
server: Microsoft-IIS/7.5
age: 15443
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: private
x-amz-cf-pop: ZRH50-C1
content-length: 149813
x-amz-cf-id: wV1OBJZ57Ddw_z1u-eLqOiM5J21dy0nIE1AVQ2R3gqWmuTO1ql39iQ==
expires: Mon, 01 Jan 0001 00:00:00 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3208 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=90&slotname=5465082803&adk=1748531486&adf=1991774641&pi=t.ma~as.5465082803&w=728&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453023051&bpp=9&bdt=4885&idt=9&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&prev_slotnames=2224162798&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=641&ady=1201&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6ibFHvUNYZ&p=http%3A//www.yunphoto.net&dtd=12

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 20 Aug 2021 09:16:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4F95 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a3c822261c2a7abec910adec83cf575eedfe22fa055e1da180778124513f48c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame F81E 442 B
397 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%8B%E3%81%8F

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=600&slotname=2224162798&adk=4265426906&adf=422143281&pi=t.ma~as.2224162798&w=160&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453022888&bpp=17&bdt=4722&idt=112&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1764590359427&frm=20&pv=2&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=07KdBdSZfz&p=http%3A//www.yunphoto.net&dtd=131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a203d5f384840487d5c3517337dd3864a18f365141cf237819a21cc6439cc4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 09:50:23 GMT
server: ESF
date: Fri, 20 Aug 2021 09:50:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 09:50:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F81E 2 KB
617 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 08:51:20 GMT
server: ESF
date: Fri, 20 Aug 2021 09:50:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 09:50:23 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 2FA7 9 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 Aug 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 2FA7 26 KB
10 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55150
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 20 Aug 2021 18:31:13 GMT

GET
H3-29 200 efd5af212b790b949ef103480dddb5e7.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/ Frame 2FA7 69 KB
18 KB 23ms
21ms Script
application/x-javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/efd5af212b790b949ef103480dddb5e7.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 272255
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18481
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 17 Aug 2021 06:12:48 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 06:12:48 GMT

GET
H2 200 d3369e82b4f0cf849cf96ac91e276a43.js Show response
www.gstatic.com/mysidia/ Frame F81E 11 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d3369e82b4f0cf849cf96ac91e276a43.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29e7ef99f5bca3b01a88202180aff4050a225a80a925b961919b4bac2d8bce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 13:06:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4680
x-xss-protection: 0
last-modified: Thu, 12 Aug 2021 12:54:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 13:06:48 GMT

GET
H3-29 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F81E 1 KB
857 B 14ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:39:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 631
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:39:52 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/ Frame F81E 18 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7622
x-xss-protection: 0
server: cafe
etag: 11770686601635027189
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:46:43 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F81E 2 KB
1 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:48:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:48:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F81E 124 KB
37 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:23 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629286078051219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38195
x-xss-protection: 0
expires: Fri, 20 Aug 2021 09:50:23 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/ Frame F81E 14 KB
6 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210816/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Sep 2021 09:44:24 GMT

GET
H3-29 200 b0b7c8cfc8b22cb6a71ecf22b35577d4.js Show response
www.gstatic.com/mysidia/ Frame F81E 26 KB
11 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b0b7c8cfc8b22cb6a71ecf22b35577d4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 11:32:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10765
x-xss-protection: 0
last-modified: Tue, 17 Aug 2021 04:05:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 17 Nov 2021 11:32:30 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3208
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3Ml8kP1JiqTMywrzdiS1P-BfKoMguuKdm8HSiD3-uK6OcWCTiWdwCC4unQuY; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 09:50:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 20-Aug-2021 10:50:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 09:50:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 09:50:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame F81E 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvIt133ofYbCYAou0bJOSgMAKr6zMl2T8nbSOmg7Z2R4QASD7_Y0CYJUCoAHygryUAsgBBqkCYoDnNsOSQz6oAwHIAwKqBLMBT9CEeyjnwOfIZAAlVvhAlnwjQ93yACH3fVjt0hmmHHca9Gpe5zWphrdgXH6kwwDpgchGCgLnvfb2jVKkg4PF_yZZmkRvx8wWxVrEubld-W8ChE_aGw6Zb9sKP_avPKPzbPSyv30Jhdc1slk5RsNJ6XAGZJofRuq_kR91K7OEJ75Oc4LR3TlRd46z_x39kOcWNGhAtj4bO3vQx1jAelbmzhZHloVd1n25Y_2Ugp-FhyGejKTABIOu2sDeA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAf2_MPrAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQz_sL0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTM0MTEwNzM5NzQ0OTU2MDAYAA&sigh=G0w-dX0sVeA&template_id=493

