n.yam.com Open in urlscan Pro
2606:4700:3030::ac43:d4a7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://n.yam.com/Article/20220426938821
Submission: On April 27 via api (April 27th 2022, 11:22:15 am UTC) from SG — Scanned from DE

Summary HTTP 200 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 48 IPs in 8 countries across 28 domains to perform 200 HTTP transactions. The main IP is 2606:4700:3030::ac43:d4a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is n.yam.com. The Cisco Umbrella rank of the primary domain is 315183.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.

This is the only time n.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	2606:4700:303... 2606:4700:3030::ac43:d4a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:350... 2a02:26f0:3500:16::215:1484	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.76.41.74 13.76.41.74	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
12	52.230.1.186 52.230.1.186	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	37.157.6.234 37.157.6.234	198622 (ADFORM) (ADFORM)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	54.237.0.39 54.237.0.39	14618 (AMAZON-AES) (AMAZON-AES)
5	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
4	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	13.69.106.215 13.69.106.215	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	143.204.202.77 143.204.202.77	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:7000:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:8000:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
200	48

25 2606:4700:3030::ac43:d4a7 (United States)

ASN13335 (CLOUDFLARENET, US)

n.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
weather.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:16::215:1484 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.76.41.74 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

admd.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.230.1.186 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

vote.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.234 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.237.0.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-0-39.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.202.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-77.fra53.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7000:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:8000:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	yam.com n.yam.com — Cisco Umbrella Rank: 315183 admd.yam.com vote.yam.com Failed weather.yam.com	2 MB
26	googlesyndication.com 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127 pagead2.googlesyndication.com — Cisco Umbrella Rank: 96	112 KB
21	criteo.net static.criteo.net — Cisco Umbrella Rank: 628 csm.eu.criteo.net — Cisco Umbrella Rank: 8498 pix.eu.criteo.net — Cisco Umbrella Rank: 8497	442 KB
16	popin.cc api.popin.cc — Cisco Umbrella Rank: 23367 tw.popin.cc — Cisco Umbrella Rank: 60897 log.popin.cc — Cisco Umbrella Rank: 27268 r.popin.cc — Cisco Umbrella Rank: 26723 inrecsys.popin.cc — Cisco Umbrella Rank: 27974 rlog.popin.cc Failed	138 KB
13	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	186 KB
9	google.com adservice.google.com — Cisco Umbrella Rank: 64 analytics.google.com — Cisco Umbrella Rank: 637 www.google.com — Cisco Umbrella Rank: 2	2 KB
8	ivideosmart.com player.ivideosmart.com — Cisco Umbrella Rank: 45809	43 KB
7	ad4m.at ad4m.at — Cisco Umbrella Rank: 2141 as.ad4m.at — Cisco Umbrella Rank: 2484 assets.ad4m.at — Cisco Umbrella Rank: 34231	56 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12524 ads.eu.criteo.com — Cisco Umbrella Rank: 8495 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10741	69 KB
6	adform.net track.adform.net — Cisco Umbrella Rank: 4378 s1.adform.net — Cisco Umbrella Rank: 8611	37 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	112 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	173 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 9242 www.google.de — Cisco Umbrella Rank: 6544	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	143 KB
2	trvdp.com go.trvdp.com — Cisco Umbrella Rank: 50486 s.trvdp.com — Cisco Umbrella Rank: 49785	202 KB
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 43127	5 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 828	648 B
2	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4032	1 KB
2	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 750	34 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	85 KB
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5559	718 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	5 KB
1	gstatic.com fonts.gstatic.com	28 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	1 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 610	30 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1718	22 KB
200	28

	Domain	Requested by
23	n.yam.com	n.yam.com
16	static.criteo.net	ads.eu.criteo.com
16	tpc.googlesyndication.com	n.yam.com 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
12	vote.yam.com	n.yam.com vote.yam.com code.jquery.com
11	securepubads.g.doubleclick.net	n.yam.com securepubads.g.doubleclick.net az416426.vo.msecnd.net www.googletagservices.com
8	player.ivideosmart.com	n.yam.com player.ivideosmart.com
6	pagead2.googlesyndication.com	www.googletagservices.com n.yam.com az416426.vo.msecnd.net tpc.googlesyndication.com
6	www.google.com	n.yam.com 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com tpc.googlesyndication.com
5	log.popin.cc	n.yam.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	www.googletagmanager.com 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5	api.popin.cc	n.yam.com api.popin.cc
4	r.popin.cc	n.yam.com
4	ad4m.at	s1.adform.net ad4m.at
4	csm.eu.criteo.net	ads.eu.criteo.com
4	track.adform.net	15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com s1.adform.net
4	15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.facebook.com	n.yam.com connect.facebook.net
3	www.googletagmanager.com	n.yam.com www.googletagmanager.com
2	stg.truvidplayer.com	n.yam.com go.trvdp.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	in.treasuredata.com	api.popin.cc
2	as.ad4m.at	ad4m.at as.ad4m.at
2	s1.adform.net	track.adform.net s1.adform.net
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
2	rtb.nl.eu.criteo.com	n.yam.com
2	sessions.bugsnag.com	az416426.vo.msecnd.net
2	www.google.de	n.yam.com
2	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
2	stats.g.doubleclick.net	www.googletagmanager.com az416426.vo.msecnd.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	weather.yam.com	n.yam.com
2	connect.facebook.net	n.yam.com connect.facebook.net
2	admd.yam.com	n.yam.com
1	data.ad-score.com	az416426.vo.msecnd.net
1	s.trvdp.com	go.trvdp.com
1	go.trvdp.com	stg.truvidplayer.com
1	inrecsys.popin.cc	n.yam.com
1	tw.popin.cc	api.popin.cc
1	assets.ad4m.at	as.ad4m.at
1	pix.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	code.jquery.com	vote.yam.com
1	analytics.google.com	www.googletagmanager.com
1	az416426.vo.msecnd.net	n.yam.com
0	rlog.popin.cc Failed
200	50

This site contains links to these domains. Also see Links.

Domain
vote.yam.com
www.yam.com
www.facebook.com
www.instagram.com
tnntoday.com
search.yam.com
traffic.popin.cc
trace.popin.cc
travel.yam.com
policies.yam.com
help.yam.com
value.yam.com
company.yam.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
player-objects.ivideosmart.com R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
*.yam.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-13` - `2022-08-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-04` - `2022-05-05`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
*.treasuredata.com Amazon	`2021-09-17` - `2022-10-16`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2022-02-08` - `2023-02-08`	a year	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://n.yam.com/Article/20220426938821
Frame ID: 172CED8743C4A1DBB20C7F305FAB0235
Requests: 87 HTTP requests in this frame

Frame: https://vote.yam.com/CF/index.html
Frame ID: A411AB6F44A91DBC9FF24F165A1683BD
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20220426938821/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
Frame ID: 100EE68A2D8275D3BDE251BF1F15FA20
Requests: 1 HTTP requests in this frame

Frame: https://vote.yam.com/CF/index.html
Frame ID: 7CBED90052C56AF4EFF7520DB46A0A10
Requests: 13 HTTP requests in this frame

Frame: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB6D2A321E7CDE7359A287F2C7125F56
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 9B0C5EAD700FD01F9AD091679727FBCC
Requests: 17 HTTP requests in this frame

Frame: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E805337698B4E6E9029D459CA2557E9
Requests: 9 HTTP requests in this frame

Frame: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 006F7338D03F05231024A26441A03C85
Requests: 16 HTTP requests in this frame

Frame: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B9C18B32FECE019D77B52D4A016AF83F
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmknXgANhEcIu8qnAAQ_e9rhnJH_fFScYPWf8w&u=%7C52gcrzwsC%2F3BZ448jU6O%2Fpe88dS3%2BMtR%2B%2F2yg%2FQAGdQ%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqDI9CrYEs2a5ZhFQbylTFRJylyMHiQnRW9fMn3BtQBfL3zdvhiI0szGKLf1f2ORoRIAkZIkeClZY9XaA8z0fADPTfgt0EVsqrIAIz_xK5CYCg6PJZmi6N1WdC1uZ2NbJ5Lj2YFLdBM8uROKFdM_x9of-ShQJ3XehKkVNCMLaZ9OBmmKHhh7ek6yYWEzq6VqySB9dtqRenOC8eIirjojeqKRvQQAi3IPQ0geXHBRkTC_Qj__ylfrxB9n8EVkGYxsuTuHuZ_dy8BaR47BLjs35UzNVcdNxzDvt-OQDGijVEY_Q-iTCy6B2LVSI9kes0_cO7DHBVTu_do1-F1P1XRsAYl6NDutiEc8Jd8tepeH-jlAQm0LzPOkkhn2tbZCCQQtHI640ru8ZpH_Rf4iDZD-nYYrvurLenz87qGND7L772f4zNhYwNiEyrRR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOudUXidpYseINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoE_gFP0NnS24nB4BItfdx9dM-Xjmf4_nQh54UkFfYYfbUMbvAtJLbd-a0WKwPW7AUYvrNVrUe0SVvrBUjTMWIu0U6hMYM_zIFCDkMHqj0v8WvCA-xrrHmh64toUmYpxv1wDFb-xtyiq2r0315CH9fUN__u4TMOS6yPoGErNKv-5cf7vQddWciiXgRi8DlR6sRxcJCH84MdF9RyY4a4MMTc-lw6SuLogw_L4corSCl0o9ZLnlsFDLVrt_8hTZaOJuF4q7fM3hEYIgANLbP4ZLBPOPhHYHtXgD51pUV0lASldBMOkiRylL-jhCMWvgDSP-vKWy2-eDVmSTWpTwD5Uw5W--AEAYAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07x7xUeKULABVqXrhZi7QkbthfhQ%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 4809AB20365C1F67491C8C6BFAF3F43B
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmknXgANhEUIu8qnAAQ_e0L0KfbSpTFLgshmbQ&u=%7C52gcrzwsC%2F2EaIFPBjfRI0%2F82%2BbvrGf34cWe%2FyuT%2BiI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltC0se4Bk8H8lnjepuMmDuqeEru-rpUvJG7ZbaS5XvW6IhRRiOb3i0h1HdwaAYJGSfC88V9gfL1LulvJOTyxIsSSgex3Ju06ff-gD0Wt_ux9_LYc1gmrw1WERN_I9D28XF-_7TsoTrSi8df2qbj95P7dHu8zdFW5TQUrj1keVfCL-DNGANyjZbwRemOwiweXm3VjmoIe_EA8_pkaH_IVMVVz9lYX1KPkU4b2fWsF8gRAojcG1UkWa5UTvw71_AWe9viLB3z1kXe7MMTTqdO3RiX4Kc68bTxxVdrN5gmgY-If4yInKcwJCHL1TJ6eFbQ0bZOKIhSyPM6-H7Bwb3ZD0oMgbUOmuUj6ZcVT2OEADipx8pGfPeST_GV0HP3PtlL_5m&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDgGMXidpYsWINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEhwJP0Ej1p9rKG_J0svuKw0tRaCZekBs7HcAuENc8wfi63wF2s1d8LvDfS5J7ski3_AKFG3BZ9dKJjpyO7uU4RObXY1fOrEm5oTWvxdTce3vnaSVZ6ffLlDA9q4-3LQRJD0zbLbTWCTks7b6X33h2C5x-L5-QHVlwRk9nPlJtlI7YV7cAodOsn4tZ3CWFqSWEEGEq-T0qO4grBbrQTfNQAJKBn0sbgTKA5ekJaM_WRD1BdngZAhmDDOy0NrgtMcz2L_VEjIY3wc-WscIp9MFI7CwqlUJmUiOTH-T7YLSwgerB4FDQAsqPEMEJKc7qIMC1yi_xF4yPmi9qxm5obyOCnFg3lS1B8dCl8eAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EAzOxiW_Fi0pducbxmGToExFs-Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 2009E555C837A507835F9DF7E0C979C8
Requests: 11 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 4F77415816794073940A541894FAD122
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=1pvjk_FFry8ChOyxeH4hy9stefUVX1v5&g=dc8eb8c89bdf73ce5a93d25a40ffe331%2F6561563726239250546&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1651058528065&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169pulvBd3_0GORn0jKkv7qAz6Zw%26client%3Dca-pub-1310852604335254%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g%3Bcrtbdata%3DjMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYSJthTcQeuBp0dQi92zlBQMpgibRl9rSfA7k443DjFY1bGW2BhWbyNsTQQFxlGEXcLB81ifIhuSCWPLm1bDT0c668oD5CMcX5P3HgyNudZ1qgiqYmxDffHQxAJqS6frrXt0wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttps%253a%252f%252fn.yam.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Frame ID: B524C23F71E3C3E4C3E14B2DF3377BF7
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2615b40bfd094c%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff16e0988ffc9ee%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
Frame ID: 7FAC7284B93C1E41587BDE904346B305
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb41a111f734c%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff16e0988ffc9ee%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
Frame ID: A4626CD026B95791AD44B32CC44612BD
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGrfUtAL5PhtbHNkw73V9q2SPrbtWM02tU8MDoW3aarIH5N18I1Z_yL3mphX9YrINmKgAXSgb_i0yExGW-uDiLl_4c35cbphsRAafLO6V_1AfsfljnpIsuNfsLP2qMpr14O_7H1mU29Pc4Uz4BRoiMr2a3yeyDi-OEc4fjog0lq_4f6oQEDgHbP1sgztv7QX5qEOk5pSbjCKGnX2fnjgvG4aiW-aMbnlIGF5aZzrlecBKFmcpBfGIrF-TraIjqhtNv2VS2W1lgA4nohDZCZ0gZtQ7P7cGPYQTjuAD277_SLKrKwZ0mL1mKo4tAAvs&sig=Cg0ArKJSzCBg-iUU7XiREAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 99D325CD4EC80A7BA8EE0BAADC7066FB
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FE7B5770C9A4DF47CCB2E7CE149EF363
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D9A64C23CB8584453CDAB43A3C6FADDE
Requests: 2 HTTP requests in this frame

Frame: https://api.popin.cc/iframe/article_read.html
Frame ID: 46E1FBA2B2B053EFD9CFA21E0F9CE031
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

星展銀行信用卡繳稅享最高1,000元刷卡金或12期0%利率，刷卡繳稅滿100萬再享2,000元刷卡金 | 蕃新聞

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

200
Requests

96 %
HTTPS

64 %
IPv6

28
Domains

50
Subdomains

48
IPs

8
Countries

3566 kB
Transfer

6768 kB
Size

19
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://vote.yam.com/
Title: yamVote 蕃投票

Search URL Search Domain Scan URL

URL: https://vote.yam.com/votes/LNdHQ8YIfDWqMNZ93GAJBQ
Title: 年底大選十公投，你最支持哪個提案？

Search URL Search Domain Scan URL

URL: https://www.yam.com/
Title: 首頁

Search URL Search Domain Scan URL

URL: https://www.facebook.com/yamnews/
Title: fb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yamnews/
Title: instagram

Search URL Search Domain Scan URL

URL: https://tnntoday.com/
Title: 滔新聞

Search URL Search Domain Scan URL

URL: https://search.yam.com/Search/Web/DefaultKSA.aspx?SearchType=news&l=&p=&k=%E9%98%BF%E8%AB%BE
Title: 阿諾

Search URL Search Domain Scan URL

URL: https://search.yam.com/Search/Web/DefaultKSA.aspx?SearchType=news&l=&p=&k=%E6%AD%90%E5%86%A0
Title: 歐冠

Search URL Search Domain Scan URL

URL: https://search.yam.com/Search/Web/DefaultKSA.aspx?SearchType=news&l=&p=&k=%E7%BE%8E%E8%82%A1%E6%96%B0%E8%81%9E
Title: 美股新聞

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220425750370

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220423542016

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&evt=102&rid=817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf&campaignid=1281637&impid=popin-n.yam.com-1&offerid=16658418&test=0&time=1651058529&cp=yIMYilgMg4W6sEX6Vu-dYnc659g_y-Zz6a_4SnL-duI&clickid=45_817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf_popin-n.yam.com-1&acid=20072&trackingid=27ea796f50989243733e552c6548cb7b&uid=da57c872262366f8f281651058530520&jt=2&url=p8H_pORkpNpDJRaV8GG-2XNSVOy97lDsDssZUC5JD5gdtkZQPs_125L75R5EeRNgtnPtQOjysusnYH7_ybAjHQ&bm=33&la=de&cn=tw&cid=3613314&info=cipxAgcEcyDDTcop489DOJz2sWX9ZnxhINwOz-eYkFo&sid=1__12__24&sp=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&scp=33noP9bWEPop46s2PWasLkUdzAdoid7yweqP0iBogWU&acu=TWD&scu=USD&sgcp=umNytcD7DK5evhNlBcyrYhmdXuZ1u7vza4vDFFIMfIE&gprice=wYQt55ErzJfMRRHOjD2vVeS3LP5dLkbou6k6rycf7rA&gcp=Yqf4gHi0cNjz4nnj_YII8HqntyGuRZTuXPJRtsiy7S4&ah=tw.popin.cc&pb=m&de=n.yam.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220413795806

