urlscan.io logo urlscan.io
SecurityTrails logo

n.yam.com Open in urlscan Pro
2606:4700:3035::6815:2d58  Public Scan

Go To Rescan Add Verdict Report
URL: https://n.yam.com/Article/20210408193290
Submission: On February 07 via manual from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 10 countries across 27 domains to perform 243 HTTP transactions. The main IP is 2606:4700:3035::6815:2d58, located in United States and belongs to CLOUDFLARENET, US. The main domain is n.yam.com. The Cisco Umbrella rank of the primary domain is 347563.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2021. Valid for: a year.
This is the only time n.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 2606:4700:303... 13335 (CLOUDFLAR...)
13 142.250.184.226 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a03:5f80:a::... 50952 (DATAIX-AS...)
2 13.76.41.74 8075 (MICROSOFT...)
10 2a03:2880:f02... 32934 (FACEBOOK)
2 6 2a03:2880:f11... 32934 (FACEBOOK)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 119.63.193.220 38627 (BAIDUJP B...)
1 2606:2800:233... 15133 (EDGECAST)
15 52.230.1.186 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 192.96.200.41 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a02:2638:1::2 44788 (ASN-CRITE...)
4 2a02:2638:1::11 44788 (ASN-CRITE...)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2600:1901:0:7... 15169 (GOOGLE)
34 2a02:2638:1::3 44788 (ASN-CRITE...)
4 178.250.2.148 44788 (ASN-CRITE...)
8 178.250.2.150 44788 (ASN-CRITE...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 178.250.2.135 44788 (ASN-CRITE...)
5 2600:9000:224... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2 35.201.76.93 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 35.75.110.87 16509 (AMAZON-02)
4 211.20.171.204 3462 (HINET Dat...)
1 34.117.219.39 15169 (GOOGLE)
5 203.75.214.136 3462 (HINET Dat...)
1 119.63.198.189 38627 (BAIDUJP B...)
1 103.132.192.30 138552 (RTBHOUSE-...)
2 178.250.0.165 44788 (ASN-CRITE...)
1 2 34.96.119.68 15169 (GOOGLE)
1 1 172.105.213.147 63949 (LINODE-AP...)
1 210.59.219.181 3462 (HINET Dat...)
2 18.215.191.232 14618 (AMAZON-AES)
5 119.63.198.143 38627 (BAIDUJP B...)
4 119.63.198.188 38627 (BAIDUJP B...)
1 119.63.198.172 38627 (BAIDUJP B...)
243 51
25    2606:4700:3035::6815:2d58 (United States)

ASN13335 (CLOUDFLARENET, US)
n.yam.com
weather.yam.com
13    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a03:5f80:a::b212:e7c3 (Russian Federation)

ASN50952 (DATAIX-AS Peering Ltd., RU)
player.ivideosmart.com
2    13.76.41.74 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
admd.yam.com
10    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
6    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
6    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
15    52.230.1.186 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
vote.yam.com
4    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
4    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
15    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
34    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
8    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
5    2600:9000:224a:c800:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2600:9000:2156:aa00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
2    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    35.75.110.87 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-110-87.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
4    211.20.171.204 (Chang-hua, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-20-171-204.hinet-ip.hinet.net
banner-cfnetwork.cdn.hinet.net
1    34.117.219.39 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
5    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
392c8fb0-24cb-4113-a23a-0eb702653cc7.t.ssp.hinet.net
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    34.96.119.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
1    172.105.213.147 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1867-147.members.linode.com
gocm.c.appier.net
1    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
2    18.215.191.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-191-232.compute-1.amazonaws.com
in.treasuredata.com
5    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
4    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
1    119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
Apex Domain
Subdomains		 Transfer
49 criteo.net
static.criteo.net — Cisco Umbrella Rank: 645
csm.eu.criteo.net — Cisco Umbrella Rank: 7881
pix.eu.criteo.net — Cisco Umbrella Rank: 7730
1 MB
42 yam.com
n.yam.com — Cisco Umbrella Rank: 347563
admd.yam.com
vote.yam.com Failed
weather.yam.com
1 MB
27 googlesyndication.com
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 124
624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 100
112 KB
16 popin.cc
api.popin.cc — Cisco Umbrella Rank: 19646
tw.popin.cc — Cisco Umbrella Rank: 61864
log.popin.cc — Cisco Umbrella Rank: 22525
r.popin.cc — Cisco Umbrella Rank: 22158
inrecsys.popin.cc — Cisco Umbrella Rank: 23108
131 KB
15 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
stats.g.doubleclick.net — Cisco Umbrella Rank: 96
cm.g.doubleclick.net Failed
307 KB
14 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 13370
ads.eu.criteo.com — Cisco Umbrella Rank: 7925
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14362
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10541
bidder.criteo.com — Cisco Umbrella Rank: 722
113 KB
10 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 148768
fcm.holmesmind.com Failed
adcdn.holmesmind.com — Cisco Umbrella Rank: 130688
c.holmesmind.com — Cisco Umbrella Rank: 98253
ad.holmesmind.com — Cisco Umbrella Rank: 88133
fp.holmesmind.com — Cisco Umbrella Rank: 130845
31 KB
9 hinet.net
banner-cfnetwork.cdn.hinet.net — Cisco Umbrella Rank: 164393
t.ssp.hinet.net — Cisco Umbrella Rank: 89081
392c8fb0-24cb-4113-a23a-0eb702653cc7.t.ssp.hinet.net
8 KB
8 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 639
765 KB
8 ivideosmart.com
player.ivideosmart.com — Cisco Umbrella Rank: 39677
43 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 80
analytics.google.com — Cisco Umbrella Rank: 1062
www.google.com — Cisco Umbrella Rank: 13
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 165
214 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
183 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8028
www.google.de — Cisco Umbrella Rank: 5557
1 KB
3 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 31706
gocm.c.appier.net — Cisco Umbrella Rank: 2591
729 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 3699
44 KB
3 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 25404
sync.aralego.com — Cisco Umbrella Rank: 2178
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
133 KB
2 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 3743
1 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 790
97 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146
83 KB
1 scupio.com
prebid.scupio.com — Cisco Umbrella Rank: 61900
160 B
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 14456
171 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227
5 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 584
30 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1928
22 KB
243 27
Domain Requested by
34 static.criteo.net ads.eu.criteo.com
cdn.holmesmind.com
n.yam.com
23 n.yam.com n.yam.com
15 tpc.googlesyndication.com d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
n.yam.com
15 vote.yam.com n.yam.com
vote.yam.com
code.jquery.com
13 securepubads.g.doubleclick.net n.yam.com
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
8 csm.eu.criteo.net ads.eu.criteo.com
8 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
8 player.ivideosmart.com n.yam.com
player.ivideosmart.com
7 pix.eu.criteo.net ads.eu.criteo.com
6 pagead2.googlesyndication.com www.googletagservices.com
securepubads.g.doubleclick.net
n.yam.com
tpc.googlesyndication.com
6 www.googletagservices.com www.googletagmanager.com
securepubads.g.doubleclick.net
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
6 www.facebook.com 2 redirects n.yam.com
www.facebook.com
connect.facebook.net
5 log.popin.cc n.yam.com
5 cdn.holmesmind.com ads.aralego.com
cdn.holmesmind.com
ad.holmesmind.com
5 api.popin.cc n.yam.com
api.popin.cc
5 d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 r.popin.cc n.yam.com
4 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
4 banner-cfnetwork.cdn.hinet.net cdn.holmesmind.com
4 cat.nl.eu.criteo.com ads.eu.criteo.com
4 ads.eu.criteo.com d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
4 www.google.com n.yam.com
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 cdn.aralego.net n.yam.com
ads.aralego.com
3 www.googletagmanager.com n.yam.com
www.googletagmanager.com
2 in.treasuredata.com api.popin.cc
2 ad2.apx.appier.net 1 redirects n.yam.com
2 bidder.criteo.com static.criteo.net
2 c.holmesmind.com 1 redirects cdn.holmesmind.com
2 sessions.bugsnag.com az416426.vo.msecnd.net
2 rtb.fr.eu.criteo.com n.yam.com
2 rtb.nl.eu.criteo.com n.yam.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 weather.yam.com n.yam.com
2 www.google.de n.yam.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 connect.facebook.net n.yam.com
connect.facebook.net
2 admd.yam.com n.yam.com
1 inrecsys.popin.cc n.yam.com
1 prebid.scupio.com banner-cfnetwork.cdn.hinet.net
1 gocm.c.appier.net 1 redirects
1 392c8fb0-24cb-4113-a23a-0eb702653cc7.t.ssp.hinet.net n.yam.com
1 prebid-asia.creativecdn.com banner-cfnetwork.cdn.hinet.net
1 tw.popin.cc api.popin.cc
1 fp.holmesmind.com cdn.holmesmind.com
1 ad.holmesmind.com cdn.holmesmind.com
1 adcdn.holmesmind.com cdn.holmesmind.com
1 624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sync.aralego.com ads.aralego.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 code.jquery.com vote.yam.com
1 az416426.vo.msecnd.net n.yam.com
1 analytics.google.com www.googletagmanager.com
0 fcm.holmesmind.com Failed cdn.holmesmind.com
0 cm.g.doubleclick.net Failed n.yam.com
243 57
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
player-objects.ivideosmart.com
R3		 2022-01-13 -
2022-04-13		 3 months crt.sh
*.yam.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-13 -
2022-08-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-16 -
2022-02-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2021-10-22 -
2022-10-22		 a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
www.google.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-10 -
2022-04-04		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.cdn.hinet.net
 2021-06-11 -
2022-06-11		 a year crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.t.ssp.hinet.net
 2020-05-06 -
2022-05-06		 2 years crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.treasuredata.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh