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&h=600&slotname=2224162798&adk=4265426906&adf=422143281&pi=t.ma~as.2224162798&w=160&lmt=1558945943&url=http%3A%2F%2Fwww.yunphoto.net%2F&flash=0&wgl=1&dt=1629453022888&bpp=17&bdt=4722&idt=112&shv=r20210812&mjsv=m202108190101&ptt=5&saldr=sa&abxe=1&correlator=1764590359427&frm=20&pv=2&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1440&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&pvsid=2712229243022421&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=07KdBdSZfz&p=http%3A//www.yunphoto.net&dtd=131
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 20 Aug 2021 09:50:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 fc964dc419d916ebf26bff2d6d15853e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/ Frame 2FA7 28 KB
28 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/fc964dc419d916ebf26bff2d6d15853e.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33c0f7218f3f22d4293e90b46507a5bd0b26dfea5e32d6f97e04eb4d2c501bc4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 293347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 17 Aug 2021 00:21:16 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:21:16 GMT

GET
H3-29 200 1ce4c78cd1a621a84af49325632a8a60.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/ Frame 2FA7 25 KB
25 KB 10ms
10ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/1ce4c78cd1a621a84af49325632a8a60.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

330e1c0eb0c476f73262c0405ecac7f914d4ee6bf2390a28e2e97147e8a8ea10

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 264704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25784
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 17 Aug 2021 08:18:39 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:18:39 GMT

GET
H3-29 200 8df35d6e2ebe07e3cf7d5ed2a5deb28c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/ Frame 2FA7 3 KB
3 KB 12ms
12ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/8df35d6e2ebe07e3cf7d5ed2a5deb28c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c67affe9942bfc0ce3164ef9cb4a8b6732a8a25d358e1fcf012cba0d7fbfdda

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 247527
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3248
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 17 Aug 2021 13:04:56 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 13:04:56 GMT

GET
H3-29 200 9e0412933498bb8249de9c620d796eef.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/ Frame 2FA7 9 KB
2 KB 13ms
12ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/9e0412933498bb8249de9c620d796eef.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd587521ce76b5d4ca2b50d93e2f8e5e4b628d80494ef98d248de48fb70eecc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 293347
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2343
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 17 Aug 2021 00:21:16 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:21:16 GMT

GET
H3-29 200 c561af94e35f155e6972954b80d23d7f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/ Frame 2FA7 7 KB
7 KB 12ms
11ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/c561af94e35f155e6972954b80d23d7f.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 305840
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7576
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Mon, 16 Aug 2021 20:53:03 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 20:53:03 GMT

GET
H3-29

200

2230487820005555892
tpc.googlesyndication.com/simgad/ Frame F81E
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDXtJXyxgEQsAkYsAkyCM8gZDctHRbm
https://tpc.googlesyndication.com/simgad/2230487820005555892

50 KB
50 KB

7ms
7ms

Image
image/png

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2230487820005555892

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8670cbd398aa1c0f2777a2e93675050c79d8185d2c10714f2de36eaf1edceb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 15:59:21 GMT
x-content-type-options: nosniff
age: 323462
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50748
x-xss-protection: 0
last-modified: Sun, 04 Oct 2020 09:12:17 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 15:59:21 GMT