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&evt=102&rid=817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf&campaignid=1286657&impid=popin-n.yam.com-1&offerid=16983163&test=0&time=1651058529&cp=yIMYilgMg4W6sEX6Vu-dYnc659g_y-Zz6a_4SnL-duI&clickid=45_817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf_popin-n.yam.com-1&acid=20072&trackingid=793bb03882db87fe7d6a1c816a3cf474&uid=da57c872262366f8f281651058530520&jt=2&url=YmvRMWDZAFJ4lvPJXnO7PcrVyvb0UfyX_U86u86OZpCFGe4g_-6zgKJVDkgepaQ-teIMUGF1kwy04Ivfb3Wl9Q&bm=33&la=de&cn=tw&cid=3630170&info=HF_ropFSUkDcPVIAUgLJJ6AOXZEQryJpGzysaQoPiVU&sid=1__12__24&sp=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&scp=33noP9bWEPop46s2PWasLkUdzAdoid7yweqP0iBogWU&acu=TWD&scu=USD&sgcp=umNytcD7DK5evhNlBcyrYhmdXuZ1u7vza4vDFFIMfIE&gprice=wYQt55ErzJfMRRHOjD2vVeS3LP5dLkbou6k6rycf7rA&gcp=Yqf4gHi0cNjz4nnj_YII8HqntyGuRZTuXPJRtsiy7S4&ah=tw.popin.cc&pb=&de=n.yam.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220407920908

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&evt=102&rid=817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf&campaignid=1288118&impid=popin-n.yam.com-1&offerid=17231690&test=0&time=1651058529&cp=CdcZMy0GTw4QRaljXf-_Z0bPqyYMbxjB127d_bq8iP4&clickid=45_817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf_popin-n.yam.com-1&acid=20020&trackingid=c20ae99cab1d7dbc3821aa8ed9b99f82&uid=da57c872262366f8f281651058530520&jt=2&url=lD1Zv_-B1dGoPlmsU__P5qjp5pPfJ_lZBZaq3_Rhk765_kQodl3_BG8u3fkxul_xn2hSeLFPzEQVYtuaSS8rTbht57JmoDaeALQ5ZG4pPqc-aBh0oY7PIai3Wg0fXBOrOFRm8xQJnJZk9lKPkOTXttaurst3hn7xg1rbFCGt_Pw&bm=44&la=de&cn=tw&cid=3643199&info=UbpENWtE9pl2OTq2Sab7-3IyGkdJctN1yJ5Yu4ad6NQ&sid=1__12__24&sp=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&scp=55t1kXTxw0fk2HTAZC-Br0iSw5WTk3dJ3BfHScpyMZw&acu=TWD&scu=USD&sgcp=jO10Cgq7BGwy0HUZKNxhPVeZ7_CvjO7vPKZwiAxtXHo&gprice=wYQt55ErzJfMRRHOjD2vVeS3LP5dLkbou6k6rycf7rA&gcp=Rpp8sriUj41P4z7rD69fJj9IegXlcSwj7e6p0kMlP64&ah=tw.popin.cc&pb=m&de=n.yam.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220425733803

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&evt=102&rid=817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf&campaignid=1281632&impid=popin-n.yam.com-1&offerid=17215899&test=0&time=1651058529&cp=yIMYilgMg4W6sEX6Vu-dYnc659g_y-Zz6a_4SnL-duI&clickid=45_817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf_popin-n.yam.com-1&acid=20072&trackingid=f6f8a9c5b300b0faaf3869c74571e798&uid=da57c872262366f8f281651058530520&jt=2&url=f1H8JZT9-MoDBlvgbAxSxAGUJOpQX1JHmMi_jlo3P7F7zV-lGQXdW1zInATsG_GoEMU447BE63qXHbhrkJwINo6ftfSdPjqqzRzqD8JFeuA&bm=44&la=de&cn=tw&cid=3642528&info=_-Zvm9tqhV1NCWpLMgSQzt9lsQQE0Kc-KbD5UzPTBGg&sid=1__12__24&sp=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&scp=33noP9bWEPop46s2PWasLkUdzAdoid7yweqP0iBogWU&acu=TWD&scu=USD&sgcp=umNytcD7DK5evhNlBcyrYhmdXuZ1u7vza4vDFFIMfIE&gprice=wYQt55ErzJfMRRHOjD2vVeS3LP5dLkbou6k6rycf7rA&gcp=Yqf4gHi0cNjz4nnj_YII8HqntyGuRZTuXPJRtsiy7S4&ah=tw.popin.cc&pb=&de=n.yam.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220330213774

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&evt=102&rid=817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf&campaignid=1245457&impid=popin-n.yam.com-1&offerid=17180368&test=0&time=1651058529&cp=CdcZMy0GTw4QRaljXf-_Z0bPqyYMbxjB127d_bq8iP4&clickid=45_817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf_popin-n.yam.com-1&acid=2577&trackingid=7c36f47ad5069dd396e8cd28b488ca8e&uid=da57c872262366f8f281651058530520&jt=2&url=lZB5H76t5V088ncs1BCBu890ZVd4OCL91PN_PR9USdCjyVJZXM7-MwrBkkq4qVVmtWO2t61Uc1_pI-GGQ8F2gFMnTD1oO01whj0uCBacrlzWykgV65ahb-JYolQBHz32vmk9PpYFMv0km1eRJPU2M1cVUBIxN4OeQqtTzIbKo2P8usklR-kwT5M00HTnDiRAaASMYDFpTP9yvEYHl3pZ5A&bm=33&la=de&cn=tw&cid=3640650&info=4UODvMlrFoaUYIS-muYWMn-KPw71egzWBr4KtuO6Stg&sid=1__12__24&sp=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&scp=0cdfmcGCdPa4p4IwGaBTyWW7Xh2AZZM6WJ6dp6AVfug&acu=TWD&scu=USD&sgcp=jO10Cgq7BGwy0HUZKNxhPVeZ7_CvjO7vPKZwiAxtXHo&gprice=wYQt55ErzJfMRRHOjD2vVeS3LP5dLkbou6k6rycf7rA&gcp=Rpp8sriUj41P4z7rD69fJj9IegXlcSwj7e6p0kMlP64&ah=tw.popin.cc&pb=m&de=n.yam.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220412215261

Search URL Search Domain Scan URL

URL: https://trace.popin.cc/api/bidder/track?tn=6e22bb022cd37340eb88f5c2f2512e40&price=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&evt=102&rid=817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf&campaignid=1245457&impid=popin-n.yam.com-1&offerid=17180597&test=0&time=1651058529&cp=CdcZMy0GTw4QRaljXf-_Z0bPqyYMbxjB127d_bq8iP4&clickid=45_817e2ca4-c59c-4f54-8ad5-ee608a6fc3cf_popin-n.yam.com-1&acid=2577&trackingid=b376eadc986c42605d5205dbf860ea01&uid=da57c872262366f8f281651058530520&jt=2&url=062hucgyN58hjPCRtuB_Uc2kTnHMo264wpYXKXg5J6kKGIUAQLFPR2QDQ-HGkh71-NIS9lw43JuQiwcu77BPNvJtx9pC9n6kqj3UQP7dprH6b2C3fHZ3iHeVykd2-JZWNqlzqz_TXme7nD_lCZSWcJzocuyeHCZWmNH2m9RTjP4O1PdVlMwzYZUXUCHKlmPvwUl0glYFNcy0_VEXn0yFSA&bm=33&la=de&cn=tw&cid=3640662&info=K79GiseJeg6aS0a9eyjV497jAYnDDNj66rRFVPo6MEM&sid=1__12__24&sp=91iVe6ItB31qqX2zn6RtlEJm1xg8GOnPwJjdbtKk4e8&scp=0cdfmcGCdPa4p4IwGaBTyWW7Xh2AZZM6WJ6dp6AVfug&acu=TWD&scu=USD&sgcp=jO10Cgq7BGwy0HUZKNxhPVeZ7_CvjO7vPKZwiAxtXHo&gprice=wYQt55ErzJfMRRHOjD2vVeS3LP5dLkbou6k6rycf7rA&gcp=Rpp8sriUj41P4z7rD69fJj9IegXlcSwj7e6p0kMlP64&ah=tw.popin.cc&pb=m&de=n.yam.com&cat=business&iv=1

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220408980487

Search URL Search Domain Scan URL

URL: https://travel.yam.com/
Title: yam 輕旅行

Search URL Search Domain Scan URL

URL: https://policies.yam.com/duty
Title: 服務條款

Search URL Search Domain Scan URL

URL: https://policies.yam.com/privacy
Title: 隱私權政策

Search URL Search Domain Scan URL

URL: http://help.yam.com/
Title: 服務中心

Search URL Search Domain Scan URL

URL: http://help.yam.com/m/
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: http://value.yam.com/
Title: 廣告刊登

Search URL Search Domain Scan URL

URL: http://company.yam.com/manpower/
Title: 人才招募

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

200 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 20220426938821 Show response
n.yam.com/Article/ 47 KB
12 KB 476ms
449ms Document
text/html 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0e52fd2663504531b6e86131400b1639a2cdb3c6affd11bb14a1b5786c4c4354

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 70272daa0c629baa-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 11:22:06 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ekD1GyqfC9Yl41JiEa7aCLn3VjSkN8No7yXxLX1IiJfODd8kX%2Fz1Qbt6CcbkITiS071w1E35GHQoCRH%2B7%2F3Rqe%2BI85GArWXs8sWH2O7elCkK6Y03ixI3WUrVE3Ric9Jhr1yZn4nQw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 style.css
n.yam.com/Content/ 41 KB
8 KB 23ms
22ms Stylesheet
text/css 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Content/style.css?v0.02
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 12a14a185b05f3f38dcbda8c599c64989d05169c906d01b740474bf2e8450f35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 07 Dec 2021 02:16:26 GMT
server: cloudflare
age: 1529
x-powered-by: ASP.NET
etag: W/"44361d7010ebd71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtf712VXXo%2B5Cy1xdvF2YnPmGe9HLtWz9y0CS6%2FvxdKITsmDVhdt5ki4PrZl2vJZP5vBohAqNgkKqyHmrZYoORfQrhjHhA74jqgKco6U2s3U73Ynrd%2BIIcJzyWVh%2BhbHV5HyxvGuoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70272dad29cf9baa-FRA

GET
H2 200 jquery.min.js Show response
n.yam.com/scripts/ 94 KB
34 KB 26ms
25ms Script
application/javascript 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/scripts/jquery.min.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 03:55:30 GMT
server: cloudflare
age: 1529
x-powered-by: ASP.NET
etag: W/"0251812be0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLHnFqcMWlxbQHHKfGsBHQKnXxpdeKpcWCQX5WIrALNa1k%2F%2BKunlD6eb4nxVPIZs6USGcFE%2FYxcLQfpEKKMsyXLlGZ8plj5yfjC9RsvwJFuBlyLLtNhEXucCe2mUz6%2FbwYvfqOgCLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70272dad29d39baa-FRA

GET
H2 200 main.js Show response
n.yam.com/scripts/ 6 KB
2 KB 22ms
22ms Script
application/javascript 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/scripts/main.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 180c7cb3d801ef8f115e4800430b2622d76002c39c32495b8aa6cc0b865f0a00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 03:55:30 GMT
server: cloudflare
age: 1529
x-powered-by: ASP.NET
etag: W/"a4cf6812be0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VkiOsjRPWzBNCEpXIM1T2g%2Bfmw2UTUk%2BA6o9FFYjuYH190DZWDEmo2d6xh0pIWsR9FYdBU%2FadgBiY9gs93oHH6O1zlQo3Tn%2BaHxh8Va%2FlywVmmRyUL4yaMuVMjS%2BFsYvNmZhVtiGvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70272dad29d59baa-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 69ms
28ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

dcfb691fb59571e9bec752c087ee8d17bed93bfbf20691b4c40a5777feb0e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28711
x-xss-protection: 0
server: sffe
etag: "1198 / 213 of 1000 / last-modified: 1651055637"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H2 200 line_dog.png
n.yam.com/images/ 20 KB
20 KB 640ms
635ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/line_dog.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8246297b958c38c4ce4902ff522c1e9192ec9b35c883587b22533f78b57e1d28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Sat, 31 Mar 2018 08:27:11 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "b2d7bc10cac8d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHB1po30xSiaNJ9xfbFW%2BLQ211tu8tyQbjGEcg4GE%2B96Kyx8sQjVQNRaYLUpOgBlFkf5IVp1Yo1jONZWA0KBvHdS8ONxFPCbUzpTXQO1mCo19peHkbVZQtCUlWZZ83yigjPo8dzoIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8aa89baa-FRA
content-length: 20442

GET
H2 200 menu.png
n.yam.com/images/ 16 KB
17 KB 176ms
171ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/menu.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8959cbb31bc9bfc1725be63c62be12e61153d1323bcbbd72583a920cbdde82a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:25 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "903262fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YaRFeIXIr8R6LYDgctZcNSGauWaYkW1RZOZNUOAyNvYFo2cYLf7p%2F0yscwY2dJBJW1S4YE%2Bn5dRrExjpKjetji%2FtEF3y%2FPmSHbe0mxkcSABNvUV2HN%2B24shZTplWvwcpGsz3peMLJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8aab9baa-FRA
content-length: 16882

GET
H2 200 email-decode.min.js Show response
n.yam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://n.yam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Apr 2022 17:45:27 GMT
server: cloudflare
etag: W/"6262e9b7-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzgacqVnrR7XGPcU1nCG3ttlAuek7Pu76LCEG43tGcVwk7YfMwQ8MOm6MGlwY9CQulnK3a9%2BwbtE5F7s85VDTG58rQmnve15X7vZOKKOEykQR8bAI9nvCe475EdpBf3xHRQYAsr%2Bqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70272dad5a499baa-FRA
vary: Accept-Encoding
expires: Fri, 29 Apr 2022 11:22:06 GMT

GET
H2 200 footerLogo.png
n.yam.com/images/ 94 KB
94 KB 641ms
636ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerLogo.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ce1f3c592fb1fa8ec36e24e94c7ee1078b7b5cce37aa1f2dfad408e48f7bc83d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:24 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "d56212fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fR2rP1S2caDdetleDcuk0Jjx32hzC0uLNAOnTq7H7IVNgHZkKy%2BP7IY2AoFcN9Nw6kwHLuwyv2uY3I6rtjBvPNjGelUMq1JFG7tTjJbz%2BWqVfWUd7SVstHXN2arsp%2FAZRpqdZUJA2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8aac9baa-FRA
content-length: 95889

GET
H2 200 footerFB.png
n.yam.com/images/ 91 KB
91 KB 629ms
624ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerFB.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e0e2d7cefffb4d70cc26783bdb91ad8d563733ee196f63e5b99a870b14efd126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:24 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "42473fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zQWPSsuoHs1GskloeosGZoHcfvYxsThGsY7GOprJud2kRJxbnQgzlbEOSOLe2ig265o4LW%2BKrJoevynVyc7srgy4FXez7cHHdqsDtzhMcbr9BkB1gwO4jEpYhMoucn42rOG6TYrHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8aaf9baa-FRA
content-length: 93133

GET
H2 200 footerIG.png
n.yam.com/images/ 91 KB
92 KB 636ms
631ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerIG.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3b3446a0e1254ba70508b10b7ea5bfbd60e42f22c1bdba89a421a72d25aed643

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:24 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "eb177fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpW7D6NNk5KMDC7vCYu9jUF2BxLx2R0tc4mEH2TkV0stsvLXjljSnG7mbMow0ctEu66bRIu0xmXqhsX%2FqsjpNjWAUEUFBmOZDNfySFpt6%2FITN0v1STCFgBEfu7kXP4syLfD0Wz6Tjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8ab29baa-FRA
content-length: 93396

GET
H2 200 footerHome.png
n.yam.com/images/ 91 KB
91 KB 641ms
638ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerHome.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 95901cd872570c226a2a131e926a275006f1d37e2dfbda1e6d004b1b0d6a4568

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:24 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "1f435fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z9sCaVi%2FActY5jN5K%2B6SbNkSk8JRADBnZV2DKQFU3T1AgAQlg5eVv%2BRTRwl0gIpl%2BkgKWBCg0jVZrgnXXdUjJE5vAJr4BRvE9H1eemjB9QWTj5EG8STmVToDyaTvNicWFVoORpTUVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8ab39baa-FRA
content-length: 93214

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 64ms
22ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16227618-1

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

edb51ba41a6710f09aa506240d2cdd75cd04519ea5cb3dbdea29848053c9a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39838
x-xss-protection: 0
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H2 200 ResizeSensor.min.js Show response
n.yam.com/Scripts/ 2 KB
1 KB 21ms
21ms Script
application/javascript 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Scripts/ResizeSensor.min.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 535c0cbf7d9ba30714479b2fbc3c5c6f8aac89d1aebe4280d1026d1fa29c7d72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Oct 2017 04:49:18 GMT
server: cloudflare
age: 5006
x-powered-by: ASP.NET
etag: W/"4bb64b9f9548d31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDARGnjYJTb9zWZOIjJjvpyeXFJNIJlkH0zGGyWvm%2BgIoI%2FRs5Hk4wl3qyrGZISlh6YsRaY%2FYoWxtazLaxfLzFZnbqXB3sERfN0IWk1TQlWiP19TeuAq%2BGCX3fO6Mk2N3T4MDgB4vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70272dad6a679baa-FRA

GET
H2 200 theia-sticky-sidebar.min.js Show response
n.yam.com/Scripts/ 5 KB
2 KB 31ms
20ms Script
application/javascript 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Scripts/theia-sticky-sidebar.min.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Article/20220426938821
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 08 Jun 2017 03:55:30 GMT
server: cloudflare
age: 5006
x-powered-by: ASP.NET
etag: W/"c0d97612be0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xqyj6indLICwT3rsXRqmbsa2Wbx7tjAJj25GUF9NZdj%2BPRLQuFJvGtUkCggR0z8b8Qi8Z68%2BlkDZYlZiOKAjahRmznfm%2Fa4ycwywkvfKvOzXjwbRYjVQzTe2bH%2BSV6BeAbSIhZyrZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70272dad8aa49baa-FRA