This page contains 24 frames:

Primary Page: https://n.yam.com/Article/20210408193290
Frame ID: 8571DFEE29DF78279021BA2EE0D68FE7
Requests: 75 HTTP requests in this frame

Frame: https://vote.yam.com/CF/index.html
Frame ID: 1886854F6FA7770441C66DD037595C85
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210408193290/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
Frame ID: 234E0B514FC54B4DDBFD213B82723F6A
Requests: 3 HTTP requests in this frame

Frame: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F0552F147782E2049FEAD6D37600DDC8
Requests: 1 HTTP requests in this frame

Frame: https://vote.yam.com/CF/index.html
Frame ID: E557D9F59445AEA24B78052532A01F45
Requests: 16 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Frame ID: 799824A5A1CCBEF96E436CFCED0C2069
Requests: 9 HTTP requests in this frame

Frame: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 05B65A1DC448F68211A56FDEC1136E1A
Requests: 9 HTTP requests in this frame

Frame: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DFF8A44456ABE636FD6764459F6AD70F
Requests: 9 HTTP requests in this frame

Frame: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BC532DC740EAAA37BBA1E2ACD94253FC
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjEObT0fJDprESn8MzhrsDXkgoI0kZreLyxV3bgrmzH1NumDxF5HoYwj3HYffve8qLmlrnzq6BdfxFs03cNba4JqVfG4SbMJxqZfjxL3qL5i5shpqvznt_uRiU82bQK4z9BhQONDHSFUdPWneEqWVUn7J3yM1CHZTQL8_bwAJrzK6UuFOrT4jIgpyC-MgEUDTBcz0sIo9CESbQ6RsE2fK9baXr2DPhJPHNmILrBGIMJ4tzyL55Cu84wRYNu-D59kNWZEWWioVfnKMN4FrVzsrZt7z0svjRNGI3aPEX8x7HNtYKTEN9FAtrC-a1lOSN2kQdnbT7kSf6zLFp&sai=AMfl-YTyozT89Gtfv2ronqVbgBn19h5G4ZdF4NwYJdB1qxRHyeEFoNTwIeROynBSmLNoOU_FmdtPYIO2g5UQ9SK3_lHU4MsB5svrQMTjZBhtxCgIBKlyN0IkF64MloMxsmtb&sig=Cg0ArKJSzIkujQ4zvpiEEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 08E363E7B08B5BF3B2E0F8D2EABDE643
Requests: 9 HTTP requests in this frame

Frame: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A56B546F6A3F930A87990910D6075199
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 99F8DA83F83DB4192E7B78CD22542221
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 4A3E676B1E5F1472FD78653632463A34
Requests: 12 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 5D9C7E6ECF2891D8ADCE1125C57191B6
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Frame ID: 3D1B879A6EDDB0C351B43B046E47049F
Requests: 11 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 47A22B79AF54FD59E9BA2EDE611201AC
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 7FD3A36182078BA3F7D47630ACAAC843
Requests: 2 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: C6C00EB2CEBF3CB301F6D7F71A808D69
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: BCA0166D360B4E4196F6A6EE57BCC59E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: F13CDB3FF844DB7660896480BCC9708A
Requests: 21 HTTP requests in this frame

Frame: https://624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: DD6995D6DA7EF27E16DEAEA8E6796DA4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B5327E3A77F934238F7C8B9FF5E9A8E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EE7ECB566E852A2C5E1E43AD2C38652D
Requests: 2 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=5140-7lq0qJenbEqaYD4Cd4tvZ5R2zSulrit4&CFFPCKUUID=413-gRRZ8mM2QfZqqJnH5TVy2KA584oArakP&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&maindomain=yam.com
Frame ID: 37289BAE19DC2C406E0BFB4F57451E5A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

台灣每25分鐘1件勞資爭議 企業面對勞檢三招有解! | 蕃新聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

243
Requests

98 %
HTTPS

55 %
IPv6

27
Domains

57
Subdomains

51
IPs

10
Countries

4865 kB
Transfer

9861 kB
Size

33
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52
  • https://www.facebook.com/v2.9/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760 HTTP 302
  • https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760 HTTP 302
  • https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Request Chain 61
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 173
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/9a1fde9f-b110-35fc-8e00-a2314351f2cf?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/38057c2b-1926-3218-9c7a-4852e2912b60?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/38057c2b-1926-3218-9c7a-4852e2912b60?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/38057c2b-1926-3218-9c7a-4852e2912b60?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=38057c2b-1926-3218-9c7a-4852e2912b60&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=38057c2b-1926-3218-9c7a-4852e2912b60&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=4a56b1fa-5e3b-473c-b171-b4411cc4f5dc&google_hm=NGE1NmIxZmEtNWUzYi00NzNjLWIxNzEtYjQ0MTFjYzRmNWRj
Request Chain 187
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 221
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vS7id9bDAtGnptAmzIYAYg