Redirect headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 05:50:15 GMT
x-content-type-options: nosniff
server: cafe
age: 14408
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/2230487820005555892
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Sep 2021 05:50:15 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame F81E 13 KB
14 KB 27ms
7ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQVfm5-j7GJgd08DT0NigELdIvGETXvlnA0Rt64tP6rmyjLpaii95-nS994Iw&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e55364fc761afb4900f71ee50b3e8b8e8dace4f4532035aeb6c6bee650f7c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 22:15:51 GMT
x-content-type-options: nosniff
last-modified: Fri, 27 Nov 2020 09:42:55 GMT
server: sffe
age: 128072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13524
x-xss-protection: 0
expires: Thu, 18 Aug 2022 22:15:51 GMT

GET
DATA 200
OK truncated
/ Frame F81E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c94f4b49344e02d692f0225d3d26864797c93f807e066753bd5b7ed3d97bc8a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame F81E 20 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 16:30:42 GMT
x-content-type-options: nosniff
age: 235181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 16:30:42 GMT

GET
H2 200 font
fonts.gstatic.com/l/ Frame F81E 2 KB
2 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12VjZGua_U_r&skey=fbc48de1c6e1b00c&v=v28

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%8B%E3%81%8F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6ac9db189f0cbae0aae6d307c3f6e343250e59ba834d5439fdcc146592f48bb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 18:05:33 GMT
x-content-type-options: nosniff
age: 56690
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1672
x-xss-protection: 0
last-modified: Thu, 12 Nov 2020 17:37:04 GMT
server: ESF
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 19 Aug 2021 18:05:33 GMT

GET
H3-29 200 7eef044701418332d257507c41cefa9e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/ Frame 2FA7 3 KB
1 KB 7ms
6ms Image
image/svg+xml 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/media/7eef044701418332d257507c41cefa9e.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17622593862510062529/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce8555b1dbf44c4fbc1ebf86f1a7a06156abe27f0355c3e2f02a5aff36f8e16b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 264704
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1063
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 18:10:14 GMT
server: sffe
date: Tue, 17 Aug 2021 08:18:39 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 08:18:39 GMT

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FA7 35 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2280
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 09:12:23 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F81E 42 B
64 B 38ms
37ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFix0gzyJ3YVkcfsuL3-K0VlM9j42KuHKwpyQtJQyhdMrXViDIXXwgVQT7__gEWZscItLCOCCGrQ48v-ysPgC_jW6tYvhksp25B6HXi9UXN2L81GrTX9FBPOhbNw&sai=AMfl-YSrxOJn72XWPwJSuytdGhuHzqvO5W_8RLsasIVsSPa4bL78UBw43_7IQ1LB2N4f87uOOL07gwsfFYLL&sig=Cg0ArKJSzDe-lTFIR1KeEAE&id=lidar2&mcvt=1000&p=8,1440,608,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210818&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4265426906&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&eosm=0&rst=1629453023022&rpt=1084&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 09:50:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

__utm.gif
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2000764065&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E3%82%86%E3%82%93%E3%83%95%E3%83%AA%E3%83%BC%...
https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2000764065&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E3%82%86%E3%82%93%E3%83%95%E3%83%AA%E3%83%BC...

35 B
96 B

6ms
5ms

Image
image/gif

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2000764065&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E3%82%86%E3%82%93%E3%83%95%E3%83%AA%E3%83%BC%E5%86%99%E7%9C%9F%E7%B4%A0%E6%9D%90%E9%9B%86&utmhn=www.yunphoto.net&utmhid=736228809&utmr=-&utmp=/&utmac=UA-212228-1&utmcc=__utma%3D244660749.910311688.1629453023.1629453023.1629453023.1%3B%2B__utmz%3D244660749.1629453027.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B

Requested by

Host: www.yunphoto.net
URL: http://www.yunphoto.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 05:59:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 13857
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/__utm.gif?utmwv=1.4&utmn=2000764065&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E3%82%86%E3%82%93%E3%83%95%E3%83%AA%E3%83%BC%E5%86%99%E7%9C%9F%E7%B4%A0%E6%9D%90%E9%9B%86&utmhn=www.yunphoto.net&utmhid=736228809&utmr=-&utmp=/&utmac=UA-212228-1&utmcc=__utma%3D244660749.910311688.1629453023.1629453023.1629453023.1%3B%2B__utmz%3D244660749.1629453027.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)%3B%2B
Non-Authoritative-Reason: HSTS