GET
H/1.1 200
OK sp-tools.bundle.js Show response
player.ivideosmart.com/ivsplayer/v3/ 5 KB
3 KB 70ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba44cdbcfe1363caf6f1ab3bf350e9141ea3f893c6952e0dbb48537141e3bdad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA50-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 2197
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Server: AmazonS3
ETag: W/"c729bb1e2e66f3af22755e65d3218fcb"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: -SXVETq-OHti918-2vICk8UGo9G6nUnWYI-GUVqdYndYmHgbj438Dg==

GET
H/1.1 200
OK yam_AD.min.js Show response
admd.yam.com/JS/ 13 KB
4 KB 731ms
159ms Script
application/javascript 13.76.41.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://admd.yam.com/JS/yam_AD.min.js?r=2751764
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.41.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / CSCWORM
Resource Hash: 6a780c5fa5c99f71f5c5f711477fffc2e6c453995ce779d3f66a8d74c6983141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Content-Encoding: gzip
ETag: "805c12effdfbd01:0"
Last-Modified: Thu, 01 Oct 2015 04:02:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: CSCWORM
Vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=280800
Accept-Ranges: bytes
access-control-allow-headers: content-type
Content-Length: 3861
Expires: 1 days

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 31ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8aca7d5b4fcc872914606add2da8fd305b2504d1d66db516090dcb66d2edb429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9n1xMrGDU6ynstfLn+FaUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Apr 2022 11:36:18 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: 8tToOvdb+YInrPuTEYhUSdRB9UuflbrNUvRbOvRCsK9FShQJceNBrdudtdunLKgglaBwb6eIBPF6Xd7gT0g/EA==
x-fb-trip-id: 686109401
x-fb-content-md5: 7bcbcca594f85bc4b36002ddf0144c12
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 27 Apr 2022 11:22:06 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c7d507ed1b1a8c140b9bc962bf292da8"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
37 KB 83ms
44ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPVR9P4

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a69fcb193ee681132ccd115d207a8d3a0692592dae6b4716945a5823712ad582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37818
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H2 200 menuClose.png
n.yam.com/images/ 19 KB
20 KB 634ms
633ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/menuClose.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b470a9ccb87f12a1e884dd7b83f52df6cbaabd71f89b9d844e94df1da9f76623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:25 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "bcad72fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8pLNh0EVqV9f59IkXe%2Faj%2B6OUXLg6V1UPO29ocYgQmgZiFo%2BLnyKysd%2FAb6EQq7oLoWyWmF2Ri1d0ELaURxjsJsV%2B7iRhX%2BmeC2KqB2%2Bf0I7IVfGzDfpOT0aKsbUaB%2BCAWaX9JYUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8ab59baa-FRA
content-length: 19726

GET
H2 200 list.png
n.yam.com/images/ 90 KB
91 KB 646ms
645ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/list.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9d5cbcadd2608ad6a3d4736c41b799d5b02635ff9443c32282a901c1efe0e2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:25 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "c3963bfbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O911sYJTXud%2BJNBxSL9RynDwcW1wkCdnDKuHVUvJedmVbqnNIebCDMgrREJyNmV%2FGnT1zL%2BQFJ4gbc4TaR9Hn6tHCAQvBP1qbR7BXb86Kg3EkLrQhLqlh08OeWPhi90vloX4VFhcAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dad8ab79baa-FRA
content-length: 92135

GET index.html
vote.yam.com/CF/ Frame A411 0
0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame 100E 0
3 KB 62ms
37ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20220426938821/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: xneHy/MeGjqCS9Lx7gv1LGSelig4wKF/U441cFHFzuUolnKodrtfLYm3kojq7ebvtzjwAN3s9R7lBcTnM6NeMg==
x-xss-protection: 0

GET
H2 200 topIcon.png
n.yam.com/images/ 23 KB
23 KB 647ms
641ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/topIcon.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 80b410ec29856b8a73f32c11d586a7fe30fb0398b485d41420144b217ccdf930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:26 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "c7c3f5fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6GpksewPgvbnRsBXs8ziGYDa2Fokcpf8AL%2FR1B%2FP%2BGxeOLNJJCzTNKXmjVI6yWI2eojqELCkjItbPXgpv1yFIp9ONeI7cUhvHu3i49yrSjJocwP1e3ApToTQz8ufgvqis%2BZDiping%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b8d9baa-FRA
content-length: 23452

GET
H2 200 logo_3.png
n.yam.com/images/ 3 KB
4 KB 650ms
645ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/logo_3.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6c6414ec1f58ce4a0475014dd742c1382f163931d7ad64a64386027e1dd53faf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Mon, 17 Dec 2018 03:35:41 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "e26dbe95b995d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRZxq%2F9d3NsfoYoM3dnfJb9yPLd8oyZtSYL1%2Fhm5tOJ7K4RoltzSoXT9nD56nxABCwx5KV2Svb31Stp%2F6Tn8xTeTQwThiBIO2XRSrOkV8rNxGGNUt%2F59ASermyrdT2Ejipxiekdt0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b8e9baa-FRA
content-length: 3155

GET
H2 200 logo.png
n.yam.com/images/ 13 KB
13 KB 634ms
630ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/logo.png?0803
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b4515b8f273639bb116e123e614d446918aca49d7216151885da47a90370e837

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Mon, 07 Aug 2017 03:35:00 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "14d8e0252efd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiejUFC%2F9Uila5Yxzk%2B5H1PqsnOMS9swwUVPF7uHYPMecLeBXT16kaEWniVp5tXVVKVKMJ8nze6hpAr0A%2FBf4FFtHAnK0MpBHRr5nehm%2BaaXgxo4VM0pognpu8nl0zVFGVaR7IaeEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b929baa-FRA
content-length: 13410

GET
H2 200 logo_2.png
n.yam.com/images/ 5 KB
6 KB 21ms
17ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/logo_2.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea4d8446159d1f71f8dad379c62fe855418b1a7ea0ecdaa5815fb72a8c8ea08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1696
x-powered-by: ASP.NET
content-length: 5327
last-modified: Mon, 17 Dec 2018 03:35:41 GMT
server: cloudflare
etag: "e1b2b995b995d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzRcMHcL8hX5EcULULbPaoqvmmltY%2BEfYn42OMkMKYqbWF8Ay%2BxNbWzMzz42yUO3HibCQPw5BsKEZqLqeT1jcWQcI0xe9PxmS%2F4lnnzqYlGsFy4ZmwpfsV2L4GL34dYbknMjFkwbAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b939baa-FRA

GET
H2 200 searchBtn.png
n.yam.com/images/ 90 KB
91 KB 634ms
630ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/searchBtn.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c99442f2685ab85f1219dc1da3b9ce48891300e612914f862d85f5ea372e38e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:26 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "1193c1fbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83dcoZ9jXwiVBhCjvmwG9%2BZmyHZqqHE6vQy1hPgUFP%2BRZf1%2BICSBGXaXH7jpCT1Fn%2FvWK81oASAT3ySislg9g4cqvKrWUl66axtUTB6Kd0jVP5WaNF9dK0kyHVvdm7fURjMkCfHFng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b959baa-FRA
content-length: 92568

GET
H2 200 weatherSelect.png
n.yam.com/images/ 90 KB
91 KB 631ms
627ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/weatherSelect.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 19e63a64055145811f19b89020689bb5230a3b8d957455044ddcbf4d7308fe63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:27 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "c2799d10be0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBbZSgpWZLX4MEBiq0S%2F6liIsE74GeTVVEnRHZqs9D1CDYHByPtBqTvPZXdZ5xY%2FWDREHZhBMJZOnvyB9HxJe0A%2B9KOX6UHd6m7mIUU1AbecGIgua2DyAMOLlE36Mv0l5KuXOK2DBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b979baa-FRA
content-length: 92271

GET
H2 200 textBtn.png
n.yam.com/images/ 90 KB
90 KB 636ms
632ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/textBtn.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dce196c44d8bd79fea22e1c0419f9f56da0c70d65de227c00043ae1834282dcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:26 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "48f1dffbe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLCNp%2FMI5nCl3HgLUVWEWszq3JrcEHzJ6Qi63vrqDF6SK2P%2FFFfsmoNkY6vcj1cLPnJEsqp52oYLiO0s3KViUfQYNb9KOd0aLUzbdY3ViFyaoOLRO8oD%2BeRpbJK%2BtAXRi1%2BjRnJdmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b999baa-FRA
content-length: 91837

GET
H2 200 articleLink.png
n.yam.com/images/ 21 KB
21 KB 636ms
635ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/articleLink.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 536429eab51aaed2d0386c52000bbe9877a97bb7c825381fefbbdf2ae0c22007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Jun 2017 03:55:23 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "e26d7febe0d21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ojPl0liT4w4NkbW2XdvoURCxnZ918UgGf627YDN8WSEDr2mlZ6DcYOAsSLCvAaPEi7M99L6LHanuAvxKPMUr42%2FjMA5Sn6tAfQEJg44nYsuC5pWfWDD5lL0fJn5Khkcl0aMi2TEoHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272dae1b9a9baa-FRA
content-length: 20997

GET
H/1.1 200
OK 17.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 8 KB
3 KB 10ms
10ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/17.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63649b0266963dc62ef62f4f019da966ae28076f19d7d6b97244a9400cbed560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: CDG50-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 2767
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
Server: AmazonS3
ETag: W/"96ec5f5fa0d1d772c995175b6b1b3b58"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: LIJ6rjJeOmQXaJCVoFI1ghHSxhY_sNiRuuCPBmf2KTp3dyt6mtDTTg==

GET
H/1.1 200
OK yam_tw.js Show response
api.popin.cc/searchbox/ 202 KB
44 KB 1305ms
521ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/yam_tw.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 371722f47878cd66124d37d626048abb68989991ca24f195255ff3dbefc9ab12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 08:43:04 GMT
Server: nginx
ETag: W/"84a2dc0ff7fb291464b3d865f01b25c0"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: HyXNegH2pxvuZ66x0g3dk4B5ABlll2ny
Expires: Wed, 27 Apr 2022 12:22:07 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 49ms
7ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 87
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1bea0af8-d01e-008d-6f28-5adfa7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Wed, 27 Apr 2022 11:52:06 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 289 KB
83 KB 38ms
12ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=c5a623a9481afd2f65372f207a4ba329

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ebc5d7494653df4a6a39c95fbf42fd26b6ae88b077610bd592f3e7f21bbfdcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://n.yam.com/
Origin: https://n.yam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fQbo0bcrPhteRoJec/McoA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84509
x-fb-rlafr: 0
x-fb-debug: L07uxGv/PwGlAIdQOJk2rJvSBkeFHFpKGTQzPEOVdmeLNdUSoTDmG7UnFSBbkzlknvyTm1qdFNKKnh4QqP+jdQ==
x-fb-content-md5: e29fd131ac470f64e37e989314d2944b
x-frame-options: DENY
date: Wed, 27 Apr 2022 11:22:06 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4625ad043f319e0ce03579730e01aa30"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 27 Apr 2023 11:16:19 GMT

GET
H2 200 / Show response
weather.yam.com/API/GetNowWeather/ 161 B
558 B 657ms
638ms Script
text/html 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://weather.yam.com/API/GetNowWeather/?callback=jQuery111306884759850768345_1651058528429&Country=%E5%9F%BA%E9%9A%86%E5%B8%82&_=1651058528430
Requested by: Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / IMKEVIN
Resource Hash: bca5c2253ea890af6bfad25a0203ec21bcbf636f55b092c3f16056b0b176a3c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnetmvc-version: 5.2
x-powered-by: IMKEVIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xpEMHrfYlcWWwG%2FdScg%2B0hM1j2ULQl%2FxQuptbS6le6ue4rR3eyXlg3PIgkfxCCYZs5rcmXpxxRv8%2B02XhrxwPnwVOyx49tn%2BKuJkf90RLCK3%2FMWeoc7qYQNRLK4KJ0uIs78rCvLtNmDRrmWuTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 70272daf3d739baa-FRA
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK index.html Show response
vote.yam.com/CF/ Frame 7CBE 3 KB
2 KB 460ms
177ms Document
text/html 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vote.yam.com/CF/index.html

Requested by

Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

802d7ad55ea8d9131e05478254f8c97799ec598368054fe0a8d76606364a71b7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Content-Encoding: gzip
Content-Length: 1341
Content-Type: text/html; charset=utf-8
Date: Wed, 27 Apr 2022 11:22:06 GMT
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H3 200 pubads_impl_2022042501.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 70ms
37ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 05:01:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22858
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126856
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 08:44:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Apr 2023 05:01:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
380 B 65ms
36ms XHR
application/json 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

c14898704c00890005ec19c479e1ef947e29864180cffd99337c583f1d86b362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 355
x-xss-protection: 0
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 64ms
24ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a0e2fb4c4da66c6c63c42d6cb7e5c8aa38e218c677719914a9908cfd4540999

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67734
x-xss-protection: 0
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
29 KB 94ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPVR9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f22dc991b7fd59bfb5a853fdb9f680208e56b9a25c4aa5acb9cd6a6374b102d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28723
x-xss-protection: 0
server: sffe
etag: "1198 / 824 of 1000 / last-modified: 1651057645"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H/1.1 200
OK 20.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 313 B
796 B 13ms
11ms Script
application/x-javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/20.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 088918082f62717d37a1d62e8a251e9a4e10d036090fddbbba37ca7bc03335fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Akamai-Mon-Iucid-Del: 1125181
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
ETag: "6119b2ac9d0a088fcb9b2aef09798137:1611638381.741828"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 26ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241039752194&ev=fb_page_view&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&rl=&if=false&ts=1651058528866&sw=1600&sh=1200&at=

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Wed, 27 Apr 2022 11:22:06 GMT

GET
H/1.1 200
OK 1.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 15 KB
6 KB 9ms
8ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/1.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4ac0fd75bb413471276f5f9b2a919915a2eff38553fb71b72222cf562831488

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA6-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 5371
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Server: AmazonS3
ETag: W/"221846096397a0c6f61270d77debdb3d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: DTzuyCBeUJAPYFbAs0OBxT2cKs3By_WOSoNgQbqNu7IK21HyDlP_tA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 102ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 76ms
24ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 125 KB
24 KB 428ms
427ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2963927287132213&correlator=1462444779496818&eid=31065714%2C31067189%2C31067287%2C31064019&output=ldjh&gdfp_req=1&vrg=2022042501&ptt=17&impl=fifs&iu_parts=21787810958%3A22074138688%2Cn.yam.com_pc_rightcolumn_11147%2Cn.yam.com_pc_belowthetext_11190%2Cn.yam.com_pc_lowerrightsideofthetext_11191%2Cn.yam.com_pc_belowthetext-2_11193%2Cn.yam.com_pc_mastheadabove_11146&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x600%2C300x250%2C300x250%2C728x90%2C728x90&ifi=1&adks=612007488%2C4227949366%2C3012977291%2C3325937427%2C582681056&didk=4287479762~3910742065~2018182810~2730927322~3161125085&sfv=1-0-38&ecs=20220427&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1651058528942&lmt=1651058528&dlt=1651058528356&idt=540&biw=1600&bih=1200&adxs=1050%2C710%2C1050%2C250%2C436&adys=659%2C1254%2C1259%2C2125%2C215&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x1160%7C760x0%7C300x1160%7C760x2472%7C1600x3163&msz=300x-1%7C300x-1%7C300x-1%7C728x-1%7C728x-1&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=648430392.1651058529&ga_sid=1651058529&ga_hid=136001255&ga_fc=false&btvi=0%7C1%7C2%7C3%7C0&nvt=1

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1785636b23e2af9eab48f7f0edb10b1422389054e441ac2d0966db8486032b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24186
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-2,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-2,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://n.yam.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB6D 6 KB
4 KB 95ms
22ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Thu, 27 Apr 2023 11:22:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
343 B 63ms
21ms Ping
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=2oe4p0&_p=136001255&_z=ccd.NbB&_gaz=1&cid=648430392.1651058529&ul=en-us&sr=1600x1200&_s=1&sid=1651058528&sct=1&seg=0&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&dt=%E6%98%9F%E5%B1%95%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B9%B3%E7%A8%85%E4%BA%AB%E6%9C%80%E9%AB%981%2C000%E5%85%83%E5%88%B7%E5%8D%A1%E9%87%91%E6%88%9612%E6%9C%9F0%25%E5%88%A9%E7%8E%87%EF%BC%8C%E5%88%B7%E5%8D%A1%E7%B9%B3%E7%A8%85%E6%BB%BF100%E8%90%AC%E5%86%8D%E4%BA%AB2%2C000%E5%85%83%E5%88%B7%E5%8D%A1%E9%87%91%20%7C%20%E8%95%83%E6%96%B0%E8%81%9E&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
343 B 344ms
217ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RE4LTMGVEF&cid=648430392.1651058529&gtm=2oe4p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 60ms
13ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3895
date: Wed, 27 Apr 2022 10:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 27 Apr 2022 12:17:11 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 77ms
40ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=648430392.1651058529&gtm=2oe4p0&aip=1&z=494595842

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 12.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 39 KB
12 KB 9ms
9ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e70d938561bf4d2cc26cb6f7db5634c5c1cc7c5f2c21fa330185739cf07e126d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA2-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 12058
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Server: AmazonS3
ETag: W/"cdc38c354b8c2f290e9f37de6f266cc4"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: _d7mXYr6jPww1fR68j7BAS2gqlsm7f7VJWNTLEGlFf9woKMe1fbEcg==

GET
H/1.1 200
OK 11.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 19 KB
7 KB 17ms
7ms Script
application/javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/11.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20b7efa85f61ef7ed2b2a29f97c40b2d8c698442e6671058ef3af71ed882b104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: CDG50-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 6919
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Server: AmazonS3
ETag: W/"71a845966ac857cbd92eb36c3ba42ffa"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: urSixQjBfkwTLdRQxPDk1hyZEGdx6gXFlgkH8niM1gfNo5DTTqdrdw==