243 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 20210408193290
n.yam.com/Article/ 		47 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6c57ce5b30d6521364075a0fb27d615a7124f494f789067c6a8ecf0162ee2fc1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-type
text/html; charset=utf-8
cf-ray
6d9941fe2ea9691b-FRA
cache-control
private
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuKRl8qpkX5qPKkuIp2TT7fM1tTUw%2B%2B56WcJUrjn%2BnXUuXZ%2B%2FIcGLeDYtvgHB9HaF2gfAizYy0E0juikw07354LHT25GUth7%2BmD8tpfg0zQLM9CFrBxA76ulF4mU4MbOHHEakbdX6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
content-encoding
br
style.css
n.yam.com/Content/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/Content/style.css?v0.02
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
12a14a185b05f3f38dcbda8c599c64989d05169c906d01b740474bf2e8450f35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Dec 2021 02:16:26 GMT
server
cloudflare
age
4836
x-powered-by
ASP.NET
etag
W/"44361d7010ebd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FOmbsApBPUKFPgGvDhwbu2c5ZzkfW1a9KoNBZ3uW0LevAthte480%2B%2FLZFo%2BPtEk3cHYlf34SQ240nddMZW4Nq81ZAgyQ%2BBTz5GV3Allw%2BFbURhrBWpJEiXCq6ZyXIN66XlSUCV53Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d9942009913691b-FRA
jquery.min.js
n.yam.com/scripts/ 		94 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/scripts/jquery.min.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2017 03:55:30 GMT
server
cloudflare
age
4836
x-powered-by
ASP.NET
etag
W/"1d4d6512be0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NlRuFbzpTuPFubWc4Qc06l%2BWGem%2Bg8rlwYorDCQhLj5SDzRreODlV3bAnuoztNJYN1HZOycCcARjhRHSX2WjD1%2BpnnDnuG%2F%2BOTIRsjUn3LCcLlFoabi9pgHFYNJnXWmTIqtIigjuBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d994200a914691b-FRA
main.js
n.yam.com/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/scripts/main.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
180c7cb3d801ef8f115e4800430b2622d76002c39c32495b8aa6cc0b865f0a00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2017 03:55:30 GMT
server
cloudflare
age
4836
x-powered-by
ASP.NET
etag
W/"a4cf6812be0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FOAFRSiE2WCYrUtidgbOGpuo6ERCUdVb80%2F2p%2Fry9cSPuiMq4J7EZpB9Ttz%2ByOz76%2BpsBOT%2FGHBG%2F32OZwqtS0fMMIp0fptE0l6LXljlLf3JarlRq17WhuqSeMsTgy845XHD7zVcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d994200a915691b-FRA
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
93f871ce94c730e02c2d43634d4819bed0f282df99c2f59b0795786bb8accf22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27234
x-xss-protection
0
server
sffe
etag
"1124 / 803 of 1000 / last-modified: 1644015917"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Feb 2022 02:41:11 GMT
line_dog.png
n.yam.com/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/line_dog.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8246297b958c38c4ce4902ff522c1e9192ec9b35c883587b22533f78b57e1d28

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
20442
last-modified
Sat, 31 Mar 2018 08:27:11 GMT
server
cloudflare
etag
"b2d7bc10cac8d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtuZh4VZSSPqFAxQvBOZjWAmJf%2B4MvjsbJeOEE946G4UQgE4XCBoZU74d%2FvmCHdY%2B1jFl3sVSi5eK%2Fjg72KwIDXhlPHdge0bJmD6zYKwBqEPareJ3jmKeb%2BJ6aEUVtDHNtxurFpC%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200d94b691b-FRA
menu.png
n.yam.com/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/menu.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8959cbb31bc9bfc1725be63c62be12e61153d1323bcbbd72583a920cbdde82a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
16882
last-modified
Thu, 08 Jun 2017 03:55:25 GMT
server
cloudflare
etag
"903262fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkhe3lfuCD3k6Jj0kTOgEBUTGWXqM%2BQ2t3%2BpWZ2Zl2p1%2FwvAkm8eWl%2F7k6iwVv4j4rKDaUu6u8mE0VX7PEgdnfQmUNbmxzICD83tptVyX3MEjTyAJUQNev9sQB6er0fPQBBMNhz%2FpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200d94c691b-FRA
email-decode.min.js
n.yam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 03 Feb 2022 11:10:48 GMT
server
cloudflare
etag
W/"61fbb838-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n42xdP6uEmQm6O%2FFEbccebMaoWAy%2FR%2FPhUDSRcPry2NYk4VrGEZXhtaUTuDmzDQDSInI%2FlUNlcjrgS%2BDTJbTJlU8Jw3NC4Ae%2BEaPXpwMuV%2FH4%2BmTn2fH01t0xkiR0QJb1IjSLv0KLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d994200b92f691b-FRA
vary
Accept-Encoding
expires
Wed, 09 Feb 2022 02:41:11 GMT
footerLogo.png
n.yam.com/images/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/footerLogo.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ce1f3c592fb1fa8ec36e24e94c7ee1078b7b5cce37aa1f2dfad408e48f7bc83d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
95889
last-modified
Thu, 08 Jun 2017 03:55:24 GMT
server
cloudflare
etag
"d56212fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5hbwaFUXZE80zpjBwOt98Lb6kGyzfTgU4zkQbeuijzj3TfRY4OtaJbISIWi453hOV2dlTpu09slX7H%2BkGt4OgV4Cq5CABxEG0LP%2BgvlYD1eSu%2F6O83ua7W9oI2049emBO%2BwT8jeyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200d94d691b-FRA
footerFB.png
n.yam.com/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/footerFB.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e0e2d7cefffb4d70cc26783bdb91ad8d563733ee196f63e5b99a870b14efd126

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
93133
last-modified
Thu, 08 Jun 2017 03:55:24 GMT
server
cloudflare
etag
"42473fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ml7JbBegyGRKtwHj3rf5YuDrEyxa7YjBfQNJJCuNeAM6r%2BkkWKPPA8vwng%2BvzcjTLrmPWJoTZtZLW2AKk2RXCHMJ4i%2FjAMvZ93gcyto5en9IRYVN1K%2BHghrHXJiEXbhn%2Fw3R9QANg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200d94f691b-FRA
footerIG.png
n.yam.com/images/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/footerIG.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3b3446a0e1254ba70508b10b7ea5bfbd60e42f22c1bdba89a421a72d25aed643

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
93396
last-modified
Thu, 08 Jun 2017 03:55:24 GMT
server
cloudflare
etag
"eb177fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvEk9mP2bqhZh8sp%2Fln0tb1i0a1UbAk3UAN9NVBHaLJRUA2zwB3icVkK9XGaFA1vvGk1m8nqXHITSJBmGbJUVq6XP8sp2O9KwaTZnetBWfDwPVDxUxcpEeHS0f%2BYK7566%2B6oD2u0Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200d952691b-FRA
footerHome.png
n.yam.com/images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/footerHome.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
95901cd872570c226a2a131e926a275006f1d37e2dfbda1e6d004b1b0d6a4568

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
93214
last-modified
Thu, 08 Jun 2017 03:55:24 GMT
server
cloudflare
etag
"1f435fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T61LPIUmnjE0%2BQmyhK8PeMpqp5zlIFRSKzi07zicR9gF10GzJ5MKJO5NXzwz83Gbfi%2BOGv3xfS%2BKLsWbbWYpV%2FFWoeW0Hm7M3wD6xtnF0UYnlz12%2F35XtKM7QBNJtbvNBqC7nr%2F5dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200d953691b-FRA
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0c36d5a7429cd2e2ca22ad8e991492327824c53f1fbfa22bb1508fb9087a0f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36959
x-xss-protection
0
expires
Mon, 07 Feb 2022 02:41:11 GMT
ResizeSensor.min.js
n.yam.com/Scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/Scripts/ResizeSensor.min.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
535c0cbf7d9ba30714479b2fbc3c5c6f8aac89d1aebe4280d1026d1fa29c7d72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Oct 2017 04:49:18 GMT
server
cloudflare
age
4836
x-powered-by
ASP.NET
etag
W/"4bb64b9f9548d31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMoXftsAQ58Kdx1Wz0NjGxEllsqmitHuiyzmSYgfsDyFLkZbZ8A%2FC73LOeDScHpQ3w%2BWHGPsiZEFYDpCMXZgdMmzmByEVhQ%2FRdTp%2FvlDsDGsfyAQCq%2B1wS559E3JkmeA55bdBYQNnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d994200c93d691b-FRA
theia-sticky-sidebar.min.js
n.yam.com/Scripts/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.yam.com/Scripts/theia-sticky-sidebar.min.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Article/20210408193290
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 08 Jun 2017 03:55:30 GMT
server
cloudflare
age
1706
x-powered-by
ASP.NET
etag
W/"c0d97612be0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBaJa9xp22Yb9mcRXAuLd9M%2B5Jy2uzC3dXdgarJFL37tpRsQuiQnwjtsmgfnwseEpbvdfBPO6Id2ffCR%2Fn%2BoLe4R43zlzDws95Fl%2F8JajlcPeqp%2ByulrdKP0ryRcKhgQF8gWXk%2FaKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6d994200d94a691b-FRA
sp-tools.bundle.js
player.ivideosmart.com/ivsplayer/v3/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
ba44cdbcfe1363caf6f1ab3bf350e9141ea3f893c6952e0dbb48537141e3bdad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2020 14:47:28 GMT
Connection
keep-alive
ETag
"c729bb1e2e66f3af22755e65d3218fcb:1611638384.708987"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
Akamai-Mon-Iucid-Del
1125181
Accept-Ranges
bytes
Content-Length
2186
yam_AD.min.js
admd.yam.com/JS/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admd.yam.com/JS/yam_AD.min.js?r=2740336
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.76.41.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / CSCWORM
Resource Hash
6a780c5fa5c99f71f5c5f711477fffc2e6c453995ce779d3f66a8d74c6983141