GET
H3-29 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49909
x-xss-protection: 0
server: cafe
etag: 7723420151934129076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Aug 2021 09:50:27 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 21ms
20ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210812&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a7cc181e7b3984b762db33726eb17dff422ed31fc99412d60c0fee11d987f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8408
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 20 Aug 2021 09:50:27 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/ Frame B3E9 10 KB
4 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210812/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210812/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3Ml8kP1JiqTMywrzdiS1P-BfKoMguuKdm8HSiD3-uK6OcWCTiWdwCC4unQuY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 19 Aug 2021 20:32:15 GMT
expires: Thu, 02 Sep 2021 20:32:15 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 47892
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.yunphoto.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.yunphoto.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 20 Aug 2021 09:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9283 0
19 B 16ms
15ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3411073974495600&output=html&adk=1812271804&adf=3025194257&lmt=1558945943&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.yunphoto.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1629453027247&bpp=2&bdt=9081&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2621403279f97749-22543258b1c900d6%3AT%3D1629453023%3ART%3D1629453023%3AS%3DALNI_MaKtBajSeCcoPnXj5C6KYEfTZG6IA&prev_slotnames=2224162798%2C5465082803&nras=1&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&psts=AGkb-H-jfAp-qwZ53aooBOupp08WLXrNSx0X3QyHK_6mLPe5L636EBGTY4p3CVmqz6fMgy2_lXGVZabArQ4%2CAGkb-H9V04f49RVrceM383huS1iQz2V3Gj2USMjztU74KLZRSNmJCs97CDSQOaP6gyH5zq2Dln6Du7tuSVb8&pvsid=2712229243022421&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=17

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-3411073974495600&output=html&adk=1812271804&adf=3025194257&lmt=1558945943&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.yunphoto.net%2F&ea=0&flash=0&pra=7&wgl=1&dt=1629453027247&bpp=2&bdt=9081&idt=2&shv=r20210812&mjsv=m202108190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2621403279f97749-22543258b1c900d6%3AT%3D1629453023%3ART%3D1629453023%3AS%3DALNI_MaKtBajSeCcoPnXj5C6KYEfTZG6IA&prev_slotnames=2224162798%2C5465082803&nras=1&correlator=1764590359427&frm=20&pv=1&ga_vid=910311688.1629453023&ga_sid=1629453023&ga_hid=736228809&ga_fc=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C20211866%2C31062297&oid=3&psts=AGkb-H-jfAp-qwZ53aooBOupp08WLXrNSx0X3QyHK_6mLPe5L636EBGTY4p3CVmqz6fMgy2_lXGVZabArQ4%2CAGkb-H9V04f49RVrceM383huS1iQz2V3Gj2USMjztU74KLZRSNmJCs97CDSQOaP6gyH5zq2Dln6Du7tuSVb8&pvsid=2712229243022421&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=17
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUk3Ml8kP1JiqTMywrzdiS1P-BfKoMguuKdm8HSiD3-uK6OcWCTiWdwCC4unQuY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 20 Aug 2021 09:50:27 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 20 Aug 2021 09:50:27 GMT
cache-control: private

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6FB7 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Fri, 20 Aug 2021 08:21:09 GMT
expires: Sat, 20 Aug 2022 08:21:09 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6B75 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a87030d7fe17273f3865d2ed2a653f4f34e4af075f541170012e829bb0d88998

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C4JJEKaOquFSWcn24aXLOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.yunphoto.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.yunphoto.net/