GET
H/1.1 200
OK 4.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 21 KB
5 KB 22ms
7ms Script
application/x-javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/4.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e39f4d0766632aea74b7e75ca572ac66208ffbce5582069a9c1ef9ebbe69d0b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
Connection: keep-alive
ETag: "06218dda9acb30194dda4bf39e9562a2:1611638349.831233"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 4669

POST
H3 202 / Show response
sessions.bugsnag.com/ 21 B
34 B 187ms
150ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://n.yam.com/
Bugsnag-Sent-At: 2022-04-27T11:22:09.018Z
accept-language: de-DE,de;q=0.9
Bugsnag-Api-Key: 5a1b4843624276a4f4c992765be3024f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:22:07 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 195ms
157ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://n.yam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 27 Apr 2022 11:22:07 GMT
via: 1.1 google

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 59ms
20ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=136001255&t=pageview&_s=1&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&ul=en-us&de=UTF-8&dt=%E6%98%9F%E5%B1%95%E9%8A%80%E8%A1%8C%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B9%B3%E7%A8%85%E4%BA%AB%E6%9C%80%E9%AB%981%2C000%E5%85%83%E5%88%B7%E5%8D%A1%E9%87%91%E6%88%9612%E6%9C%9F0%25%E5%88%A9%E7%8E%87%EF%BC%8C%E5%88%B7%E5%8D%A1%E7%B9%B3%E7%A8%85%E6%BB%BF100%E8%90%AC%E5%86%8D%E4%BA%AB2%2C000%E5%85%83%E5%88%B7%E5%8D%A1%E9%87%91%20%7C%20%E8%95%83%E6%96%B0%E8%81%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1469602225&gjid=455759046&cid=648430392.1651058529&tid=UA-16227618-1&_gid=665525411.1651058529&_r=1&gtm=2ou4p0&z=783079081

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://n.yam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 9.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 17 KB
5 KB 21ms
20ms Script
application/x-javascript 2a02:26f0:3500:16::215:1484
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/9.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1484 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a0682a63b832d3473c0eca3dce6a3b09909c0deb86eb24df79d766221e37b5bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
Connection: keep-alive
ETag: "68fe73af4e8d07add176403af71b4107:1611638356.930142"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 5083

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 186ms
186ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16227618-1&cid=648430392.1651058529&jid=1469602225&gjid=455759046&_gid=665525411.1651058529&_u=YADAAUAAAAAAAC~&z=1575922466

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://n.yam.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 27 Apr 2022 11:22:07 GMT
content-type: text/plain
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK style.css
vote.yam.com/CF/css/ Frame 7CBE 2 KB
1 KB 165ms
165ms Stylesheet
text/css 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vote.yam.com/CF/css/style.css

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c45efbafbdd63225cd5d53367a7764a9b1c495e496ad5628bdb1d0b9a585d830

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Nov 2018 06:15:26 GMT
ETag: "0d310466176d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 867
X-XSS-Protection: 1; mode=block

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ Frame 7CBE 85 KB
30 KB 39ms
14ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1651058527.dop126.fr8.t,1651058527.cds277.fr8.hn,1651058527.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK jquery.devrama.slider.js Show response
vote.yam.com/CF/js/ Frame 7CBE 51 KB
10 KB 159ms
159ms Script
application/x-javascript 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vote.yam.com/CF/js/jquery.devrama.slider.js

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ffd2a11d59a7fbb41a2008eb97336977f9f37ebe8156cd8adc4a9ac24b96dc78

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9412
X-XSS-Protection: 1; mode=block

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 73ms
38ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16227618-1&cid=648430392.1651058529&jid=1469602225&_u=YADAAUAAAAAAAC~&z=1632935246

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 90ms
38ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16227618-1&cid=648430392.1651058529&jid=1469602225&_u=YADAAUAAAAAAAC~&z=1632935246

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b.png
weather.yam.com/Images/status/news/ 2 KB
2 KB 625ms
624ms Image
image/png 2606:4700:3030::ac43:d4a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weather.yam.com/Images/status/news/b.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:d4a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0489faa8e88bbeacabb56e60f4e2211b979a336f06a69ec470c1687344edec94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
vary: Accept-Encoding
cf-cache-status: REVALIDATED
last-modified: Thu, 18 May 2017 09:27:41 GMT
server: cloudflare
x-powered-by: ASP.NET
etag: "a7fb9ffb8cfd21:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJdAUU3TOCyeIWbdLmymb%2Fws5O5%2FCm4SGxQKOXHLpNXIhoYp3zq1Fk7myGfSZV%2FKgzeXMgvqnInWW82GBzRX1akdD7KiYmiUkGvU76N20aCCPeOAIpi22W4RnjcejGGXxiY9RpUulrkeDbn4GQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70272db33c409baa-FRA
content-length: 2172

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 9B0C 222 KB
62 KB 81ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B0C 16 KB
6 KB 99ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B0C 96 KB
29 KB 100ms
42ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B0C 5 KB
2 KB 106ms
49ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 9B0C 42 KB
13 KB 108ms
51ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 435049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B0C 8 KB
1 KB 67ms
22ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 09:38:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 11:22:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 27 Apr 2022 11:22:07 GMT

GET
H3 200 container.html Show response
15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E80 6 KB
3 KB 57ms
28ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Thu, 27 Apr 2023 11:22:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9B0C 3 KB
4 KB 60ms
14ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:12:48 GMT
x-content-type-options: nosniff
server: cafe
age: 68959
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7688947696963022458
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 27 Apr 2022 16:12:48 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9B0C 344 B
449 B 60ms
15ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 16553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Thu, 28 Apr 2022 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9B0C 0
0 57ms
26ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHB3fq2K3uEgRCu20U6tuYrfXVJ6DkaAqiLAJOOXTNHR9_cR2kntv5AT9S7UBv6_DNzQsb3qtmcI-VPt_d92td3X1pfw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9B0C 0
0 58ms
57ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CYxcYXidpYsSINqeV7_UP-_6Q-AXPl6LwaOz-9PqgD9zZHhABIPXMwnBglYKAgKAHoAHb6d2ZAsgBAakCe4zlDrcgcj7gAgCoAwHIAwqqBPIBT9COJusQIQ0nvIHn5IEGeLhPpyTeYkthrWW59IwZpgSi9_OFkbNh-qRbJM6uHO61xY54w5ibbuKlw6uCEINrbRPm0cp35dewNcssATQipxrSQxU4WVhnrO0aOU-T-Gb4hOGeLzhAgLJLzF3q_RVNjJ0yE2oiKK1XtFejmFaBuiIxpEq2Hq7iPYbr9l5ouTC8oQabwxVNB-d2I9Jkgucb0gRuYPisK1uZfE46jmtFv1NYnqW5gfMKjEgKFZyVgFImJsqqODNRW3uN1_h7c9-GQ94KwozCnjP5Ye5cPu3eS1E8sniT7GyHxnbt12keo28JWcrABL7IvJ_wA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeNlqLmAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENmCI9IICQiI4YAQEAEYHYAKA8gLAbgTnSfYEw2IFAPQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTMxMDg1MjYwNDMzNTI1NBiu328&sigh=wTqmc7iNMPc&uach_m=[UACH]&template_id=5021
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 container.html Show response
15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 006F 6 KB
3 KB 44ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Thu, 27 Apr 2023 11:22:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B9C1 6 KB
3 KB 41ms
27ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Thu, 27 Apr 2023 11:22:06 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK CFbg.png
vote.yam.com/CF/images/ Frame 7CBE 88 KB
89 KB 163ms
162ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/CF/images/CFbg.png

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1655a16462aefd8ddafed3e67e58288cca40bcfecdf58be3bb9f1bf7512b81ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 90554
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK voteLink.png
vote.yam.com/CF/images/ Frame 7CBE 92 KB
93 KB 159ms
158ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/CF/images/voteLink.png

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ca71ea48130126151c7bb6ae861a878d386eef42a940fd193e672c304357b063

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 94513
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK hand.png
vote.yam.com/CF/images/ Frame 7CBE 89 KB
90 KB 483ms
166ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/CF/images/hand.png

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

849d0cde47450bead63722e7f6b938226b2bbb65e5d9ec606c6ecfe367e922aa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 91505
X-XSS-Protection: 1; mode=block

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5528951765370586104/ Frame 9B0C 830 B
857 B 96ms
41ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5528951765370586104/downsize_200k_v1?w=100&h=100

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c1ede63b553821e52e3b9f599c3d32b5c426d4940f58435a1f1f0335e62d79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 01:34:49 GMT
x-content-type-options: nosniff
age: 380838
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 20:19:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 23 Apr 2023 01:34:49 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/5794832751872337020/ Frame 9B0C 14 KB
15 KB 86ms
34ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5794832751872337020/downsize_200k_v1?w=400&h=209

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03997ba2f51db0dd37cad224063598246d4066c38fd6d574254f37596a12bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 21:08:14 GMT
x-content-type-options: nosniff
age: 51233
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 10:02:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 21:08:14 GMT

GET
DATA 200
OK truncated
/ Frame 9B0C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3268716aa426609361a98aa0e039b338722be38092876ccb369f50462444115

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9B0C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9B0C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f08d4480e40d16f5bbebc68075a3f3b6a881331c2456f3cfc10650d6753560be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 9B0C 28 KB
28 KB 52ms
14ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://n.yam.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options: nosniff
age: 47400
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Apr 2023 22:12:07 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 006F 0
0 53ms
52ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CWmGfXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkAJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprBq9TxnIwGGQXlfSKrwdCb5nuQAOYoMjhGRk24rsXzHF9fGp5Oss-AEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTMxMDg1MjYwNDMzNTI1NBiu328&sigh=ZHveOKIQhVg&uach_m=[UACH]&cid=CAQSPgCNIrLMCftM_zlM-f4BoAatJmwcfopyMKQ-hRHtl1WmPebzzRssPy2SARfDhVtZNeqSbf1cR9GDur39_QhRGAE
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 006F 2 KB
2 KB 125ms
27ms Script
text/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=38516438;rtbwp=YmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g;rtbdata=jMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_169pulvBd3_0GORn0jKkv7qAz6Zw&client=ca-pub-1310852604335254&adurl=

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

76ede460598ea78cdcb69094a11abfd6c04e4cfcc90990ffaaf9c5415bd2ea38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1783
expires: -1

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 006F 3 KB
1 KB 60ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:17:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 006F 119 KB
36 KB 75ms
44ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:22:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 006F 15 KB
6 KB 41ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 006F 0
0 22ms
21ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMmw76uZjt9fUJdvwelbd5GkGhelCsJq4ICrlxxLHgR9Jtlr_MbhieFabsQC2RxwLHJYs2dA_CaTfpV6TPxzB6Jlf6GQ
Requested by: Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 006F 22 KB
7 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 16:41:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B9C1 0
0 55ms
54ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr0zlXidpYseINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoE-wFP0NnS24nB4BItfdx9dM-Xjmf4_nQh54UkFfYYfbUMbvAtJLbd-a0WKwPW7AUYvrNVrUe0SVvrBUjTMWIu0U6hMYM_zIFCDkMHqj0v8WvCA-xrrHmh64toUmYpxv1wDFb-xtyiq2r0315CH9fUN__u4TMOS6yPoGErNKv-5cf7vQddWciiXgRi8DlR6sRxcJCH84MdF9RyY4a4MMTc-lw6SuLogw_L4corSCl0o9ZLnlsFDLVrt_8hTZaOJuF4q7fM3hEYIgANLbP4ZLBPOPhHYHtXgD43p2TmE4s5Z6yShoeiqRlbjTccCAr8J2l-kxAYiop4ZS0s5YTq7OAEAYAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTMxMDg1MjYwNDMzNTI1NBiu328&sigh=ePvP4zFaUYs&uach_m=[UACH]&cid=CAQSPgCNIrLMCftM_zlM-f4BoAatJmwcfopyMKQ-hRHtl1WmPebzzRssPy2SARfDhVtZNeqSbf1cR9GDur39_QhRGAE
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame B9C1 0
0 45ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kPi0Ecg12AVanYNiAgIAAADHc9DTpYyxDBBeJ2litGAeDTbf4pexaOoAEgAA&wp=YmknXgANhEcIu8qnAAQ_e9rhnJH_fFScYPWf8w

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 253246
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4809 157 KB
51 KB 133ms
98ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YmknXgANhEcIu8qnAAQ_e9rhnJH_fFScYPWf8w&u=%7C52gcrzwsC%2F3BZ448jU6O%2Fpe88dS3%2BMtR%2B%2F2yg%2FQAGdQ%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqDI9CrYEs2a5ZhFQbylTFRJylyMHiQnRW9fMn3BtQBfL3zdvhiI0szGKLf1f2ORoRIAkZIkeClZY9XaA8z0fADPTfgt0EVsqrIAIz_xK5CYCg6PJZmi6N1WdC1uZ2NbJ5Lj2YFLdBM8uROKFdM_x9of-ShQJ3XehKkVNCMLaZ9OBmmKHhh7ek6yYWEzq6VqySB9dtqRenOC8eIirjojeqKRvQQAi3IPQ0geXHBRkTC_Qj__ylfrxB9n8EVkGYxsuTuHuZ_dy8BaR47BLjs35UzNVcdNxzDvt-OQDGijVEY_Q-iTCy6B2LVSI9kes0_cO7DHBVTu_do1-F1P1XRsAYl6NDutiEc8Jd8tepeH-jlAQm0LzPOkkhn2tbZCCQQtHI640ru8ZpH_Rf4iDZD-nYYrvurLenz87qGND7L772f4zNhYwNiEyrRR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOudUXidpYseINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoE_gFP0NnS24nB4BItfdx9dM-Xjmf4_nQh54UkFfYYfbUMbvAtJLbd-a0WKwPW7AUYvrNVrUe0SVvrBUjTMWIu0U6hMYM_zIFCDkMHqj0v8WvCA-xrrHmh64toUmYpxv1wDFb-xtyiq2r0315CH9fUN__u4TMOS6yPoGErNKv-5cf7vQddWciiXgRi8DlR6sRxcJCH84MdF9RyY4a4MMTc-lw6SuLogw_L4corSCl0o9ZLnlsFDLVrt_8hTZaOJuF4q7fM3hEYIgANLbP4ZLBPOPhHYHtXgD51pUV0lASldBMOkiRylL-jhCMWvgDSP-vKWy2-eDVmSTWpTwD5Uw5W--AEAYAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07x7xUeKULABVqXrhZi7QkbthfhQ%26client%3Dca-pub-1310852604335254%26adurl%3D

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e27c27c764365da7566b210236a634bcac5d7a6b9e7228989b6c01d7066352f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BD7QbpFRI3NhTQLvEokOK8EVaRhJcYdU7ytQpZOqeXWkbBbeFrFDf5w-u6LOyBjsAaDw9XIQKBY8RmeO6iex-nQbLq4cgxnDAXKlpQJZSAMdtL6nShn5eoZSeNA51rokbLWeVZ6fP0tiokV3qu7DJ0-LSLqF5ngRSTTfwe2AGS-sC2UMyitYpKoALoRT3figzCbNGm29_f1BnD5YH54M10TGf93_0U14Msu6x9JAdMPJT-RBaBuXi3uSkBGmdiB0phkJFA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 83720538
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame B9C1 3 KB
1 KB 54ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:17:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9C1 119 KB
36 KB 64ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:22:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame B9C1 15 KB
6 KB 27ms
16ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B9C1 0
0 22ms
21ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfI4d37zBwC4Tk1jH2UUIakKdUQEPbg4V1lF5zETeuYOcIXS3R97WKofFuu89n70CCGIVm2ABJFYv6MA0ION2nB4Yo4A
Requested by: Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B9C1 22 KB
7 KB 24ms
14ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 16:41:02 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9E80 0
0 55ms
54ms Fetch
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CB_TYXidpYsWINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEhAJP0Ej1p9rKG_J0svuKw0tRaCZekBs7HcAuENc8wfi63wF2s1d8LvDfS5J7ski3_AKFG3BZ9dKJjpyO7uU4RObXY1fOrEm5oTWvxdTce3vnaSVZ6ffLlDA9q4-3LQRJD0zbLbTWCTks7b6X33h2C5x-L5-QHVlwRk9nPlJtlI7YV7cAodOsn4tZ3CWFqSWEEGEq-T0qO4grBbrQTfNQAJKBn0sbgTKA5ekJaM_WRD1BdngZAhmDDOy0NrgtMcz2L_VEjIY3wc-WscIp9MFI7CwqlUJmUiOTH-T7YLSwgeqD4nFChUUTA36VPW06HWZNwzv7oYahgq3eDlPOnZycsECyP6lSTuAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTA4NTI2MDQzMzUyNTQYrt9v&sigh=PSTdAFMoxHM&uach_m=[UACH]&cid=CAQSPgCNIrLMCftM_zlM-f4BoAatJmwcfopyMKQ-hRHtl1WmPebzzRssPy2SARfDhVtZNeqSbf1cR9GDur39_QhRGAE
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 9E80 0
0 40ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kP2jEsc1rAL6AZ2DYgICAAAAx3PQ06WMsQwQXidpYnv0iH90F4yfsjcKABIAAA&wp=YmknXgANhEUIu8qnAAQ_e0L0KfbSpTFLgshmbQ