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
ETag
"805c12effdfbd01:0"
Last-Modified
Thu, 01 Oct 2015 04:02:05 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
CSCWORM
Vary
Accept-Encoding
Content-Type
application/javascript
access-control-allow-origin
*
Cache-Control
max-age=280800
Accept-Ranges
bytes
access-control-allow-headers
content-type
Content-Length
3861
Expires
1 days
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b8de92a24d18f8c52d07bef8979336e4f14834121bfae5c071fe430213247b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YA185oaFraGDj4WPAt76lA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 07 Feb 2022 02:50:47 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
en8RvSBII5vZNlzAk9k6nrtSeUhOgkDXRoh5olPYkpa/tz/df6y9I4AMh237/jUVhj2N82cYkx7en+Vg6e+2aA==
x-fb-trip-id
917726464
x-fb-content-md5
16ac7c91bc9e81f9e7f9276e77047882
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 07 Feb 2022 02:41:11 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"9d5a8de01c154881da8ad7f8023d6ca9"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
gtm.js
www.googletagmanager.com/ 		90 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TPVR9P4
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f637b8ad6844fc6e2b9db188f1113abd2895a07050649ab6884929fec86fd7ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35796
x-xss-protection
0
last-modified
Mon, 07 Feb 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 07 Feb 2022 02:41:11 GMT
menuClose.png
n.yam.com/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/menuClose.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b470a9ccb87f12a1e884dd7b83f52df6cbaabd71f89b9d844e94df1da9f76623

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
19726
last-modified
Thu, 08 Jun 2017 03:55:25 GMT
server
cloudflare
etag
"bcad72fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhxC4aiHTrPd553hYobAls4ykbJI8NRTn%2F5lvkB6Jp%2FvG%2F%2FgPdXD7UdyQ724eIoc7zRlJ%2BMpe4vukGCqONaMulO15je3e%2FjISl7dpzAh6GM6zD89DqDhIa1xy7au4ynGdifuiH7FYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e954691b-FRA
list.png
n.yam.com/images/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/list.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9d5cbcadd2608ad6a3d4736c41b799d5b02635ff9443c32282a901c1efe0e2b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
92135
last-modified
Thu, 08 Jun 2017 03:55:25 GMT
server
cloudflare
etag
"c3963bfbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9JX8sJWhQWAwmwitOfLGaDy7wsnnqmJgai%2FwCTs%2F6ExHsf82wO4vWu7xcZ879tc1kWaalpm1nMbfIXJ12%2FccEmnCtyatagysJ0f5u3wihVAEKmpR%2BmjZUc7itBnVJ5QdhnHR3wqLAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e956691b-FRA
topIcon.png
n.yam.com/images/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/topIcon.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
80b410ec29856b8a73f32c11d586a7fe30fb0398b485d41420144b217ccdf930

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
23452
last-modified
Thu, 08 Jun 2017 03:55:26 GMT
server
cloudflare
etag
"c7c3f5fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtfeIxCyT6pzI5OGs%2BP6V8jTttoW%2FqfsgldjNmpxb4co8XejFiYjhxhRADd4TeLnx9k4oWaWHrZyyNiTcVdgr%2BTkAk2qLJg5mG%2FcIEXX9O9c7kJ7HYcf%2FT5%2Fr7DPz3jQRB8rOV12sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e958691b-FRA
logo_3.png
n.yam.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/logo_3.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6c6414ec1f58ce4a0475014dd742c1382f163931d7ad64a64386027e1dd53faf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Dec 2018 03:35:41 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"e26dbe95b995d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRdkS3iB7MwoPxNxFlo1IArPoABJKAzoVar2WNiuGZIJv0uRz%2Fd%2Bt0hhtwxbZeXJy6OFO8uOBzuZfi0%2Bt07zpYvFOu9mJ2co5wnsUjFbEoZuCZuTMncSHfzCKMfhGw8HTmcD8dItiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e959691b-FRA
content-length
3155
logo.png
n.yam.com/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/logo.png?0803
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b4515b8f273639bb116e123e614d446918aca49d7216151885da47a90370e837

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
13410
last-modified
Mon, 07 Aug 2017 03:35:00 GMT
server
cloudflare
etag
"14d8e0252efd31:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41p%2Fg4MKXQ15KD2V6NrQZkU3sa3zo7omZ8mnFaOtkxL0jvJ1kINqxoTQwU4sM3cW%2FSjAn%2BWEoHvoLBiSOcpLj4ZhY6dHV8TekRV%2BUUtrwxbRxGnDyl%2BMdUYKHVkbpz2xD8UCakNlHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e962691b-FRA
logo_2.png
n.yam.com/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/logo_2.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ea4d8446159d1f71f8dad379c62fe855418b1a7ea0ecdaa5815fb72a8c8ea08c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
vary
Accept-Encoding
cf-cache-status
REVALIDATED
last-modified
Mon, 17 Dec 2018 03:35:41 GMT
server
cloudflare
x-powered-by
ASP.NET
etag
"e1b2b995b995d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2EiGu7IFXkGCUhymfoJhvCfPJGrRqsmNVXM3j3gt7huGFXG7tUdKlWga3QeuSb2ntZxnudkGQQcbbSDl8fisEJRt8Mf5fOXqsR%2FmOA3LK21oA4vJJc2Av%2BSpw20GryH29nd8fZH5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e965691b-FRA
content-length
5327
searchBtn.png
n.yam.com/images/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/searchBtn.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c99442f2685ab85f1219dc1da3b9ce48891300e612914f862d85f5ea372e38e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
92568
last-modified
Thu, 08 Jun 2017 03:55:26 GMT
server
cloudflare
etag
"1193c1fbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAcqnC4P0FbKyOdN6bTzLJyGlBbWSDOP3V5OtXxF8LgGsFRli0zQX0Ybp3LoFRPdpl4GvzdsoeN0TBuh5xZJPN0HjxgYbJ05Yh6r%2B8IjsUNaKgEgzWrJOUGv51jE71JhjDQeWNMH4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e967691b-FRA
weatherSelect.png
n.yam.com/images/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/weatherSelect.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
19e63a64055145811f19b89020689bb5230a3b8d957455044ddcbf4d7308fe63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
837
x-powered-by
ASP.NET
content-length
92271
last-modified
Thu, 08 Jun 2017 03:55:27 GMT
server
cloudflare
etag
"c2799d10be0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NaTHwrQeQuZpEuM9JIHzhP2Bk5da2vVYixJZ3o%2FTNoeZ5tHH8NFN3UBYb%2FALIf4xZBgKRYrNqUsRXXUDXmmEVNO4rLusUtJs5clil22jKMqzFr7EGZB58XXmUtqXtv6K690P%2BXzw6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994200e968691b-FRA
index.html
vote.yam.com/CF/ Frame 1886 		0
0
like.php
www.facebook.com/plugins/ Frame 234E 		45 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210408193290/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a312e4bf61796f18c8a913a17cb848b77d32e98cdc5418f94a0dd83739023ceb
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
MRGQCkrGpAz1rozXBi72/wdPT6lIm7pmkYq5GoyR9NpJR3BQ4zm84YscURO+FrjvxSd3xxxQPd4X2DXdSwf4Ow==
date
Mon, 07 Feb 2022 02:41:11 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
textBtn.png
n.yam.com/images/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/textBtn.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dce196c44d8bd79fea22e1c0419f9f56da0c70d65de227c00043ae1834282dcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
822
x-powered-by
ASP.NET
content-length
91837
last-modified
Thu, 08 Jun 2017 03:55:26 GMT
server
cloudflare
etag
"48f1dffbe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ox0xFCn9OPopNBJt1bQIFg53ESJyjLW317JyfPHrvCDq3tlE6lkxtSJldiXwbhw%2BaLNExDzRKWjVFz8Ik3KQDrvFNZT7zFuZKOmiBaR9DPBwUqfqqQJHuWpgYI8Gd%2BUx%2FzZ2usWF7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d99420139ad691b-FRA
articleLink.png
n.yam.com/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.yam.com/images/articleLink.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
536429eab51aaed2d0386c52000bbe9877a97bb7c825381fefbbdf2ae0c22007