Response headers

expires: Fri, 20 Aug 2021 09:50:27 GMT
date: Fri, 20 Aug 2021 09:50:27 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-C4JJEKaOquFSWcn24aXLOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FB7 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ajm_1Dco6FzJMXTSkNIprya5eOKjJQcFmLvO5y0HW5A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 09:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2284
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13491
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Aug 2022 09:12:23 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 31ms
30ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210812&jk=2712229243022421&bg=!v7ylvPjNAAZvV8FTb1c7ACkAdvg8WohQY9hLR6j6qEo9-fK1I3L8jDiVbSrL6pSrmnc3RB9iDDqr7gIAAABaUgAAAApoAQcKABnuRgmjet49q3AOl9_GsRLw4o4EcDi4cQlYmQJ5vJRdVpYGSFZK_MJkGAx6TgM0wDaEKlHA1YPxYqJileE-59W4a2sePHWrTTaoFG68_Ep0k-ahw0oO2ZtgXk6j5cQOJZmAOO5PpaloRN_RYbKDRvDSZdqnCZfqarUSFs0D2j6UR7l55TOX6Gz2-aoo70ph11R4wNwuKNidva4I9wZJq6mINn64QfjrG8Qjp-6WLx8-PAFlRLimArIxUP0nGyJ_lH0FMTFxv9Mpe_chU1nluGlSwPPMnoEGn7aTVmUBfM7dN3vZ4YE1Q8RAnTo74PeT0yK4lZWcIMH07e3weBdb_ghxAJiTKYuUf29bMG4xHdTl0KvO_Ds28_M9UrVp_6GUADVDxjxkx4VKJX9qVDJij3wTbNOKIEwrKN0Qr5J0XuHu8z_16OpxtN-bU_4QjFYBiopuZEbfbEybY-9l3d1x-AZ_CYcz3aqe5S72EtmPFTZrAO2Fy7pXePe2Sd6DS4w921QrC7vAJ2lKG2D0ryLsXAXFHkwPIiB4w8YbWEkD0JceZRRVwAksHcXQylz1uLjKxGGxg1WQGxjMG6v0NtXGzhgmCzumYJVlqJZ_QUHKHojQX5s0vxClmIiN92f7zCTICh189O3ou3DulITq8hHQS-iLGh-Ui3ONWtgJret51vy-hGBgfXWw-WIlX5U5S6LqSO_eChzYgr3yU7SvBeF49zwv9mbB3NQxmGutWv-yupJKDVEXyGm4RTQOqO33Sd4jMUyDWlTISScgQSx6VhcDbUmH7ps7XnBvCtG6Bc8fy7aic2QAgYToZNQ_F_jAbSAy2pfIBpF9u73O5IWWhRTQdKj6WoDLWMso0nmmiFpgF41q5xrizmL4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.yunphoto.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 09:50:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adm.shinobi.jp
URL: http://adm.shinobi.jp/s/61c1139f1bea76d610c2cba6399ece72

Domain: adm.shinobi.jp
URL: http://adm.shinobi.jp/s/0d9e2dd01ad85de608c5ab3991cbf0b8