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 336435
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2009 46 KB
18 KB 51ms
19ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YmknXgANhEUIu8qnAAQ_e0L0KfbSpTFLgshmbQ&u=%7C52gcrzwsC%2F2EaIFPBjfRI0%2F82%2BbvrGf34cWe%2FyuT%2BiI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltC0se4Bk8H8lnjepuMmDuqeEru-rpUvJG7ZbaS5XvW6IhRRiOb3i0h1HdwaAYJGSfC88V9gfL1LulvJOTyxIsSSgex3Ju06ff-gD0Wt_ux9_LYc1gmrw1WERN_I9D28XF-_7TsoTrSi8df2qbj95P7dHu8zdFW5TQUrj1keVfCL-DNGANyjZbwRemOwiweXm3VjmoIe_EA8_pkaH_IVMVVz9lYX1KPkU4b2fWsF8gRAojcG1UkWa5UTvw71_AWe9viLB3z1kXe7MMTTqdO3RiX4Kc68bTxxVdrN5gmgY-If4yInKcwJCHL1TJ6eFbQ0bZOKIhSyPM6-H7Bwb3ZD0oMgbUOmuUj6ZcVT2OEADipx8pGfPeST_GV0HP3PtlL_5m&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDgGMXidpYsWINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEhwJP0Ej1p9rKG_J0svuKw0tRaCZekBs7HcAuENc8wfi63wF2s1d8LvDfS5J7ski3_AKFG3BZ9dKJjpyO7uU4RObXY1fOrEm5oTWvxdTce3vnaSVZ6ffLlDA9q4-3LQRJD0zbLbTWCTks7b6X33h2C5x-L5-QHVlwRk9nPlJtlI7YV7cAodOsn4tZ3CWFqSWEEGEq-T0qO4grBbrQTfNQAJKBn0sbgTKA5ekJaM_WRD1BdngZAhmDDOy0NrgtMcz2L_VEjIY3wc-WscIp9MFI7CwqlUJmUiOTH-T7YLSwgerB4FDQAsqPEMEJKc7qIMC1yi_xF4yPmi9qxm5obyOCnFg3lS1B8dCl8eAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EAzOxiW_Fi0pducbxmGToExFs-Q%26client%3Dca-pub-1310852604335254%26adurl%3D

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ddbaa241603e7005d811f8dde6d40142729875d84afc623635a5d7c138e5725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:06 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mukGnJFRI3NhTQLvpTqhdItzshFl2H2T_wC5_PMoJ6xyrYApzpQpFvNeRx8I1lM5FolvimS_2gnB-sw9WLIBcC1kF0FpPrab7adt4Xx2iAu-LHlNvK7VQnu3z1Jh3TtFz1GWQnuFzjBgqujZdx1wgtzUWH5LDizexTm7ptIH8JlR7qB2z0NCGHb6nKzYILYvgA_Wm1F1ZJQd2qEZ6P1sCpTlnJYU5tOC0rEQcWjmwQ5Oy3Is6oEX0BeCTQDXtqhQqq7mpg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4385024
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 9E80 3 KB
1 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/window_focus_fy2019.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:17:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E80 119 KB
36 KB 48ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:22:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/ Frame 9E80 15 KB
6 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220425/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:19:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 11 May 2022 11:19:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9E80 0
0 22ms
22ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWdcc39WuouuN_gQb3C2lpSrT0KhrNNG8qprs6LHw_8jhoh_HJxxtslQD-ttAze_Kwh8WcEaqnnBUvcGXVuhVtVw6QaQ
Requested by: Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9E80 22 KB
7 KB 37ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
URL: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 16:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 26 Apr 2023 16:41:02 GMT

GET
H/1.1 200
OK 20220216%5C2022021606240040.jpg
vote.yam.com/imgfix/ Frame 7CBE 21 KB
21 KB 421ms
158ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20220216%5C2022021606240040.jpg?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51ca87b12204ad5cee868cee2c5955d719b06a9cfb5d525a070e2bbe450593f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 30 Mar 2022 13:02:24 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=29122816
Content-Length: 21384
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Mar 2023 13:02:24 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2009 2 KB
1 KB 49ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmknXgANhEUIu8qnAAQ_e0L0KfbSpTFLgshmbQ&u=%7C52gcrzwsC%2F2EaIFPBjfRI0%2F82%2BbvrGf34cWe%2FyuT%2BiI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltC0se4Bk8H8lnjepuMmDuqeEru-rpUvJG7ZbaS5XvW6IhRRiOb3i0h1HdwaAYJGSfC88V9gfL1LulvJOTyxIsSSgex3Ju06ff-gD0Wt_ux9_LYc1gmrw1WERN_I9D28XF-_7TsoTrSi8df2qbj95P7dHu8zdFW5TQUrj1keVfCL-DNGANyjZbwRemOwiweXm3VjmoIe_EA8_pkaH_IVMVVz9lYX1KPkU4b2fWsF8gRAojcG1UkWa5UTvw71_AWe9viLB3z1kXe7MMTTqdO3RiX4Kc68bTxxVdrN5gmgY-If4yInKcwJCHL1TJ6eFbQ0bZOKIhSyPM6-H7Bwb3ZD0oMgbUOmuUj6ZcVT2OEADipx8pGfPeST_GV0HP3PtlL_5m&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDgGMXidpYsWINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoEhwJP0Ej1p9rKG_J0svuKw0tRaCZekBs7HcAuENc8wfi63wF2s1d8LvDfS5J7ski3_AKFG3BZ9dKJjpyO7uU4RObXY1fOrEm5oTWvxdTce3vnaSVZ6ffLlDA9q4-3LQRJD0zbLbTWCTks7b6X33h2C5x-L5-QHVlwRk9nPlJtlI7YV7cAodOsn4tZ3CWFqSWEEGEq-T0qO4grBbrQTfNQAJKBn0sbgTKA5ekJaM_WRD1BdngZAhmDDOy0NrgtMcz2L_VEjIY3wc-WscIp9MFI7CwqlUJmUiOTH-T7YLSwgerB4FDQAsqPEMEJKc7qIMC1yi_xF4yPmi9qxm5obyOCnFg3lS1B8dCl8eAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3EAzOxiW_Fi0pducbxmGToExFs-Q%26client%3Dca-pub-1310852604335254%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2009 2 KB
1 KB 58ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2009 308 B
636 B 16ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 2009 507 B
835 B 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 2009 43 B
348 B 67ms
22ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6F4QwFoP_H7J1_x3E8eUhKiuzOmNiiKRbTKaE2sPGtrVd41qosi25JWNyQDA8Di20INIgtTEuocAf-qGKboIrT8Nhvezw8r1pM0KkMvNZlIHGIwA0VDOvQe5WAl3EsdCsBpF59MhUzq2PL5wC177_zgEtg3UYZquYLN-noEqvgaaTfjlITzt4nppTtxtxWAagU_O3NKfsxWrATOxHYzqY8FPDxTXvMXQRlnoQfkn387BeCkWhRBmN3GoEx3TgSIMPIk6TBOGlweneZzJJV8pIqQozkXPnFPeAzPwsmNskSAh7AATviSX7v1HX3Iswy3dWHM7XnpBA6dR328Tj82XvAoR4DQ4S9S2h9fAhIoi6ht1FUqz-EVtWNMkQ8FatxcavOxJu463gBmdLmVJcr1XCTPntCTlrWc9oZgUiv1ts_1e7YSUMmeTLn8v_Sy_O8UdzU4xWQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2861854
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 2d112036c77d4afab9d89c88dc3241ee_image_ad_300x250.gif
static.criteo.net/design/dt/90764/220415/ Frame 2009 262 KB
263 KB 25ms
24ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220415/2d112036c77d4afab9d89c88dc3241ee_image_ad_300x250.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9f0f06f248aba9887a722a3e9f52d799bd14f50ff1e2e90de6e824e47b4d6ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
last-modified: Fri, 15 Apr 2022 14:42:12 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "62598444-41972"
strict-transport-security: max-age=31536000; preload;
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 268658
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
DATA 200
OK truncated
/ Frame 9E80 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dde7f8c0cbe534b8d1132eb4ecb6624275c3bbdd548b0e4393938fa3d2b2d965

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B9C1 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1ac2ee5e6045bca19c73954a162c282fba4b1bf27c531dc0aee2823aaeaddb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 006F 33 KB
16 KB 85ms
18ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=38516438;rtbwp=YmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g;rtbdata=jMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_169pulvBd3_0GORn0jKkv7qAz6Zw&client=ca-pub-1310852604335254&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 28 Apr 2022 14:12:56 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4809 2 KB
1 KB 44ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmknXgANhEcIu8qnAAQ_e9rhnJH_fFScYPWf8w&u=%7C52gcrzwsC%2F3BZ448jU6O%2Fpe88dS3%2BMtR%2B%2F2yg%2FQAGdQ%3D%7C&c1=_NI8BLwYfdjLtu2XXyl3EF-WLK-EqPqldu1bQqpFCqDI9CrYEs2a5ZhFQbylTFRJylyMHiQnRW9fMn3BtQBfL3zdvhiI0szGKLf1f2ORoRIAkZIkeClZY9XaA8z0fADPTfgt0EVsqrIAIz_xK5CYCg6PJZmi6N1WdC1uZ2NbJ5Lj2YFLdBM8uROKFdM_x9of-ShQJ3XehKkVNCMLaZ9OBmmKHhh7ek6yYWEzq6VqySB9dtqRenOC8eIirjojeqKRvQQAi3IPQ0geXHBRkTC_Qj__ylfrxB9n8EVkGYxsuTuHuZ_dy8BaR47BLjs35UzNVcdNxzDvt-OQDGijVEY_Q-iTCy6B2LVSI9kes0_cO7DHBVTu_do1-F1P1XRsAYl6NDutiEc8Jd8tepeH-jlAQm0LzPOkkhn2tbZCCQQtHI640ru8ZpH_Rf4iDZD-nYYrvurLenz87qGND7L772f4zNhYwNiEyrRR&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCOudUXidpYseINqeV7_UP-_6Q-AXJntKxXNWdkfdwwI23ARABIABglYKAgKAHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQJFS0GiG9GxPuACAKgDAaoE_gFP0NnS24nB4BItfdx9dM-Xjmf4_nQh54UkFfYYfbUMbvAtJLbd-a0WKwPW7AUYvrNVrUe0SVvrBUjTMWIu0U6hMYM_zIFCDkMHqj0v8WvCA-xrrHmh64toUmYpxv1wDFb-xtyiq2r0315CH9fUN__u4TMOS6yPoGErNKv-5cf7vQddWciiXgRi8DlR6sRxcJCH84MdF9RyY4a4MMTc-lw6SuLogw_L4corSCl0o9ZLnlsFDLVrt_8hTZaOJuF4q7fM3hEYIgANLbP4ZLBPOPhHYHtXgD51pUV0lASldBMOkiRylL-jhCMWvgDSP-vKWy2-eDVmSTWpTwD5Uw5W--AEAYAG752BpNeVrZsboAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_07x7xUeKULABVqXrhZi7QkbthfhQ%26client%3Dca-pub-1310852604335254%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4809 2 KB
1 KB 44ms
44ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4809 308 B
636 B 16ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 4809 507 B
835 B 18ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 4809 43 B
347 B 24ms
22ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=5PyXzYg-poybwsuAdP9_CjMBxtsyCg-7ALLHCfrQPqKcyS-ZoNML0-fLp8lWhuBOZImrIMDkgO4zRBN4hbwIegiYqMMl1pKMveWvvt7JIkZySnDa3hNNsqnmuXMnpuHrOkzLqoZU-JKOwS3jNpMXMeyJ7ZnGdAgwMXzpqzLyT28cuxYQE2tw6yTlc03toGbANtmm9AIcmSBWwYRzZf0jgMuONxJmEEOHuAeJJwjFnSKT0S5zBYmldmk3i9S4Wpt4T9hHe-iuVNrGzjWfZqNyLLvpebtPpgM1IZk10BatWxFimIPUL3YXg_oaWGbVvTZwIuIi27RWK65jfatlBvulpWa0wmWGJBYVmcbOS0zhHGkJwOuld-CUJqCfkqy9Nv9R8k_iDqfemnEfQs0VfnwShvde-QTBXSPiySJLcFyAcIAFDzaAzDli6W0JuiosRg-JSbx4Tg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3003016
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2009 0
128 B 63ms
18ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=mukGnJFRI3NhTQLvpTqhdItzshFl2H2T_wC5_PMoJ6xyrYApzpQpFvNeRx8I1lM5FolvimS_2gnB-sw9WLIBcC1kF0FpPrab7adt4Xx2iAu-LHlNvK7VQnu3z1Jh3TtFz1GWQnuFzjBgqujZdx1wgtzUWH5LDizexTm7ptIH8JlR7qB2z0NCGHb6nKzYILYvgA_Wm1F1ZJQd2qEZ6P1sCpTlnJYU5tOC0rEQcWjmwQ5Oy3Is6oEX0BeCTQDXtqhQqq7mpg&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:22:07 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2009 2 KB
1 KB 41ms
40ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2009 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 4809 12 KB
5 KB 38ms
15ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 347404
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX%2Fn9MNtran4tmqgtg%2Bslr%2F6eHQLRgXp7Du3Vjgro6S7PsQpWYn9vqWl84UbTgSClcZbRW4eIa3IpbwJY0YvEAzTkj4GFClZ0VZnrarTgZApVCgSaKPW2aOEPK7%2F2103kBMTITCG4s5ukAURiI4mQRWY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 70272db649465bf5-FRA
expires: Mon, 17 Apr 2023 11:22:07 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4809 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 4809 68 KB
68 KB 62ms
18ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 4809 68 KB
68 KB 86ms
47ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 4809 24 KB
24 KB 338ms
27ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=XPRAud79PKlPO2n-2Elk2RGL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29147972
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Thu, 30 Mar 2023 20:01:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4809 0
127 B 45ms
41ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BD7QbpFRI3NhTQLvEokOK8EVaRhJcYdU7ytQpZOqeXWkbBbeFrFDf5w-u6LOyBjsAaDw9XIQKBY8RmeO6iex-nQbLq4cgxnDAXKlpQJZSAMdtL6nShn5eoZSeNA51rokbLWeVZ6fP0tiokV3qu7DJ0-LSLqF5ngRSTTfwe2AGS-sC2UMyitYpKoALoRT3figzCbNGm29_f1BnD5YH54M10TGf93_0U14Msu6x9JAdMPJT-RBaBuXi3uSkBGmdiB0phkJFA&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:22:06 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4809 2 KB
1 KB 21ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4809 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 22 Apr 2023 11:22:07 GMT

GET
H/1.1 200
OK / Show response
admd.yam.com/AD_HTML/ 6 KB
6 KB 159ms
159ms Script
application/json 13.76.41.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://admd.yam.com/AD_HTML/?LSTR=yamAD_01%3A100%7CyamAD_03%3A1064%7CyamAD_10%3A906%7CyamAD_11%3A907%7CyamAD_07%3A903%7CyamAD_09%3A905%7CyamAD_05%3A902%7CyamAD_13%3A825&APP=&Charset=UTF-8&RID=0.5210990857870821&callback=jQuery111306884759850768345_1651058528429&yamAD.js&_=1651058528431
Requested by: Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.41.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / CSCWORM
Resource Hash: fd1c33927515d6b4cc7db4adca2e88307398fed6825901716d39c57ba8f46c15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: CSCWORM
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
Cache-Control: private
access-control-allow-headers: content-type
Content-Length: 6329
Expires: 1 days

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 006F 9 KB
4 KB 23ms
23ms Script
text/javascript 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=38516438;rtbwp=YmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g;rtbdata=jMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0;nofp=1;click=https://adclick.g.doubleclick.net/aclk?sa=L&ai=C5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ&num=1&sig=AOD64_169pulvBd3_0GORn0jKkv7qAz6Zw&client=ca-pub-1310852604335254&adurl=;js=1;adfxid=1x;5525;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fn.yam.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

7ae0562a5d9dd2d15bfe9dc0014fe91bfbd78fbc4395ab8aa014747024659d53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3466
expires: -1

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 006F 35 KB
13 KB 74ms
42ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash: crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 84624
x-guploader-uploadid: ADPycdu7l52mBWBll-hqLCXbkcaCo1chMkH9vph7wY-bDbYpIDMlsMkYLwETYJk3JCL-nEBWenkqir8abiKXoCX8qWuc-1yaGA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 05 Apr 2022 11:51:07 GMT
server: cloudflare
etag: W/"6842a9524c0172027959a0f7c93f8770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebj3Xki9xg6lXaBNxSeC71TL8JxjfLZ8ur9pybmo%2B%2FuvwGeTsjwUgxgYwkJjJxLzvwAuTfi%2FChdyUGK172WkatqS%2BlxO%2BFtgXiZ59BLqBEtbjmlBCqbIgKlwgOJvwGSs%2B%2F7nkCc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1649159467260020
content-type: application/javascript; charset=utf-8
expires: Tue, 26 Apr 2022 11:51:43 GMT
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11886
cf-ray: 70272db7098892b4-FRA
cf-bgj: minify

POST
H2 200 /
track.adform.net/csimpr/ Frame 006F 35 B
502 B 22ms
21ms Ping
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=38516438&csi=gXQ-7-d7yxVHG6KilUrfTDfvkUAotfRgnKRWaOGiMrDrygPkIxxfk_ceDI251nWqCKpibEN98dDEAmpLp-ute2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:07 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 ThirdParty Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ Frame 006F 34 KB
15 KB 25ms
25ms Script
text/javascript 37.157.6.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:types/ThirdParty
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Thu, 28 Apr 2022 14:40:58 GMT