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/Content/style.css?v0.02
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
822
x-powered-by
ASP.NET
content-length
20997
last-modified
Thu, 08 Jun 2017 03:55:23 GMT
server
cloudflare
etag
"e26d7febe0d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAodzuHu5yWWccNNm9OVMZbWDCbO7RoZSgj8VsUHDOBhMpNOaLfhESyt4dHBVs%2BOzvYaeLhDcQ036nqb7RZeD1glMgEDPuZ7PI71E2mJhpj7%2Bu3hMe1SL85c3MWWXOi6W45jzU0gUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d99420139b1691b-FRA
sdk.js
connect.facebook.net/zh_TW/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=dfd294e7387ad2ce6ccae73dccec59de
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21b52d38e72f291fba9fa4b02f6a2fe68f281f87ab8c73a53984cc163a0ed08b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://n.yam.com/
Origin
https://n.yam.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
e1WwXpXqnAMap7aRuMo+cQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 07 Feb 2023 02:30:51 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82144
x-fb-rlafr
0
x-fb-debug
uP5cqhHN19NdcFKCQ7DWQOUsyQ/gCi0/YUHEv9+BgXjOgr+eTuMk8Wyg3RK0G7EodS6wOeIaA98YIGlY04uwnA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
bea696a4d94caa936ff287cbefacad70
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 07 Feb 2022 02:41:11 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3d07043277d569ac4e2ac600bebdcd78"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
pubads_impl_2022020301.js
securepubads.g.doubleclick.net/gpt/ 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 03 Feb 2022 20:02:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283125
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122037
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 09:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 03 Feb 2023 20:02:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		1 KB
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=n.yam.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f4a615fdae8e2e26bc507686077d9f6b0432493cfb32e3a03828aca4c93c869a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
354
x-xss-protection
0
expires
Mon, 07 Feb 2022 02:41:11 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPVR9P4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27225
x-xss-protection
0
server
sffe
etag
"1124 / 469 of 1000 / last-modified: 1644015869"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Feb 2022 02:41:11 GMT
js
www.googletagmanager.com/gtag/ 		165 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a9397d2e32082fda51a48c97987d76738d6087c6cf92e6566b448370748e033c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62509
x-xss-protection
0
expires
Mon, 07 Feb 2022 02:41:11 GMT
OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 234E 		400 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210408193290/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210408193290/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 25 Jan 2022 12:45:17 GMT
x-content-type-options
nosniff
content-md5
uF0RL4E+h23ClLQmPOTTMw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
content-length
400
x-fb-rlafr
0
x-fb-debug
rbN5h1rmX8q+uwsrnFNc0Cxq5xdD5kpb6Ou73LmNdvf+WkTuiHfC+cjkE4R1YPPJvAmg7cP51TXS6MsyjQ/FEA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 25 Jan 2023 12:45:17 GMT
0Y4Rhm_-9wT.js
www.facebook.com/rsrc.php/v3iAxA4/yg/l/de_DE/ Frame 234E 		520 KB
136 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/rsrc.php/v3iAxA4/yg/l/de_DE/0Y4Rhm_-9wT.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210408193290/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
014ff211237f60ea59febe3d16b1c62411b191714f7d4c617e368cbb8642a81f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210408193290/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 02 Feb 2022 21:18:45 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HdOhrNjo1nibfuYxa22XMA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
content-length
138867
x-fb-rlafr
0
x-fb-debug
oHWZpAR0NUSGMgnSIo251gS3A3laFBGpxG94TVsv5Ip6qcdKbO5bT7r7sfRLyDdzGmJ4Oh8uOH97XMfUU+nBlw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 02 Feb 2023 21:18:45 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=n.yam.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=n.yam.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		110 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2713998075564391&correlator=500773500095203&output=ldjh&impl=fifs&eid=31064718%2C21065725&vrg=2022020301&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=21787810958%3A22074138688%2Cn.yam.com_pc_rightcolumn_11147%2Cn.yam.com_pc_belowthetext_11190%2Cn.yam.com_pc_lowerrightsideofthetext_11191%2Cn.yam.com_pc_belowthetext-2_11193%2Cn.yam.com_pc_mastheadabove_11146&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x600%2C300x250%2C300x250%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&dt=1644201672049&lmt=1644201672&dlt=1644201671760&idt=260&frm=20&biw=1600&bih=1200&oid=2&adxs=1050%2C710%2C1050%2C250%2C436&adys=659%2C2254%2C1259%2C3125%2C215&adks=612007488%2C4227949366%2C3012977291%2C3325937427%2C582681056&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&vis=1&scr_x=0&scr_y=0&psz=300x1159%7C760x0%7C300x1159%7C760x3472%7C1600x4163&msz=300x-1%7C300x-1%7C300x-1%7C728x-1%7C728x-1&ga_vid=314239862.1644201672&ga_sid=1644201672&ga_hid=1510179293&ga_fc=false&fws=4%2C0%2C4%2C0%2C0&ohw=300%2C0%2C300%2C0%2C0&btvi=0%7C1%7C2%7C3%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b488cc39842ffd22a5aa4fb06c2ed61746e085befd83791209ccc3d45408c4c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14773
x-xss-protection
0
google-lineitem-id
-1,-1,-1,5811040723,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138367334337,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F055 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Feb 2022 02:41:12 GMT
expires
Tue, 07 Feb 2023 02:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
analytics.google.com/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RE4LTMGVEF&gtm=2oe220&_p=1510179293&sr=1600x1200&_gaz=1&ul=en-us&cid=314239862.1644201672&_s=1&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&dt=%E5%8F%B0%E7%81%A3%E6%AF%8F25%E5%88%86%E9%90%981%E4%BB%B6%E5%8B%9E%E8%B3%87%E7%88%AD%E8%AD%B0%20%E4%BC%81%E6%A5%AD%E9%9D%A2%E5%B0%8D%E5%8B%9E%E6%AA%A2%E4%B8%89%E6%8B%9B%E6%9C%89%E8%A7%A3%EF%BC%81%20%7C%20%E8%95%83%E6%96%B0%E8%81%9E&sid=1644201671&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
343 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RE4LTMGVEF&cid=314239862.1644201672&gtm=2oe220&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RE4LTMGVEF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3978
date
Mon, 07 Feb 2022 01:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 07 Feb 2022 03:34:54 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RE4LTMGVEF&cid=314239862.1644201672&gtm=2oe220&aip=1&z=1535584008
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1510179293&t=pageview&_s=1&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&ul=en-us&de=UTF-8&dt=%E5%8F%B0%E7%81%A3%E6%AF%8F25%E5%88%86%E9%90%981%E4%BB%B6%E5%8B%9E%E8%B3%87%E7%88%AD%E8%AD%B0%20%E4%BC%81%E6%A5%AD%E9%9D%A2%E5%B0%8D%E5%8B%9E%E6%AA%A2%E4%B8%89%E6%8B%9B%E6%9C%89%E8%A7%A3%EF%BC%81%20%7C%20%E8%95%83%E6%96%B0%E8%81%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1186518797&gjid=1355583256&cid=314239862.1644201672&tid=UA-16227618-1&_gid=409756655.1644201672&_r=1&gtm=2ou220&z=1641639175
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16227618-1&cid=314239862.1644201672&jid=1186518797&gjid=1355583256&_gid=409756655.1644201672&_u=YADAAUAAAAAAAC~&z=640109152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 07 Feb 2022 02:41:12 GMT
content-type
text/plain
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
17.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/17.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
63649b0266963dc62ef62f4f019da966ae28076f19d7d6b97244a9400cbed560