Verdicts & Comments Add Verdict or Comment

257 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 05:59:09	Name: IDE Value: AHWqTUk3Ml8kP1JiqTMywrzdiS1P-BfKoMguuKdm8HSiD3-uK6OcWCTiWdwCC4unQuY
.doubleclick.net/	1970-01-19 20:37:33	Name: test_cookie Value: CheckForPermission
.yunphoto.net/	1970-01-20 01:00:21	Name: __utmz Value: 244660749.1629453027.1.1.utmccn=(direct)\|utmcsr=(direct)\|utmcmd=(none)
.yunphoto.net/	1970-01-20 14:08:45	Name: __utma Value: 244660749.910311688.1629453023.1629453023.1629453023.1
.doubleclick.net/	1970-01-19 20:37:36	Name: DSID Value: NO_DATA
.yunphoto.net/	1969-12-31 23:59:59	Name: __utmc Value: 244660749
.yunphoto.net/	1970-01-19 20:37:34	Name: __utmb Value: 244660749
.yunphoto.net/	1970-01-20 05:59:09	Name: __gads Value: ID=2621403279f97749-22543258b1c900d6:T=1629453023:RT=1629453023:S=ALNI_MaKtBajSeCcoPnXj5C6KYEfTZG6IA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adm.shinobi.jp
adservice.google.com
adservice.google.de
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.adingo.jp
pagead2.googlesyndication.com
partner.googleadservices.com
sh.adingo.jp
spcdnpc.i-mobile.co.jp
spdeliver.i-mobile.co.jp
spsvcpc-tls.i-mobile.co.jp
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.yunphoto.net
www14.a8.net
www21.a8.net
adm.shinobi.jp
142.250.184.226
192.254.235.162
2600:9000:2190:4a00:c:2040:40c0:93a1
2600:9000:2190:8600:c:2040:40c0:93a1
2600:9000:2190:de00:1d:4ba6:de80:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:828::2002
2a00:1450:4001:830::2001
52.194.50.40
52.198.26.114
52.68.156.115
54.168.158.14
0239bfd43728e85cc93174d290d229af26b978e2a325070598bbcee72d075b90
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
05b7b2444290ee43ce9e6daf0a2b56aa815ab17d9ca64e7aa21739a5e4dd9b1c
0785445543ff5950188b14bed42e8562ece6f4014e09f8c19e6f4eda5fdffffb
0b74806dd686b55db5cb9ab27f60bd39f2cd2c66a07a8145e7c788f302b50ee1
0c94f4b49344e02d692f0225d3d26864797c93f807e066753bd5b7ed3d97bc8a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c67affe9942bfc0ce3164ef9cb4a8b6732a8a25d358e1fcf012cba0d7fbfdda
1d18c193431b553d47e03870103a036854797f1335b105a826bb588d17995da4
21fbea093a7e9bf8bac159496306302109665a5643c7c82f64f5b18c4b056aae
29e7ef99f5bca3b01a88202180aff4050a225a80a925b961919b4bac2d8bce69
2d11b2215f096ce38def08fb1fab981040ece30861ab1f834e616a60071f6b04
330e1c0eb0c476f73262c0405ecac7f914d4ee6bf2390a28e2e97147e8a8ea10
33c0f7218f3f22d4293e90b46507a5bd0b26dfea5e32d6f97e04eb4d2c501bc4
3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998
3ceb5ffcbdaaff606fe58b33dcac0c8b69cc5a3d49ab966f0fc0a27a86061fad
3e2765386d79d4335942180808ddf4a3391cf3c29c60412d13509baf8b16a804
3ff2406333ff0b3259ef926d6984a7f28d7aea72a7398cc3d8ac5c9d6044151d
406288f93726481cbcf36540013006611a062fbdeecd94e97bbc92a69f8eb154
45d7a9f3414355d055a0a663169ae6b1a1a08cf344bb4dd6076fd2016fc89fe5
4621e2f0cc2662504242c3321a21836621dd99f274ef444418dfbe96c3f1f79f
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4a7cc181e7b3984b762db33726eb17dff422ed31fc99412d60c0fee11d987f05
4eb3550b155ab491d533689788837e82f517139ee2b9ad951a123dc2668af6b9
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fd587521ce76b5d4ca2b50d93e2f8e5e4b628d80494ef98d248de48fb70eecc
52f2a71277c09444724d4263a1b70395e8c66bbce180ee50f8526be1c0878ff9
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5b424205cd587d11e17dc54c7eaa33b6994e606655df5749d374c3b4d97d207d
5caa29f3ec715b4b586f45112fd5f23e6af51dcf86fc2e6783516902d05fb856
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5e55364fc761afb4900f71ee50b3e8b8e8dace4f4532035aeb6c6bee650f7c38