GET
DATA 200
OK truncated
/ Frame 006F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3636e2778573df35bd6c188d6e3ba640ec09a54b8a1bb63ee52d5f5154f46154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 frame.html Show response
ad4m.at/ Frame 4F77 2 KB
2 KB 38ms
27ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2606928
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 70272db7afa99078-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Wed, 27 Apr 2022 11:22:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 27 Apr 2022 12:22:07 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4geGrBuVmwcTDn7xKc%2Bi3ZC1qcn2AaFZIYZzuPi8zP77o0hkO%2BEAskJtgsd9W1WVoE0qtfP9ek0OKL755qIbqmCh8uFX9txg5J%2BxDUfzYmjnR8pgYwZ17U%2BiHiQkHFAD2s3q7Y%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-generation: 1588777770164783
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration: 3
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-guploader-uploadid: ADPycdugBLBP-Vwd2B9WHPfqz7wLElCJPL4RDx_q8DQF8SE2-ZYKEh4d8NJI0q3TqTXs-Lt8QdoPKRS3lY5o3ig520BPzOfHoA

GET
H/1.1 200
OK 20180307%5C2018030702112045.png
vote.yam.com/imgfix/ Frame 7CBE 122 KB
123 KB 159ms
159ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20180307%5C2018030702112045.png?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e8f69b6bde766db99c14c08b993e7f425715dc9e4266d2fa9f0dff386306da0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:07 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 30 Mar 2022 13:02:24 GMT
Content-Type: image/png
Cache-Control: public, max-age=29122816
Content-Length: 125214
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Mar 2023 13:02:24 GMT

POST
H3 200 rs Show response
ad4m.at/ Frame 006F 2 KB
2 KB 45ms
45ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3f32eb63b4849e954e956af594c5fd2d664cd0c0156c8ff7871beff3428f7eb

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 70272db83f188fd0-FRA
date: Wed, 27 Apr 2022 11:22:08 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvTlYnmE7xA9UO7IkVz1oQwuXzH0jNoA7gouFkiVgZtQ5LOqqOnv9r57pjhuWNnDE2E6hXli7gJynoHEH9CY7Z5iPxbuKZZ0CAO5KJec9khNR6cFViY1DX6sVT4o%2BmcRW%2F674AA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-9s74

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 52ms
35ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70272db80eb48fd0-FRA
content-length: 24
content-type: text/plain
date: Wed, 27 Apr 2022 11:22:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h8bi7bLQCaNm%2B1Ae7o37rgIezEvgYZp5TErcHFjGhbI%2B9GKgnWebq188cCNLwSQmfEgbavlDMP6t04v2NwnIFqeM9IHqS8XjUWbTZfEYts3O5iG%2BwdKrmBaRWLxWlAW2TFORR8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-9s74

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame B524 3 KB
3 KB 34ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=1pvjk_FFry8ChOyxeH4hy9stefUVX1v5&g=dc8eb8c89bdf73ce5a93d25a40ffe331%2F6561563726239250546&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1651058528065&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169pulvBd3_0GORn0jKkv7qAz6Zw%26client%3Dca-pub-1310852604335254%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g%3Bcrtbdata%3DjMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYSJthTcQeuBp0dQi92zlBQMpgibRl9rSfA7k443DjFY1bGW2BhWbyNsTQQFxlGEXcLB81ifIhuSCWPLm1bDT0c668oD5CMcX5P3HgyNudZ1qgiqYmxDffHQxAJqS6frrXt0wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttps%253a%252f%252fn.yam.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f344a27a445c6ec4b0c81f0867d10e8969d3cef9e9f01c636fbb7ff18ed4462

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 70272db89c4192b4-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame B524 81 KB
11 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=1pvjk_FFry8ChOyxeH4hy9stefUVX1v5&g=dc8eb8c89bdf73ce5a93d25a40ffe331%2F6561563726239250546&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1651058528065&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169pulvBd3_0GORn0jKkv7qAz6Zw%26client%3Dca-pub-1310852604335254%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g%3Bcrtbdata%3DjMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYSJthTcQeuBp0dQi92zlBQMpgibRl9rSfA7k443DjFY1bGW2BhWbyNsTQQFxlGEXcLB81ifIhuSCWPLm1bDT0c668oD5CMcX5P3HgyNudZ1qgiqYmxDffHQxAJqS6frrXt0wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttps%253a%252f%252fn.yam.com%3BC%3D1%3Bcpdir%3D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=1pvjk_FFry8ChOyxeH4hy9stefUVX1v5&g=dc8eb8c89bdf73ce5a93d25a40ffe331%2F6561563726239250546&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1651058528065&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169pulvBd3_0GORn0jKkv7qAz6Zw%26client%3Dca-pub-1310852604335254%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g%3Bcrtbdata%3DjMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYSJthTcQeuBp0dQi92zlBQMpgibRl9rSfA7k443DjFY1bGW2BhWbyNsTQQFxlGEXcLB81ifIhuSCWPLm1bDT0c668oD5CMcX5P3HgyNudZ1qgiqYmxDffHQxAJqS6frrXt0wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttps%253a%252f%252fn.yam.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:08 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 696727
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
last-modified: Tue, 19 Apr 2022 09:50:01 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: accept-encoding
x-download-options: noopen
content-type: text/css; charset=utf-8
expires: 0
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 70272db8d9979078-FRA
cf-bgj: minify

GET
H2 200 F7CC3BE515F0823A250C23C7C6DE28F5C9445E961999253B78B0F07BE50C4997C0CD4BEE1955934E04806F81480337C7E1034A21F8EB77A4FFC611ABE0045C1A
assets.ad4m.at/product_image/ Frame B524 25 KB
26 KB 40ms
29ms Image
image/jpeg 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F7CC3BE515F0823A250C23C7C6DE28F5C9445E961999253B78B0F07BE50C4997C0CD4BEE1955934E04806F81480337C7E1034A21F8EB77A4FFC611ABE0045C1A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164569&b=GjYsBfjd8ws6JrzhKHztWHPt9wbS2TYT6jcE&f=VxqtwfMRKqfrAVKCVHetrHXCpbYFkTzTpMsQ&c=300&d=250&e=1pvjk_FFry8ChOyxeH4hy9stefUVX1v5&g=dc8eb8c89bdf73ce5a93d25a40ffe331%2F6561563726239250546&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=adfPros&r=1651058528065&h=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DC5hVuXidpYsaINqeV7_UP-_6Q-AXz2KuTXMm81LOiB8CNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0xMzEwODUyNjA0MzM1MjU0yAEJqQJFS0GiG9GxPuACAKgDAaoEkwJP0LE_R546UR_wlwScaeT4J0ux0JUfYtWl5kjs__DG-R71OmOT2jYTC9a1Z_rul3Ay44yxFBMVHYE_2M9PzShIBOD8tBYwuKCc1VPO5N3FLtIWPiMljZ1s0Lj1-tI3C0Hic7RolwG6kunJMxjlQTnFvQVE5OfciVj-ZnNzVPY-qV6bnfMFYmh6z8QS4IA-NWPCRBiQxtL4JZ-i3F8xNUffS9LCyQ8mFOqrf99Ab6sKdrTJ9SGJ8eXTe5qyCTVnWAg9qfwpYVy6Gz_JP_YrAdKV7yGToIRL_mh3vyBbGQwYsrJSsC7yBB6QprAo9x31vr05fPTgUgYiYY4DnvAKlIAilqkrWXuDQdHZO89ZPjSRPuVOqeAEAYAG7qmdgJuflKRgoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_169pulvBd3_0GORn0jKkv7qAz6Zw%26client%3Dca-pub-1310852604335254%26adurl%3Dhttps%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D38516438%3Bcrtbwp%3DYmknXgANhEYIu8qnAAQ_ezY0GXtQxDwCK1GI0g%3Bcrtbdata%3DjMNqeDmYZHgAZEBEToynMvdEldrGYq2lqHT041oasBRatE1jbiY5qCUKqGJovVN4iH0eke7NuJFWGdreK_3vgO4hVaT1xsI0MvN_sn_XYg8H3VckB9xG_gnWtfyYVAvYotAWjkDmgA0hja7hRdTBRwHG4hf3hPglA3LmfzExzjMVAsxVvZrpaFSV0_ttD0vA2bfKk31VtR_K2MBsGj1UHeCvAzzHxz7ISuNyjmCb6Ha7Q4arLD7CSPi4BDEJKX5hNkS2T9nMYo71wT6Md941GVbHB7XY-F195Xyhwpf4Pq7RQKz5YQZVJnGUIvYYZCvbKXGheJCkHcWJSHO7YiUfyGT0lQkXAT8x0%3Badfibeg%3D0%3Bcdata%3DRAgEOHf-kYSJthTcQeuBp0dQi92zlBQMpgibRl9rSfA7k443DjFY1bGW2BhWbyNsTQQFxlGEXcLB81ifIhuSCWPLm1bDT0c668oD5CMcX5P3HgyNudZ1qgiqYmxDffHQxAJqS6frrXt0wCE-Fulq3kHhIpkoas3H0%3B%3BCREFURL%3Dhttps%253a%252f%252fn.yam.com%3BC%3D1%3Bcpdir%3D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcd7a9ae3f7deb6c8f7015abdad16e80d4d175a86f868f67a6aac930d56cd036

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-goog-hash: crc32c=MGLDFw==, md5=019nl0QvvOWAv+XWPvdlUQ==
date: Wed, 27 Apr 2022 11:22:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 698670
cf-polished: degrade=85, origSize=110772, status=webp_bigger
x-guploader-uploadid: ADPycdtlB9qWVBnmgz8SlxjmTL6fwMIzfGUXzCpObSXj_y1TOR_2g4CArLmg_WkUWO0wMroCW_23goTJwTs3TR28wFWi7g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25753
last-modified: Tue, 19 Apr 2022 09:13:27 GMT
server: cloudflare
etag: "d35f6797442fbce580bfe5d63ef76551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xw%2BgTgfH8LDBrVQ7EuT3rbuWq419FnzPUSs1pAgkmcXg29cRUPvSxM9BLB7x7Imq9zsjt9h%2Ft3n7SQBjxkzGrh0BdoIHFy%2F7LGqG0P6WuxR%2Bkg6M%2FZj60Dae%2BjPDW1ETDDa6eZ9nTowzHbaA"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1650359607912236
content-type: image/jpeg
expires: Thu, 28 Apr 2022 11:22:08 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 110772
accept-ranges: bytes
cf-ray: 70272db8ecc692b4-FRA
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK 20180307%5C2018030701593981.jpg
vote.yam.com/imgfix/ Frame 7CBE 23 KB
23 KB 249ms
247ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20180307%5C2018030701593981.jpg?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5ac73d2d13d5b2a1a07fd3c816184c695df5508d79ad7d14722e9e7a48feb15d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:08 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 30 Mar 2022 13:02:25 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=29122817
Content-Length: 23224
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Mar 2023 13:02:25 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 512ms
512ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:08 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Wed, 27 Apr 2022 12:22:08 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 123 KB
29 KB 1154ms
645ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&&rid=000000&device=pc&media=n.yam.com&extra=windows&agency=cnplus&topn=50&ad=15&r_category=all&country=tw&redirect=true&uid=da57c872262366f8f281651058530520&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNiU5OCU5RiVFNSVCMSU5NSVFOSU4QSU4MCVFOCVBMSU4QyVFNCVCRiVBMSVFNyU5NCVBOCVFNSU4RCVBMSVFNyVCOSVCMyVFNyVBOCU4NSVFNCVCQSVBQiVFNiU5QyU4MCVFOSVBQiU5ODElMkMwMDAlRTUlODUlODMlRTUlODglQjclRTUlOEQlQTElRTklODclOTElRTYlODglOTYxMiVFNiU5QyU5RjAlMjUlRTUlODglQTklRTclOEUlODclRUYlQkMlOEMlRTUlODglQjclRTUlOEQlQTElRTclQjklQjMlRTclQTglODUlRTYlQkIlQkYxMDAlRTglOTAlQUMlRTUlODYlOEQlRTQlQkElQUIyJTJDMDAwJUU1JTg1JTgzJUU1JTg4JUI3JUU1JThEJUExJUU5JTg3JTkxJTIwJTdDJTIwJUU4JTk1JTgzJUU2JTk2JUIwJUU4JTgxJTlFIiwidXNlcl90ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidXNlcl90ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInVzZXJfdGRfaG9zdCI6Im4ueWFtLmNvbSIsInVzZXJfZGV2aWNlIjoicGMiLCJ1c2VyX3RpbWUiOjE2NTEwNTg1MzA1MjIsImZydWl0X2JveF9wb3NpdGlvbiI6IiIsImZydWl0X3N0eWxlIjoiIn0=&alg=ltr&callback=_p6_9629b3b8b79a
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: ee3f7ac662ef6743d4911f4965d4494a6387c6ce62150272152fd0d391e67041

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:09 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 154 KB
42 KB 510ms
509ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: aaf58fe585cbcc76094d23707910520dc7e2e9130342905aff91c58cd462c2fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:08 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Apr 2022 08:36:23 GMT
Server: nginx
ETag: W/"9267ef3f59cd4d8de5ccc52b18079758"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: sVvalQm6suT60X6sTlpcRHr4race4PAb
Expires: Wed, 27 Apr 2022 12:22:08 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9C1 42 B
497 B 99ms
50ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvu74PUoU1m_y7-ye-8FDHpGITNqOcz4hBdDGgjhk1zEIXkUcVKo2aS8q5Rmvnjt2EeVm13RQgOzs92-IYnv3Y4&sig=Cg0ArKJSzIrXqdk8EP-PEAE&id=lidar2&mcvt=1000&p=215,436,305,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=582681056&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651058529422&rpt=271&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9B0C 42 B
497 B 88ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_o6zr9nUQmUHM_sOaUdrCGIOSimH1HR0cQto989YnJBnnuD0s0u2sY0xmxvSyyF9y9nDn06qbuGnQ_InMZGKs0iOmmkecuk1O70j3b8Q_roPdnPxG4GGD1Xds5MOvYnS42zP6z85r6H8e&sai=AMfl-YSd0pC3aElr98B0RZHOmakMU_mX01J32VQH5jfAcjDXKiul2inXuoq8GvwlTjXAinv9DMDus1gycMkEIx_0hgUf1hKRQErpoypmpvEHoyYrNGpATyERhJNLVKFpyEY&sig=Cg0ArKJSzAJ-ufrQ8B7yEAE&id=ampim&o=1050,659&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=339&tls=1339&g=90.16666412353516&h=90.16666412353516&tt=1339&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=612007488

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4809 0
127 B 19ms
17ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:22:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 255ms
255ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:09 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Expires: Wed, 27 Apr 2022 12:22:09 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2009 0
127 B 20ms
19ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 27 Apr 2022 11:22:07 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 428ms
106ms Script
application/javascript 54.237.0.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1651058531946&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6IndpdGhfc3pfc3RhbmRhcmQtcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MSwicmVxdWVzdF9hZCI6MTUsInJlc3BvbnNlX2FkIjoxNSwiZG1mIjoibSIsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMjA0MjY5Mzg4MjEiLCJsb2dpZCI6IjgxN2UyY2E0LWM1OWMtNGY1NC04YWQ1LWVlNjA4YTZmYzNjZiIsInVpZCI6ImRhNTdjODcyMjYyMzY2ZjhmMjgxNjUxMDU4NTMwNTIwIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMTY3ZWZlZDItMmRhMC00N2FlLThkZmYtZDJiNzE4NGQ3NWYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuaYn%2BWxlemKgOihjOS%2FoeeUqOWNoee5s%2BeoheS6q%2BacgOmrmDEsMDAw5YWD5Yi35Y2h6YeR5oiWMTLmnJ8wJeWIqeeOh%2B%2B8jOWIt%2BWNoee5s%2Beohea7vzEwMOiQrOWGjeS6qzIsMDAw5YWD5Yi35Y2h6YeRIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiMTY3ZWZlZDItMmRhMC00N2FlLThkZmYtZDJiNzE4NGQ3NWYwIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuWNs%2BaZguaWsOiBniIsImFidGVzdCI6InN0YW5kYXJkIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.0.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-0-39.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ 2 KB
3 KB 253ms
253ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:09 GMT
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.44
x-amz-version-id: null
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 2316
Expires: Wed, 27 Apr 2022 12:22:09 GMT

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
559 B 510ms
106ms Script
application/javascript 54.237.0.39
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1651058531971&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6IndpdGhfc3pfd29yZC1wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoxLCJyZXF1ZXN0X2FkIjoxNSwicmVzcG9uc2VfYWQiOjE1LCJkbWYiOiJtIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsImxvZ2lkIjoiODE3ZTJjYTQtYzU5Yy00ZjU0LThhZDUtZWU2MDhhNmZjM2NmIiwidWlkIjoiZGE1N2M4NzIyNjIzNjZmOGYyODE2NTEwNTg1MzA1MjAiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5pif5bGV6YqA6KGM5L%2Bh55So5Y2h57mz56iF5Lqr5pyA6auYMSwwMDDlhYPliLfljaHph5HmiJYxMuacnzAl5Yip546H77yM5Yi35Y2h57mz56iF5ru%2FMTAw6JCs5YaN5LqrMiwwMDDlhYPliLfljaHph5EiLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.237.0.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-0-39.compute-1.amazonaws.com