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2020 14:47:27 GMT
Connection
keep-alive
ETag
"96ec5f5fa0d1d772c995175b6b1b3b58:1611638368.698373"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
Akamai-Mon-Iucid-Del
1125181
Accept-Ranges
bytes
Content-Length
2756
yam_tw.js
api.popin.cc/searchbox/ 		201 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/yam_tw.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
a0bb23f0a426f87ab98c8300fa03a131327d6fc5d5d6d1e17a4afcb475d5252b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 13 Jan 2022 10:00:12 GMT
Server
nginx
ETag
W/"cbe62a582f8e7eef2f98c65b382d0b01"
X-Cache-Status
HIT from 10.252.55.44
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
04ejmodLWTPMxQM_nSnt4bkoSTB2HefT
Expires
Mon, 07 Feb 2022 03:41:13 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C34) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1252
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (mil/6C34)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f8b31dbd-401e-0009-1ec9-1bada6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 07 Feb 2022 03:11:12 GMT
/
weather.yam.com/API/GetNowWeather/ 		162 B
525 B 		Script
General
Check archive.org
Download Go to
Full URL
https://weather.yam.com/API/GetNowWeather/?callback=jQuery1113007346219288204558_1644201671813&Country=%E5%9F%BA%E9%9A%86%E5%B8%82&_=1644201671814
Requested by
Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / IMKEVIN
Resource Hash
b54a654e4217dfdaea2128cda6d60cee61ebbb994594d9f6b26ddea0e649d0d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-aspnetmvc-version
5.2
x-powered-by
IMKEVIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fwfuhX85UqD6UXCvC6IQbWT%2F8kgM8KGNlIyyjlfcrcTKEdw2cpCujiDvPztwOuN9gbP%2FnSnpqC3%2Fi0rl9mUwbR4cIaOdcoq0PaIq6W7YlCt4BZ8z31DR3%2BPItPB3Y4%2F3lTZZOWkAfzDyIz9CPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
private
cf-ray
6d9942034bf4691b-FRA
x-aspnet-version
4.0.30319
index.html
vote.yam.com/CF/ Frame E557 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vote.yam.com/CF/index.html
Requested by
Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
296580ed43f86df1adf09c8f7f110abbe7d7f4773804fff85e72e74efe23e9f0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

Cache-Control
private
Content-Length
1231
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-Xss-Protection
1; mode=block
Date
Mon, 07 Feb 2022 02:41:11 GMT
feedback.php
www.facebook.com/plugins/ Frame 7998
Redirect Chain
  • https://www.facebook.com/v2.9/plugins/comments.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_...
  • https://www.facebook.com/plugins/comments.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas...
  • https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas...
134 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=dfd294e7387ad2ce6ccae73dccec59de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
99c655b2b3de05c3e42e1668660a4f525f5fc477ce21380937195db3768cc965
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Bav9BkrPnHOgmIq/x2KIRS+bfIVEKvbq+87kdsZUq0Be/mmYrEZbAvcsuK3VCX6neDXLWpnfThA4Wv3W3kYcOQ==
date
Mon, 07 Feb 2022 02:41:12 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=0

Redirect headers

location
https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
OIEgj9GwYyja3/VCdAdc8okYxqzQNstnZiCfSC0IPgb/PURbaS6GL/dtHDlk9R1sZ2BqfcKw+iTGf6JTaskTXQ==
content-length
0
date
Mon, 07 Feb 2022 02:41:12 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16227618-1&cid=314239862.1644201672&jid=1186518797&_u=YADAAUAAAAAAAC~&z=1670131498
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16227618-1&cid=314239862.1644201672&jid=1186518797&_u=YADAAUAAAAAAAC~&z=1670131498
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		313 B
888 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/20.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
088918082f62717d37a1d62e8a251e9a4e10d036090fddbbba37ca7bc03335fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
X-Amz-Cf-Pop
ARN1-C1
Connection
keep-alive
Content-Length
313
Akamai-Mon-Iucid-Del
1125181
Last-Modified
Thu, 09 Apr 2020 14:47:27 GMT
Server
AmazonS3
ETag
"6119b2ac9d0a088fcb9b2aef09798137"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
6R4qqR130-ll1fjDrGM5XXzoGJa91wT9V3JDaay3IN2lmWG8VWNWvA==
1.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/1.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
a4ac0fd75bb413471276f5f9b2a919915a2eff38553fb71b72222cf562831488

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2020 14:47:28 GMT
Connection
keep-alive
ETag
"221846096397a0c6f61270d77debdb3d:1611638352.595942"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
Akamai-Mon-Iucid-Del
1125181
Accept-Ranges
bytes
Content-Length
5365
container.html
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 05B6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Feb 2022 02:41:12 GMT
expires
Tue, 07 Feb 2023 02:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DFF8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Feb 2022 02:41:12 GMT
expires
Tue, 07 Feb 2023 02:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BC53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Feb 2022 02:41:12 GMT
expires
Tue, 07 Feb 2023 02:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 08E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjEObT0fJDprESn8MzhrsDXkgoI0kZreLyxV3bgrmzH1NumDxF5HoYwj3HYffve8qLmlrnzq6BdfxFs03cNba4JqVfG4SbMJxqZfjxL3qL5i5shpqvznt_uRiU82bQK4z9BhQONDHSFUdPWneEqWVUn7J3yM1CHZTQL8_bwAJrzK6UuFOrT4jIgpyC-MgEUDTBcz0sIo9CESbQ6RsE2fK9baXr2DPhJPHNmILrBGIMJ4tzyL55Cu84wRYNu-D59kNWZEWWioVfnKMN4FrVzsrZt7z0svjRNGI3aPEX8x7HNtYKTEN9FAtrC-a1lOSN2kQdnbT7kSf6zLFp&sai=AMfl-YTyozT89Gtfv2ronqVbgBn19h5G4ZdF4NwYJdB1qxRHyeEFoNTwIeROynBSmLNoOU_FmdtPYIO2g5UQ9SK3_lHU4MsB5svrQMTjZBhtxCgIBKlyN0IkF64MloMxsmtb&sig=Cg0ArKJSzIkujQ4zvpiEEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 07 Feb 2022 02:41:12 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 08E3
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd6d5dc5139d523200d4a7517286c8feb2c981affd3c0a72e6d785dfdabb771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
877
content-length
43278
last-modified
Mon, 03 Jan 2022 05:41:22 GMT
server
cloudflare
etag
"61d28c82-a90e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kztsCdClXue%2Frxu8Q9kRa8BiLjbw7F4WlAM38Wr%2FXlmxqboXt47esfPfFN4wiPVwi5Il5POEX%2BZpaqOH4GjuVBSVKskkf8pli6csZijHRNs9Z4W8y6Lt%2BE0OLfEqK%2FzeDXboOhBZo2ntzmdGpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6d994207db8c83a3-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 08E3 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 02:41:12 GMT
container.html
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A56B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020301.js?31064718
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Feb 2022 02:41:12 GMT
expires
Tue, 07 Feb 2023 02:41:12 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
12.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e70d938561bf4d2cc26cb6f7db5634c5c1cc7c5f2c21fa330185739cf07e126d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
ARN1-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
12099
Last-Modified
Thu, 09 Apr 2020 14:47:28 GMT
Server
AmazonS3
ETag
W/"cdc38c354b8c2f290e9f37de6f266cc4"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
Ar2USzsJwyzSvl42hr3qBfXDSV6SdFSZ1I_KXVd7ycjaoK9R3yxmRg==
11.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/11.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
20b7efa85f61ef7ed2b2a29f97c40b2d8c698442e6671058ef3af71ed882b104