60c1a99ffed8258d85da44982b0e80cfecb1d377ce4ecc225dc61f3733a0d9be
615ec6b90f59ddb04edc9747b8c4cf31b263e2662b625f00d222c44d05903dae
6474de285c43240702b7c41bdd370809dcefbc900b16472e4a8630712bd4eabf
65b488811bd504ecd9037c0aee94c56a7bcd0870c2ae8818f6cf60cb3ba51621
66c47e95e2ac18d9e71b1eeb1664d31499133817fa93ea09cde1c228eb13a137
6ac9db189f0cbae0aae6d307c3f6e343250e59ba834d5439fdcc146592f48bb0
7691d0340f24293c2f7ef772fedc98c1fcfb7936b4eee07afb6f5e143749c2f4
7f7c1e3961c6bf5c610471359f9f31192e03c66f55d3720e5da957332beefb01
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8670cbd398aa1c0f2777a2e93675050c79d8185d2c10714f2de36eaf1edceb56
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8a3c822261c2a7abec910adec83cf575eedfe22fa055e1da180778124513f48c
8cbd7cd9e19ced359ce0d63612cfa8e546ea3dfb8baa90534d89913d2db61e50
98064cec2d988908b1dba6f10c7b86361406612f3176a9d4308f6821b6b77d64
9fd5516f373117459e0e3667bc570dbc445928ec980725b88c6712c780c04905
a203d5f384840487d5c3517337dd3864a18f365141cf237819a21cc6439cc4e0
a3561af1b731d29f4d360766fefd2cedd2efa9a4e06efaedf84047055ae91e0b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a735a32521ae342f9266746be9901a2fec042f959ece3e6b27721899b81c150c
a87030d7fe17273f3865d2ed2a653f4f34e4af075f541170012e829bb0d88998
ac3c80232c39ae6b940bce3c38be4833950a58de62ff9cc223eae3257ee26d78
ac73d27f304143e1b177d0ad78128fe4acd0372bd0bb55cef63d853c93101632
b095daa45c5aedc085f2017153d1aa6507ba6475cc0b7c7918d1eaa557671efd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1efbaeb8c5ce34e2c6a6492d7aad07daeadfe3e2b4f2360a12bbd756ec23067
b4209e7e2208618e463ae2990959d90af722205e93aad66eec379c1b7eea3f8e
b5b3b78060934b27d88d694a3f65e5847097f62d5ffc862ae98e5ce482f74da7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
c3a59146eed5adf30e39790940994d8cebf0d9602e3f1023db23d7b9a8cdf9e9
cdf3948b9a7adf8fa7e5130f8ac900ad1d7e1cb0dfb5b966c575dfb4cf52b83c
ce8555b1dbf44c4fbc1ebf86f1a7a06156abe27f0355c3e2f02a5aff36f8e16b
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8865d0c147e4721c50c6cf337564e759df64f7b5c4662fbccccc44de9bf85ab
d9cfffd82c0a03f3c514730b4dacdc21f016e5b1f9e896193adabcc132c2a2d8
da8dc51e2799f1950d73b9bd97746806671f16e831050cb2deb19489489cb901
dcada69b729ce6c4a63f36571662fab5fabf8ee6d9bd05fe26b3cf754768d6ab
ddee3b7550624c244258abdcfc2824ce6327e652d31a01db50d35083290d5326
e1c5b41cc4dec857ca9c9166336dff0dec8f8ba6046aa71927370897143d2784
e3839bda12925cb48bacf414ced314c83f6067bce6ffae80ef798d2be4ce5d30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50be24ef2b3959f8675a9435911b34feed10abed904a81132ee31869e6eaadb
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
edcc08234bc94838d3f419396db30021004129269fe19cb211a1a303a9d5ea62
eece103d40501f32a95537071ddfad29bd9028987fb655e6bb5c48104e7b3e01
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fafc622fb3a290b8ad6b525883ba6497cb28b93eac9392b2d2ec3c9d2d8545f0
fecc455bdf5c35652da0785d7813467c8d1459c9134bb6723cb72762fd263f22

www.yunphoto.net Open in urlscan Pro 192.254.235.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

97 Requests

65 %HTTPS

73 %IPv6

14 Domains

22 Subdomains

23 IPs

3 Countries

1188 kBTransfer

2102 kBSize

8 Cookies

5 Outgoing links

Redirected requests

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.yunphoto.net Open in urlscan Pro
192.254.235.162 Public Scan

Screenshot
Live screenshot

Full Image

97
Requests

65 %
HTTPS

73 %
IPv6

14
Domains

22
Subdomains

23
IPs

3
Countries

1188 kB
Transfer

2102 kB
Size

8
Cookies

97 HTTP transactions
2 data transactions