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length: 89
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 1114ms
244ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6IndpdGhfc3pfc3RhbmRhcmQtcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MSwicmVxdWVzdF9hZCI6MTUsInJlc3BvbnNlX2FkIjoxNSwiZG1mIjoibSIsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMjA0MjY5Mzg4MjEiLCJsb2dpZCI6IjgxN2UyY2E0LWM1OWMtNGY1NC04YWQ1LWVlNjA4YTZmYzNjZiIsInVpZCI6ImRhNTdjODcyMjYyMzY2ZjhmMjgxNjUxMDU4NTMwNTIwIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMTY3ZWZlZDItMmRhMC00N2FlLThkZmYtZDJiNzE4NGQ3NWYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuaYn+WxlemKgOihjOS/oeeUqOWNoee5s+eoheS6q+acgOmrmDEsMDAw5YWD5Yi35Y2h6YeR5oiWMTLmnJ8wJeWIqeeOh++8jOWIt+WNoee5s+eohea7vzEwMOiQrOWGjeS6qzIsMDAw5YWD5Yi35Y2h6YeRIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMC4wLjQ4OTYiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMTY3ZWZlZDItMmRhMC00N2FlLThkZmYtZDJiNzE4NGQ3NWYwIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuWNs+aZguaWsOiBniIsImFidGVzdCI6InN0YW5kYXJkIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1651058531947
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 875ms
248ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&uid=da57c872262366f8f281651058530520&type=pc_pv&nid=pc&media=n.yam.com&r5=ca_%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E|ab_standard&t=1651058531947&tz=tw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:10 GMT
last-modified: Tue, 10 Sep 2019 08:21:36 GMT
server: nginx
etag: "5d775d10-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1124ms
251ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsImxvZ2lkIjoiODE3ZTJjYTQtYzU5Yy00ZjU0LThhZDUtZWU2MDhhNmZjM2NmIiwicmlkIjoiMDAwMDAwIiwidWlkIjoiZGE1N2M4NzIyNjIzNjZmOGYyODE2NTEwNTg1MzA1MjAiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5pif5bGV6YqA6KGM5L+h55So5Y2h57mz56iF5Lqr5pyA6auYMSwwMDDlhYPliLfljaHph5HmiJYxMuacnzAl5Yip546H77yM5Yi35Y2h57mz56iF5ru/MTAw6JCs5YaN5LqrMiwwMDDlhYPliLfljaHph5EiLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1651058531948
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
Last-Modified: Thu, 13 Dec 2018 07:24:27 GMT
Server: nginx/1.13.5
ETag: "5c12092b-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
108 B 1121ms
249ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5pif5bGV6YqA6KGM5L+h55So5Y2h57mz56iF5Lqr5pyA6auYMSwwMDDlhYPliLfljaHph5HmiJYxMuacnzAl5Yip546H77yM5Yi35Y2h57mz56iF5ru/MTAw6JCs5YaN5LqrMiwwMDDlhYPliLfljaHph5EiLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjM3LjU4LjU4LjI0OCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDAuMC40ODk2IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjUxMDU4NTMwNTIyIiwibm93IjoxNjUxMDU4NTMxOTQ4LCJjbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ1cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidWlkIjoiZGE1N2M4NzIyNjIzNjZmOGYyODE2NTEwNTg1MzA1MjAiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6Im4ueWFtLmNvbSIsImRpc2hfY2F0ZWdvcnkiOiLljbPmmYLmlrDogZ4iLCJkaXNoX2RvbWFpbiI6Im4ueWFtLmNvbSIsInZfZGlzaF9sYWJlbHMiOiLkv6HnlKjljaEs5Zue6aWLLOWEquaDoCznm7jnlbbmlrws5omA5b6X56iFLOS4reWkruekvizmiYvnuozosrss5oyB5Y2h5Lq6LOaWueahiCzliIbmnJ8s57mz57SNLOWWruethizlj4PliqAs5bm05bqmLOeZu+mMhCznqIXpoY0s5L2/55SoLOWAi+S6uizljYHlkags5oiQ56uLLOWRvOaHiSzliqDnorws57ac5ZCILOWujOaIkCzlj6/pgbgs5Y+v6KaWLOioiuaBryzopo/lioMs6ZyA5rGCLOmBuOaThyzpioDooYws6LOH6YeRLOimj+Wumizmu7/poY0s5o6o5Ye6LOacjeWLmSzph5HpoY0iLCJ2X2Rpc2hfdGxhYmVscyI6IuWIt+WNoSznubPnqIUs6YqA6KGM5L+h55SoLOWIqeeOhyIsImxvZ2lkIjoiODE3ZTJjYTQtYzU5Yy00ZjU0LThhZDUtZWU2MDhhNmZjM2NmIiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRvbWFpbiI6Im4ueWFtLmNvbSIsInBvcGluX3ZlcnNpb24iOjZ9
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 875ms
249ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&uid=&type=pc_channel_pv&nid=pc&media=n.yam.com&r5=ca_%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E|ab_standard|ch_with_sz_standard-pc&t=1651058531964&tz=tw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:10 GMT
last-modified: Tue, 10 Sep 2019 08:21:36 GMT
server: nginx
etag: "5d775d10-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 1119ms
247ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3N0YW5kYXJkLXBjIiwiZXhwZWN0ZWRfYWQiOjQsInJlbmRlcmVkX2FkIjo0LCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMjA0MjY5Mzg4MjEiLCJsb2dpZCI6IjgxN2UyY2E0LWM1OWMtNGY1NC04YWQ1LWVlNjA4YTZmYzNjZiIsInJpZCI6IjAwMDAwMCIsInVpZCI6ImRhNTdjODcyMjYyMzY2ZjhmMjgxNjUxMDU4NTMwNTIwIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiMTY3ZWZlZDItMmRhMC00N2FlLThkZmYtZDJiNzE4NGQ3NWYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuaYn+WxlemKgOihjOS/oeeUqOWNoee5s+eoheS6q+acgOmrmDEsMDAw5YWD5Yi35Y2h6YeR5oiWMTLmnJ8wJeWIqeeOh++8jOWIt+WNoee5s+eohea7vzEwMOiQrOWGjeS6qzIsMDAw5YWD5Yi35Y2h6YeRIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTAwLjAuNDg5Ni4xMjcgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwMC4wLjQ4OTYiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiMTY3ZWZlZDItMmRhMC00N2FlLThkZmYtZDJiNzE4NGQ3NWYwIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6IuWNs+aZguaWsOiBniIsImFidGVzdCI6InN0YW5kYXJkIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1651058531964
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
347 B 1124ms
251ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6IndpdGhfc3pfd29yZC1wYyIsInRpbWVfc2hvd19zZWNvbmRzIjoxLCJyZXF1ZXN0X2FkIjoxNSwicmVzcG9uc2VfYWQiOjE1LCJkbWYiOiJtIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsImxvZ2lkIjoiODE3ZTJjYTQtYzU5Yy00ZjU0LThhZDUtZWU2MDhhNmZjM2NmIiwidWlkIjoiZGE1N2M4NzIyNjIzNjZmOGYyODE2NTEwNTg1MzA1MjAiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5pif5bGV6YqA6KGM5L+h55So5Y2h57mz56iF5Lqr5pyA6auYMSwwMDDlhYPliLfljaHph5HmiJYxMuacnzAl5Yip546H77yM5Yi35Y2h57mz56iF5ru/MTAw6JCs5YaN5LqrMiwwMDDlhYPliLfljaHph5EiLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1651058531972
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
Last-Modified: Thu, 13 Dec 2018 07:32:33 GMT
Server: nginx/1.13.5
ETag: "5c120b11-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 s.gif
r.popin.cc/ 35 B
186 B 650ms
250ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&uid=&type=pc_channel_pv&nid=pc&media=n.yam.com&r5=ca_%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E|ab_standard|ch_with_sz_word-pc&t=1651058531978&tz=tw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:10 GMT
last-modified: Tue, 10 Sep 2019 08:21:36 GMT
server: nginx
etag: "5d775d10-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
347 B 879ms
255ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3dvcmQtcGMiLCJleHBlY3RlZF9hZCI6MiwicmVuZGVyZWRfYWQiOjIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIyMDQyNjkzODgyMSIsImxvZ2lkIjoiODE3ZTJjYTQtYzU5Yy00ZjU0LThhZDUtZWU2MDhhNmZjM2NmIiwicmlkIjoiMDAwMDAwIiwidWlkIjoiZGE1N2M4NzIyNjIzNjZmOGYyODE2NTEwNTg1MzA1MjAiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5pif5bGV6YqA6KGM5L+h55So5Y2h57mz56iF5Lqr5pyA6auYMSwwMDDlhYPliLfljaHph5HmiJYxMuacnzAl5Yip546H77yM5Yi35Y2h57mz56iF5ru/MTAw6JCs5YaN5LqrMiwwMDDlhYPliLfljaHph5EiLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTAwLjAuNDg5NiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1651058531978
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:11 GMT
Last-Modified: Thu, 13 Dec 2018 07:19:53 GMT
Server: nginx/1.13.5
ETag: "5c120819-42"
Content-Type: image/jpeg
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 374ms
250ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=da57c872262366f8f281651058530520&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&t=1651058531979
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:10 GMT
last-modified: Tue, 10 Sep 2019 08:21:36 GMT
server: nginx
etag: "5d775d10-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H/1.1 200
OK 20180307%5C2018030702112045.png
vote.yam.com/imgfix/ Frame 7CBE 122 KB
123 KB 165ms
165ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20180307%5C2018030702112045.png?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/js/jquery.devrama.slider.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e8f69b6bde766db99c14c08b993e7f425715dc9e4266d2fa9f0dff386306da0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 30 Mar 2022 13:02:24 GMT
Content-Type: image/png
Cache-Control: public, max-age=29122813
Content-Length: 125214
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Mar 2023 13:02:24 GMT

GET
H/1.1 200
OK 20180307%5C2018030702112045.png
vote.yam.com/imgfix/ Frame 7CBE 122 KB
123 KB 160ms
160ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20180307%5C2018030702112045.png?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6e8f69b6bde766db99c14c08b993e7f425715dc9e4266d2fa9f0dff386306da0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 30 Mar 2022 13:02:24 GMT
Content-Type: image/png
Cache-Control: public, max-age=29122813
Content-Length: 125214
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Mar 2023 13:02:24 GMT

GET
H/1.1 200
OK 20220216%5C2022021606240040.jpg
vote.yam.com/imgfix/ Frame 7CBE 21 KB
21 KB 162ms
161ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20220216%5C2022021606240040.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51ca87b12204ad5cee868cee2c5955d719b06a9cfb5d525a070e2bbe450593f3

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 11:22:10 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Wed, 30 Mar 2022 13:02:24 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=29122813
Content-Length: 21384
X-XSS-Protection: 1; mode=block
Expires: Thu, 30 Mar 2023 13:02:24 GMT

GET
H3 200 comments.php
www.facebook.com/v2.11/plugins/ Frame 7FAC 0
0 35ms
34ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2615b40bfd094c%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff16e0988ffc9ee%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=c5a623a9481afd2f65372f207a4ba329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 11:22:11 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: O1rurfAsAOaqDF1kz5sWhEtyBBqRPfRXC1nhuOL+5Jwh7RHMRFZ70HRzIan2eFAEhIJTfE2HegM162egW6FBOw==
x-frame-options: DENY
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 90ms
61ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042501&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a20160eaa0c24773a37e5ca7b3e540b2e0e0114c3d0f460a7a1efa8cd4aeb5f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10660
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 53ms
22ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 55ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 57ms
56ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

d07e299fb0cb1fb51224f91b40dc8539e580305f94794b64f09f8e5a28c0a944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8719
x-xss-protection: 0
google-lineitem-id: 5489604634
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324749448
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 comments.php
www.facebook.com/v2.11/plugins/ Frame A462 0
0 33ms
33ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfbb41a111f734c%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff16e0988ffc9ee%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=c5a623a9481afd2f65372f207a4ba329

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 27 Apr 2022 11:22:11 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-content-type-options: nosniff
x-fb-debug: GvKWG49m8ry3+h8E1LIalp36FQ+nlTIq5U+uOi6Tj/gBVWzq5L4OhsaOWO4HT9bVhyRWeOsnriBdkuk15wUBmA==
x-frame-options: DENY
x-xss-protection: 0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 160ms
15ms Preflight 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://n.yam.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Wed, 27 Apr 2022 11:22:11 GMT
x-content-type-options: nosniff

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 462 B
648 B 50ms
49ms XHR
application/json 13.69.106.215
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

fa77b6e37a688c8971746d0dc4380541d7e973516ef5fa53d90abb8fe0726b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://n.yam.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 9A913FB1-5B09-4E49-A553-1BD01F3213BF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 27 Apr 2022 11:22:11 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 462

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 99D3 0
0 50ms
49ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGrfUtAL5PhtbHNkw73V9q2SPrbtWM02tU8MDoW3aarIH5N18I1Z_yL3mphX9YrINmKgAXSgb_i0yExGW-uDiLl_4c35cbphsRAafLO6V_1AfsfljnpIsuNfsLP2qMpr14O_7H1mU29Pc4Uz4BRoiMr2a3yeyDi-OEc4fjog0lq_4f6oQEDgHbP1sgztv7QX5qEOk5pSbjCKGnX2fnjgvG4aiW-aMbnlIGF5aZzrlecBKFmcpBfGIrF-TraIjqhtNv2VS2W1lgA4nohDZCZ0gZtQ7P7cGPYQTjuAD277_SLKrKwZ0mL1mKo4tAAvs&sig=Cg0ArKJSzCBg-iUU7XiREAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.php Show response
stg.truvidplayer.com/ Frame 99D3 977 B
757 B 133ms
97ms Script
text/html 143.204.202.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=4423&playlist_id=3196&m=a&cb=5638628941609054
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20220426938821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-77.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: 1768bd6cde0775f5652928bb6cfa079c1e67d2a7d6f3ab029acfab085e6986e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:11 GMT
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: UVZPfcFxcD8zccwVkxa5KnX_35qrxzeWTEmmGGlYaM70-vRr8aSpEg==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99D3 119 KB
36 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:22:11 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042501.js?cb=31067287

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 11:22:11 GMT

GET
DATA 200
OK truncated
/ Frame 99D3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 639ca628dd9ad054f91037eb4222506e11a2ef5cbe552ac3df33dce1f94974cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FE7B 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 10:37:51 GMT
expires: Thu, 27 Apr 2023 10:37:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D9A6 783 B
535 B 24ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c2d5ed91316861270913358ea0c179606ec7b57f584c008c48286aa876945c40

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jwYyL5tHqEa4Gku/E+RZYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://n.yam.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-jwYyL5tHqEa4Gku/E+RZYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:22:11 GMT
expires: Wed, 27 Apr 2022 11:22:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js Show response
pagead2.googlesyndication.com/bg/ Frame FE7B 35 KB
13 KB 42ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LOnNfct_OK6AKwq7GByGz0_K8O7BrCXN6Fs6Py5gnPc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 19:41:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13636
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 19:41:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D9A6 0
0 77ms
62ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042501&jk=2963927287132213&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H2 200 4423.js Show response
go.trvdp.com/init/ Frame 99D3 23 KB
23 KB 66ms
10ms Script
binary/octet-stream 2600:9000:214f:7000:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/4423.js?pid=3196
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=4423&playlist_id=3196&m=a&cb=5638628941609054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7000:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d956cecbc72546f6be9165e71ea6fe0e30c83274da131e88a4b8c12c2d6d540d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 03 May 2021 04:45:40 GMT
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:06:21 GMT
server: AmazonS3
age: 31041391
etag: "48abea3234995128fcf6b9c6fa92da03"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: gbBY78jzyQ6Kc74ZH_kWb3pe8YPsMuXr81j9H_QLDOr19ZkzrcY5Dw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 99D3 0
0 48ms
48ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsskeoAIGqdbGPGO0ua5gzs0ZIiFQggVr6TMAnjcDOXAaZb5JXUUV-JPIMPglO8xy_6mhfvcGDq5aCPymAGbtoLuhoCNsPmC-IRQnwncS13EcujV7bNntF-RveW_6_h3EbI3HKUJ2FJ9pIaBRIzm28z5Rif5USa2xE9qqQVFk5iNfKpN4el39Cdubcp7aAlN5K2_yBAcEmJMyynkI3XHxdeQRQgFoocJK_KMlFnpD6oo1aOdspbswLP9_lJC8j2Dfsz-hGHO7XawS_qHMLXfBuBPi9sK03Pi4fLxXBKvIfKbC0FYi0gjz-ork9l1eQ-X4w&sig=Cg0ArKJSzBW0FCAYvsQCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Apr 2022 11:22:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 27 Apr 2022 11:22:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FE7B 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oWM-rQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 p.php Show response
stg.truvidplayer.com/ Frame 99D3 7 KB
4 KB 291ms
272ms XHR
application/json 143.204.202.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=597&wid=4423&cb=1053.197940226387&pid=3196&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/4423.js?pid=3196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.202.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-202-77.fra53.r.cloudfront.net
Software: nginx /
Resource Hash: afee3e5769816ed98707fcf8ab781b248b27c044071230f477a6c56536977308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:22:11 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://n.yam.com
access-control-allow-credentials: true
x-amz-cf-id: LHObeyyTqcB-v3nhRJ5dw6DgohQx7r5bCUQ3PSysJH5UV6s7SEKFaA==
via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.742/ 658 KB
179 KB 170ms
10ms Script
application/javascript 2600:9000:214f:8000:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.742/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/4423.js?pid=3196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:8000:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 14:40:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 06:41:24 GMT
server: AmazonS3
age: 1197716
etag: W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 62a54EgAbNKWKAXmIptD5Jt8_UmF8OqnRMl4FwFkVuBkSlq7gRBxHA==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 81ms
81ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042501&jk=2963927287132213&bg=!QkGlQQXNAAYXWUUuN1k7ACkAdvg8WixRI4iSUMFZqV68V8ZYTTGHA0B9PmpZOIsfkSTMi_CV5i2knAIAAABhUgAAAAJoAQeZApNFRmo0igi_s7rNbvPtlMtSJepo_TnPc2PLe3AUOhI3twac9S_ATzxH1-PJA63TTAb3xt2L34VbSPSZw-uTu-PVGaxoNLR4aohkHBQIP_bY3htgeLgPVndSaHQNG-9ojtYQ9UBzWukGEXjlIivu62swJvnbf8RMTmbdT_HK0Ra5H_l1JStfN5iQkPkXbYQRukIYYb89ARQsIIK63Jm9FnkAQv7SyosTI_tAYW9YW5vkMUVgDONtw0iSlVMSkzHlF7nYjgrdByL4YxzDsDdCNp-ApQdkBS4WPbKrWSuLBcfwLqSJEcb0khSwZ2XYjvYy2dfq1Oj67y257pcr9FXfWgu7MuPhwTrdhiiILuk_8UfeyUSkarSw6qDjOrxY1moSD_f4S5fugiJ0-0M5f-t2mp7BQzLxljsSMFagKzB-x9Toag5ms5Xw1czZZ1SjYAClrtDaN_8s3APa20tOzwzLVppG6T9YxwUnzwTSsOm35xk-am1xaKOKHy5t_ix39KhYcpXFQPUtR1w3PrjeEFfhbQPVUGa_wlB7H3RyHnOyBEqwzsi5SVB7v-sUV8APY-bPcNdiByDC3qoMxgIdqORWqUidrxfKDYi1RzrGLoreAGW8g9E1MEr9ZRSuiO4RcImXeVeJOfCJVBzZ0bTDiDsXb7IbHfjAPTbdS10d6mRzPpjpWlxC9B5pCBeB4-PXS5FT3ApsOuu5SPurQsHSSnbM-PLWDp1V1Lw_lySW_x0CKdS809v8HkFckC-MepUfk_nsTv65C5owUCbpZ2FxDKgi0RwIGIY4clTEo8PMQorQiWabYwB2HqLCgRejLGnDGNMCo7CqGqqPzOWVaBG-yT8Cg_sdkV-_i1hZm-H6V6vPqTBLjwV55w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
718 B 525ms
131ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=n.yam.com&l1=4423&l2=n.yam.com&l3=DE&l4=desktop&l5=5.742&cb=0.1288011822214945
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Apr 2022 11:22:12 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://n.yam.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