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2020 14:47:28 GMT
Connection
keep-alive
ETag
"71a845966ac857cbd92eb36c3ba42ffa:1611638355.504319"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
Akamai-Mon-Iucid-Del
1125181
Accept-Ranges
bytes
Content-Length
6892
4.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/4.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e39f4d0766632aea74b7e75ca572ac66208ffbce5582069a9c1ef9ebbe69d0b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
X-Amz-Cf-Pop
ARN1-C1
Connection
keep-alive
Akamai-Mon-Iucid-Del
1125181
Content-Length
4759
Last-Modified
Thu, 09 Apr 2020 14:47:27 GMT
Server
AmazonS3
ETag
W/"06218dda9acb30194dda4bf39e9562a2"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
3K23O1M_NE2TAsT331rJzR_qd03ggQbmDIGK0r_Tefht2f2zBDVTZA==
adview
securepubads.g.doubleclick.net/pagead/ Frame DFF8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVUwKyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEkQJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMYqGQWYmQW5zWeIQNWqzuAYxvvrsbOcXi3RCHbImXHBnmp1_8FP_gBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzEwODUyNjA0MzM1MjU0GK7fbw&sigh=swH83v-i-Rk&uach_m=[UACH]&cid=CAQSPwCNIrLMKr-cbxSp1s21jEoDyD3ON66hKeyxnbRjjWE4_S854LZd8DFuuedccwoo8L1p6j9OXpt4Ttyz9F9TbRgB
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame DFF8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UqW_EMc1rAL6AZ2DYgICAAAAx3PQ06WMsQzn_6NPEMeGAGLtwmGOY7LOlu-aYgAS&wp=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
server
Kestrel
server-processing-duration-in-ticks
158888
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 99F8 		200 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
37b0c310b8588d36ea8c3523528731c1aa007efd01bc6eeff67c0a9373de1a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Feb 2022 02:41:10 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8FxS7uF2oFlH304iPlFHWxMlEBsvyrLr4YydjViqJK5T6a45APduCvedA9eyLvTgNkCJIuae9X1zN0gIYjFW1ptMnq9zcsmNKGfNFucPQUnlReU2eQZ-rGDMuzy3CBzsphMG7NEbmDHSVh4UzSiKpJKPoq7mp-sFw3qEy_mEkph0znKBdNvigzFPUlAObC-kVVBx6P8PeJ1_ijF2aF2YwfSJwjzT4OJD_exOTvxRELx7TxB5cHGF7owNORc"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
79590452
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame DFF8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 01:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 01:53:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DFF8 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 02:41:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame DFF8 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
12229469669374805284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 02:33:37 GMT
l
www.google.com/ads/measurement/ Frame DFF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTt_Xfq5aFOLqrDbHRUad-SsinF_6shLMaiZeDxguDrSoHOnEiZmRVs2oGo0GHuFlq4-SaKj2J__6W69z0msiRc2DtemQ
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DFF8 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 14:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 14:03:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 05B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSC7WyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEhwJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP-G8zh0bkGgQ-XCmC5kgrW9f-DWCLIcM5vuFCQjJJbkJ6Vem-ZqyOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTA4NTI2MDQzMzUyNTQYrt9v&sigh=HmpJfylnAxk&uach_m=[UACH]&cid=CAQSPwCNIrLMKr-cbxSp1s21jEoDyD3ON66hKeyxnbRjjWE4_S854LZd8DFuuedccwoo8L1p6j9OXpt4Ttyz9F9TbRgB
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 05B6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEo-lBKwC2ASdg2ICAgAAAMdz0NOljLEM5_-jTxDHhgBiMwDjDgqm8YDqUp4AEg&wp=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
server
Kestrel
server-processing-duration-in-ticks
275763
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 4A3E 		47 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
484e1ade8644fbae375deb6a8d759868b28120a4bfa22271e7256f065d969c1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TdGcT-F2oFlH304iTiz4DAqN3N4THfGDdrPLcyPl-8rodHpjk11emHHx06sYp7E30CFBOhS1mohMGqY24N03Gcef2LbAB_NXFb2gn6FK2XQZqfSV_6n8Bf51iuwWSUc_FTPZHo1w-amCSJ1_y1M5jW45NlS_CST8yEOiGat5Frs0QC8dUtqLUJCOqNRFzrkmP8f380oWYDc_xi7AfGjAg1xTc1xXc-HrZL99H-oegyQDqRDriV9hMuk6Vt3p8UUnQ3g91g"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
4968687
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 05B6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 01:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 01:53:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 05B6 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 02:41:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame 05B6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
12229469669374805284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 02:33:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 05B6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 14:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 14:03:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BC53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRNfKyIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnAJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3gWbRhWgZ5F7mMrabI1dMv3gGD_8AxSLhB-C0sN_KZY0w8S-bimBeAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTEzMTA4NTI2MDQzMzUyNTQYrt9v&sigh=AYvxq-ISlsc&uach_m=[UACH]&cid=CAQSPwCNIrLMKr-cbxSp1s21jEoDyD3ON66hKeyxnbRjjWE4_S854LZd8DFuuedccwoo8L1p6j9OXpt4Ttyz9F9TbRgB
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame BC53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEsc1rAL6AZ2DYgICAAAAx3PQ06WMsQzn_6NPEMeGAGKtH1ry5R0rRuvNpgAS&wp=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
server
Kestrel
server-processing-duration-in-ticks
221723
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5D9C 		47 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d95f012777dd8b2dd121ce32ee1f1469392e0324cd983f1e8077f86b607d2773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6J9qVOF2oFlH304iGgXkOJ8oF8UqFTgvrlbKSSy020l_nrRhEfJm6jOQxOwK12oEeUTAqkkBuSg11s6T8v88zqRzfzy7JK4gQ68RP1tocRye2q_STS4Po4jkOFTt2KtLns_Jz4MArmQaV1pB7lyFBnQMR128XHla9vY3W_xQbUeXwMkylzm3AKwrnW7sEUCOGkW9r5EvGtvdetIhO5-xkQL9Ze8cR4h17RjbvW5aDMMSPHl79A7-RpiQSspIpImcg2CHxQ"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
3567222
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame BC53 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 01:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 01:53:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC53 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 02:41:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame BC53 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
12229469669374805284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 02:33:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame BC53 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 14:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 14:03:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A56B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBYZPyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiAJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woFshQEkod2X1hFJ7T-N5mlYzPp1D-3dSHzDFOHzN3Y-PyiAzMuKjgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xMzEwODUyNjA0MzM1MjU0GK7fbw&sigh=aM2oXTElMjA&uach_m=[UACH]&cid=CAQSPwCNIrLMKr-cbxSp1s21jEoDyD3ON66hKeyxnbRjjWE4_S854LZd8DFuuedccwoo8L1p6j9OXpt4Ttyz9F9TbRgB
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame A56B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEsg12AVanYNiAgIAAADHc9DTpYyxDOf_o08Qx4YAYr-vydjpRZ8LpGRpABI&wp=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:11 GMT
server
Kestrel
server-processing-duration-in-ticks
301726
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3D1B 		44 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