POST
H2 200 /
track.adform.net/serving/unload/ Frame 006F 35 B
502 B 22ms
22ms Ping
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=3796206487380830976@@38516438,2700948724931196842,0|0|0|0|0|0|0|0|0||0|1|1|6269275f0001406d07fd86ee1007f35a_1|||1|0|0|-4gYUTxBLLFX7EYoWZQhUXpkoBnNwp4V_n6C1lNjhZH8d4EsBylsshhpnBRkvb3lA7z_uuw_WOM1|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Apr 2022 11:22:12 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET article_read.html
api.popin.cc/iframe/ Frame 46E1 0
0

GET readlogs
in.treasuredata.com/js/v3/event/popin_media/ 0
0

GET s.gif
rlog.popin.cc/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Domain: api.popin.cc
URL: https://api.popin.cc/iframe/article_read.html

Domain: in.treasuredata.com
URL: https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1651058535597&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiIxNjdlZmVkMi0yZGEwLTQ3YWUtOGRmZi1kMmI3MTg0ZDc1ZjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5pif5bGV6YqA6KGM5L%2Bh55So5Y2h57mz56iF5Lqr5pyA6auYMSwwMDDlhYPliLfljaHph5HmiJYxMuacnzAl5Yip546H77yM5Yi35Y2h57mz56iF5ru%2FMTAw6JCs5YaN5LqrMiwwMDDlhYPliLfljaHph5EgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDAuMC40ODk2LjEyNyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjIwNDI2OTM4ODIxIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJpbWFnZSI6IiIsInB1YmRhdGUiOiIiLCJkb21haW4iOiJuLnlhbS5jb20iLCJtZWRpYSI6Im4ueWFtLmNvbSIsImRldmljZSI6InBjIiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsInJlYWRfcmUiOiJvcmdhbmljIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJtYWluX2NhdGVnb3J5IjoiJUU1JThEJUIzJUU2JTk5JTgyJUU2JTk2JUIwJUU4JTgxJTlFIiwicmVhZF9zdGF0X3RleHQiOjYwMCwicmVhZF9zdGF0X2ltYWdlIjowLCJyZWFkX3N0YXRfaW5fdGV4dCI6NjAwLCJyZWFkX3N0YXRfaW5faW1hZ2UiOjAsInJlYWQiOjEwLCJyZWFkX3RpbWUiOjMuOSwicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback2

Domain: rlog.popin.cc
URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20220426938821&uid=&nid=4TETMA!gpAZD&media=n.yam.com&r1=10&r2=0&r3=text600|image0|in_text600|in_image0&r4=4&r5=re_organic|dv_pc|session|sstorage&r6=4&r7=-0&r8=38.699999999999996&t=1651058535593

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
n.yam.com/	1970-01-20 11:23:14	Name: ai_user Value: QA2kJ\|2022-04-27T11:22:08.837Z
.yam.com/	1970-01-20 20:08:50	Name: _ga_RE4LTMGVEF Value: GS1.1.1651058528.1.0.1651058528.60
.yam.com/	1970-01-20 20:08:50	Name: _ga Value: GA1.2.648430392.1651058529
.yam.com/	1970-01-20 02:39:04	Name: _gid Value: GA1.2.665525411.1651058529
.yam.com/	1970-01-20 02:37:38	Name: _gat_gtag_UA_16227618_1 Value: 1
n.yam.com/	1970-01-20 02:37:40	Name: ai_session Value: AOLe2\|1651058529141\|1651058529141
vote.yam.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: u1ftqa0xyqt1lat5c532opxu
.vote.yam.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 7f12b21206fd37e983e9c7f2cadafff0f471663a0688801c9d593a9db00203cf
.vote.yam.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 7f12b21206fd37e983e9c7f2cadafff0f471663a0688801c9d593a9db00203cf
.doubleclick.net/	1970-01-20 11:59:14	Name: IDE Value: AHWqTUmR1_uc6A_o_vbgtPv22bAO5T0ycqWqIEMYKEtOCBQF201IXXtyw1ARCFHsMFY
.adform.net/	1970-01-20 03:20:50	Name: C Value: 1
.adform.net/	1970-01-20 04:04:02	Name: uid Value: 3796206487380830976
.adform.net/	1970-01-20 02:47:43	Name: TPC Value: 1651058527784
.yam.com/	1970-01-20 11:23:14	Name: _ss_pp_id Value: da57c872262366f8f281651058530520
.popin.cc/	1970-01-20 11:23:14	Name: uid Value: da57c872262366f8f281651058530520
.yam.com/	1970-01-20 20:08:50	Name: _td Value: 167efed2-2da0-47ae-8dff-d2b7184d75f0
.in.treasuredata.com/	1970-01-20 20:08:50	Name: _td_global Value: 28cbbcb6-a3f3-4456-bb0b-706e2241edd5
.yam.com/	1970-01-20 11:59:14	Name: __gads Value: ID=1bdc681a0e9b1102:T=1651058526:S=ALNI_Ma7bKTxEgS4_Fp7KXmq7uOKZyrerw
data.ad-score.com/	1970-01-21 22:26:54	Name: token Value: CwhtxABUpKLRn-l4px-YkmrCsxeevWFv

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network	error	URL: https://dc.services.visualstudio.com/v2/track Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15e31f22df2201cacaa74860c960265a.safeframe.googlesyndication.com
ad4m.at
admd.yam.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.google.com
api.popin.cc
as.ad4m.at
assets.ad4m.at
az416426.vo.msecnd.net
cat.nl.eu.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
data.ad-score.com
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
n.yam.com
pagead2.googlesyndication.com
pix.eu.criteo.net
player.ivideosmart.com
r.popin.cc
rlog.popin.cc
rtb.nl.eu.criteo.com
s.trvdp.com
s1.adform.net
securepubads.g.doubleclick.net
sessions.bugsnag.com
static.criteo.net
stats.g.doubleclick.net
stg.truvidplayer.com
tpc.googlesyndication.com
track.adform.net
tw.popin.cc
vote.yam.com
weather.yam.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
api.popin.cc
in.treasuredata.com
rlog.popin.cc
vote.yam.com
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.188
119.63.198.189
13.69.106.215
13.76.41.74
130.211.115.4
142.250.186.34
143.204.202.77
178.250.0.139
178.250.2.148
178.250.2.150
2001:4de0:ac18::1:a:2b
2600:1901:0:7a0b::
2600:9000:214f:7000:3:7e1c:5b40:93a1
2600:9000:214f:8000:d:3c0f:bcc0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:20::ac43:4a81
2606:4700:3030::ac43:d4a7
2606:4700::6811:180e
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:26f0:3500:16::215:1484
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
37.157.5.142
37.157.6.234
52.230.1.186
54.237.0.39
03997ba2f51db0dd37cad224063598246d4066c38fd6d574254f37596a12bdc3
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0489faa8e88bbeacabb56e60f4e2211b979a336f06a69ec470c1687344edec94
088918082f62717d37a1d62e8a251e9a4e10d036090fddbbba37ca7bc03335fd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c1ede63b553821e52e3b9f599c3d32b5c426d4940f58435a1f1f0335e62d79f
0e52fd2663504531b6e86131400b1639a2cdb3c6affd11bb14a1b5786c4c4354
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12a14a185b05f3f38dcbda8c599c64989d05169c906d01b740474bf2e8450f35
1655a16462aefd8ddafed3e67e58288cca40bcfecdf58be3bb9f1bf7512b81ec
1768bd6cde0775f5652928bb6cfa079c1e67d2a7d6f3ab029acfab085e6986e5
1785636b23e2af9eab48f7f0edb10b1422389054e441ac2d0966db8486032b62
180c7cb3d801ef8f115e4800430b2622d76002c39c32495b8aa6cc0b865f0a00
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19e63a64055145811f19b89020689bb5230a3b8d957455044ddcbf4d7308fe63
20b7efa85f61ef7ed2b2a29f97c40b2d8c698442e6671058ef3af71ed882b104
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2ce9cd7dcb7f38ae802b0abb181c86cf4fcaf0eec1ac25cde85b3a3f2e609cf7
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
3636e2778573df35bd6c188d6e3ba640ec09a54b8a1bb63ee52d5f5154f46154
371722f47878cd66124d37d626048abb68989991ca24f195255ff3dbefc9ab12
372a3186cdfa2b7a80c939a0496851ab0519c9b8cb656609fb902168ee053a8b
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3b3446a0e1254ba70508b10b7ea5bfbd60e42f22c1bdba89a421a72d25aed643
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51ca87b12204ad5cee868cee2c5955d719b06a9cfb5d525a070e2bbe450593f3
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
535c0cbf7d9ba30714479b2fbc3c5c6f8aac89d1aebe4280d1026d1fa29c7d72
536429eab51aaed2d0386c52000bbe9877a97bb7c825381fefbbdf2ae0c22007
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ac73d2d13d5b2a1a07fd3c816184c695df5508d79ad7d14722e9e7a48feb15d
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5f344a27a445c6ec4b0c81f0867d10e8969d3cef9e9f01c636fbb7ff18ed4462
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63649b0266963dc62ef62f4f019da966ae28076f19d7d6b97244a9400cbed560
639ca628dd9ad054f91037eb4222506e11a2ef5cbe552ac3df33dce1f94974cf
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6a0e2fb4c4da66c6c63c42d6cb7e5c8aa38e218c677719914a9908cfd4540999
6a780c5fa5c99f71f5c5f711477fffc2e6c453995ce779d3f66a8d74c6983141
6c6414ec1f58ce4a0475014dd742c1382f163931d7ad64a64386027e1dd53faf
6ddbaa241603e7005d811f8dde6d40142729875d84afc623635a5d7c138e5725
6e8f69b6bde766db99c14c08b993e7f425715dc9e4266d2fa9f0dff386306da0
76ede460598ea78cdcb69094a11abfd6c04e4cfcc90990ffaaf9c5415bd2ea38
7ae0562a5d9dd2d15bfe9dc0014fe91bfbd78fbc4395ab8aa014747024659d53
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d7628a205cb2d3fbb20a6bd04e0a0c0631e143c2e6449b2eeaae4eccaa65d05
802d7ad55ea8d9131e05478254f8c97799ec598368054fe0a8d76606364a71b7
80b410ec29856b8a73f32c11d586a7fe30fb0398b485d41420144b217ccdf930
8246297b958c38c4ce4902ff522c1e9192ec9b35c883587b22533f78b57e1d28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
849d0cde47450bead63722e7f6b938226b2bbb65e5d9ec606c6ecfe367e922aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8959cbb31bc9bfc1725be63c62be12e61153d1323bcbbd72583a920cbdde82a3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aca7d5b4fcc872914606add2da8fd305b2504d1d66db516090dcb66d2edb429
8cb22f26870c311e1d6970f8f0ac4d264e19016d39627a957f0184d16ad4bdd9
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
95901cd872570c226a2a131e926a275006f1d37e2dfbda1e6d004b1b0d6a4568
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d5cbcadd2608ad6a3d4736c41b799d5b02635ff9443c32282a901c1efe0e2b5
9ebc5d7494653df4a6a39c95fbf42fd26b6ae88b077610bd592f3e7f21bbfdcb
9f0f06f248aba9887a722a3e9f52d799bd14f50ff1e2e90de6e824e47b4d6ec3
9f22dc991b7fd59bfb5a853fdb9f680208e56b9a25c4aa5acb9cd6a6374b102d
a0682a63b832d3473c0eca3dce6a3b09909c0deb86eb24df79d766221e37b5bd
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20160eaa0c24773a37e5ca7b3e540b2e0e0114c3d0f460a7a1efa8cd4aeb5f9
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ac0fd75bb413471276f5f9b2a919915a2eff38553fb71b72222cf562831488
a69fcb193ee681132ccd115d207a8d3a0692592dae6b4716945a5823712ad582
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aaf58fe585cbcc76094d23707910520dc7e2e9130342905aff91c58cd462c2fd
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
afee3e5769816ed98707fcf8ab781b248b27c044071230f477a6c56536977308
b3268716aa426609361a98aa0e039b338722be38092876ccb369f50462444115
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b4515b8f273639bb116e123e614d446918aca49d7216151885da47a90370e837
b470a9ccb87f12a1e884dd7b83f52df6cbaabd71f89b9d844e94df1da9f76623
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
ba44cdbcfe1363caf6f1ab3bf350e9141ea3f893c6952e0dbb48537141e3bdad
bca5c2253ea890af6bfad25a0203ec21bcbf636f55b092c3f16056b0b176a3c9
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c14898704c00890005ec19c479e1ef947e29864180cffd99337c583f1d86b362
c2d5ed91316861270913358ea0c179606ec7b57f584c008c48286aa876945c40
c45efbafbdd63225cd5d53367a7764a9b1c495e496ad5628bdb1d0b9a585d830
c99442f2685ab85f1219dc1da3b9ce48891300e612914f862d85f5ea372e38e6
ca71ea48130126151c7bb6ae861a878d386eef42a940fd193e672c304357b063
ce1f3c592fb1fa8ec36e24e94c7ee1078b7b5cce37aa1f2dfad408e48f7bc83d
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9
d07e299fb0cb1fb51224f91b40dc8539e580305f94794b64f09f8e5a28c0a944
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d1ac2ee5e6045bca19c73954a162c282fba4b1bf27c531dc0aee2823aaeaddb7
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d956cecbc72546f6be9165e71ea6fe0e30c83274da131e88a4b8c12c2d6d540d
dcd7a9ae3f7deb6c8f7015abdad16e80d4d175a86f868f67a6aac930d56cd036
dce196c44d8bd79fea22e1c0419f9f56da0c70d65de227c00043ae1834282dcb
dcfb691fb59571e9bec752c087ee8d17bed93bfbf20691b4c40a5777feb0e4df
dde7f8c0cbe534b8d1132eb4ecb6624275c3bbdd548b0e4393938fa3d2b2d965
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e2d7cefffb4d70cc26783bdb91ad8d563733ee196f63e5b99a870b14efd126
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e27c27c764365da7566b210236a634bcac5d7a6b9e7228989b6c01d7066352f4
e39f4d0766632aea74b7e75ca572ac66208ffbce5582069a9c1ef9ebbe69d0b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70d938561bf4d2cc26cb6f7db5634c5c1cc7c5f2c21fa330185739cf07e126d
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
ea4d8446159d1f71f8dad379c62fe855418b1a7ea0ecdaa5815fb72a8c8ea08c
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
edb51ba41a6710f09aa506240d2cdd75cd04519ea5cb3dbdea29848053c9a032
ee3f7ac662ef6743d4911f4965d4494a6387c6ce62150272152fd0d391e67041
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57
f08d4480e40d16f5bbebc68075a3f3b6a881331c2456f3cfc10650d6753560be
f3f32eb63b4849e954e956af594c5fd2d664cd0c0156c8ff7871beff3428f7eb
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fa77b6e37a688c8971746d0dc4380541d7e973516ef5fa53d90abb8fe0726b4f
fd1c33927515d6b4cc7db4adca2e88307398fed6825901716d39c57ba8f46c15
ffd2a11d59a7fbb41a2008eb97336977f9f37ebe8156cd8adc4a9ac24b96dc78

n.yam.com Open in urlscan Pro 2606:4700:3030::ac43:d4a7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

200 Requests

96 %HTTPS

64 %IPv6

28 Domains

50 Subdomains

48 IPs

8 Countries

3566 kBTransfer

6768 kBSize

19 Cookies

30 Outgoing links

Redirected requests

200 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

n.yam.com Open in urlscan Pro
2606:4700:3030::ac43:d4a7 Public Scan

Screenshot
Live screenshot

Full Image

200
Requests

96 %
HTTPS

64 %
IPv6

28
Domains

50
Subdomains

48
IPs

8
Countries

3566 kB
Transfer

6768 kB
Size

19
Cookies

200 HTTP transactions
3 data transactions