777d9ba97f71b58516554830a448987a1f8498931acb677792265beb5ceae646
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=OmDLgeF2oFlH304icwzthxCrt01KMY2dLuVjKmtwbrw5St35uZYqTtqw_hcFoOhJld7Srb4e7i7c0gpSwDE71quzo8Sd5Y_rISShTx8pwip_8V2Qr5sQVhsFH7wX3MaDVaMTGFg52NRGIZXBCBJOzihwktMqrikWcj8XsIqveiNDhm5GU1s9JqQz4LAc726dwHvjThMV-FjvEvJ8k5X1qvYfraoob5BC3EhuoVDuFzf9Bt48GHIyukWJstvBpHSrW7HIxbRTAX7MgIju"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
5127747
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame A56B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/window_focus_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 01:53:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2833
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 01:53:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A56B 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1643806174374025"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 02:41:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/ Frame A56B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:33:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
12229469669374805284
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 21 Feb 2022 02:33:37 GMT
l
www.google.com/ads/measurement/ Frame A56B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT7UBtq6ip4C8t11TQAM5Bo2waVGZWQJaS0BslXZTSj-x7zBPrcwBrgY8NeOnLKQdUJpmwKO3-mtEqrqSqCuW_wgRgZAw
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A56B 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
URL: https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 04 Feb 2022 14:03:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218282
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 04 Feb 2023 14:03:10 GMT
1pcBuxvQw2y.css
static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/ Frame 7998 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/l/1,cross/1pcBuxvQw2y.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ddcf5079938afa282f4221d58e7dbaf18b4540b4ab5783995a4c5be8c0d6d3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pUUtytX8jmucZE9Ftl52eA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
11489
x-fb-rlafr
0
x-fb-debug
lx6W/cUERIveMvjhcO6/VnE033ZsL1EkPcIkxMrKUqgkh3Q8XDFCEojVK0k8OAFhi3tIMQRzWConz7It7Var9w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Mon, 06 Feb 2023 18:10:41 GMT
V0h2-P0LqLF.css
static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/ Frame 7998 		125 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9aafdca8db8d8ab1bb303bf8af5a0c1eb26977f36ab4ad6801ef447b7b71daa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wO0Y/fGms0+yI3PlX0dfvw==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
20381
x-fb-rlafr
0
x-fb-debug
t2o7grfBRfdMcjU9Swej/1dcMrDcouNggO7ghAbzspVzvz8aRY2IIln3fnfBysZQKFOX9Sf5r6V4VtcXZuLYSw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 03 Feb 2023 03:23:04 GMT
45LapIJFFqp.js
static.xx.fbcdn.net/rsrc.php/v3/y_/r/ Frame 7998 		307 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y_/r/45LapIJFFqp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3b095582926d785ec101de15de7cd7310e8c3961a2a9101cf1aac3f90ef2d9dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Iyn3V19JQR8hbEKrIU0XwA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
84331
x-fb-rlafr
0
x-fb-debug
2QOfeoRxaP1j85QwZKOg1Q4rzoqfbfSJgLTu2wgAS6TWS9DF+7tVm4ZmDGECEKCctfORa6y9OdJnT5E1+pyjeQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 02 Feb 2023 20:21:43 GMT
YQ0AQWVm93U.js
static.xx.fbcdn.net/rsrc.php/v3i63m4/yh/l/zh_TW/ Frame 7998 		158 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yh/l/zh_TW/YQ0AQWVm93U.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bc13afc32c81c66b102a63a2c672cc4ab9a3338964e3e32c8f17f8cc5ab0db49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2bhhKWXqEwq03/MgbRhLCg==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
44995
x-fb-rlafr
0
x-fb-debug
jQ7kUnMgJXNwOI+JowrqXjKIcY2Nuhtpl7WR3/yjmSF8FrJ4p4wh36cjEhRsB0wm9EFgZsgga1NGu3xrQuglWA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 27 Jan 2023 10:17:31 GMT
XwBBMjoHXtv.js
static.xx.fbcdn.net/rsrc.php/v3iv3a4/yy/l/zh_TW/ Frame 7998 		1 MB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iv3a4/yy/l/zh_TW/XwBBMjoHXtv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a99f9f1c9939b5174008575d44dca5c126d7ec9438430ceb3537e354d29e6a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
SLQzTSABIkfV/LIMtlhHzg==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
341251
x-fb-rlafr
0
x-fb-debug
qiqY3eNk4kASQPuGo84UExWbSyrjtCOTo4PC8Q5aAXLKsEogTTy2Jh1nxSmWpwBVCxCtUbUwUfYMWHZKrfOKTA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Feb 2023 19:26:13 GMT
RICrecDQjt5.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 7998 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
/OU5RA0NY50SIBcbFH/cGQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
8493
x-fb-rlafr
0
x-fb-debug
h+LW1NGEKSZtutjjjJA5ttL/tdr8O8eXlAcs9gbTBRBh//2kSQGKGrCpixfq4dfTrofjU4zm5BYh10JRq5Ii7w==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 02 Feb 2023 21:13:03 GMT
fkhasSJxDC6.js
static.xx.fbcdn.net/rsrc.php/v3iAHa4/yz/l/zh_TW/ Frame 7998 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/yz/l/zh_TW/fkhasSJxDC6.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df157495ef426c58%26domain%3Dn.yam.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff35fc8f3536524%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&locale=zh_TW&numposts=5&sdk=joey&version=v2.9&width=760
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb6edda44b62692b7e6c1b810291c46162b99c1f0c6228ab2a187b7d1072d026
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
K85fmOH6FJbURLCYkOa9lA==
document-policy
force-load-at-top
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
11794
x-fb-rlafr
0
x-fb-debug
7SboXr8m//4JGqL0Ger/RyMLsGCGgVX58UN2sDsqjdU6opHkQVCq04br1Cb7XysV6SGOh4+DVtOXAFt1i1uXCw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 26 Jan 2023 18:47:34 GMT
truncated
/ Frame 08E3 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
516fed5a83f65f5b5a9910b0280ed17d26e8a49da27c040b5365a2a199e428bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DFF8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7330d5c4be45574f4ade6ba316484f31259b4289890104243d39ebf00668f81f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://n.yam.com/
Bugsnag-Sent-At
2022-02-07T02:41:12.695Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
5a1b4843624276a4f4c992765be3024f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
via
1.1 google
alt-svc
clear
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://n.yam.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
content-length
0
via
1.1 google
alt-svc
clear
VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 7998 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yJ/l/1,cross/V0h2-P0LqLF.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
x-content-type-options
nosniff
content-md5
VO922XrIvf6dPbMlbETwCQ==
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
257139
x-fb-rlafr
0
x-fb-debug
n7cOeSbOpn5lo0llUwuL8LAvd4I5wQZxC/fvMdZVGTw9SjanTHlt+Nrp4siZyu7chFDaoqRVPHprUa9p8lW3Nw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 31 Jan 2023 18:04:48 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5D9C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5D9C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5D9C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Feb 2023 02:41:12 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 5D9C 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 02 Feb 2023 02:41:12 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 5D9C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=kSHOyloP_H7J1_x3E8eUhKiuzOnDSeEReb1St5pcfIq8LAff6nKTH_7Ms_lrdryYftJOemhQcXdmMAhyjCuiBp7L1nA5fQxQtWZtrQbuwaOkh2iNbb700qLtdXq8qWV_CPKd-gMJ4RQL_-aPLi-zZf4mlXnB1ESoQEjNy3nZVZfuOKJY6k3oejD2N-u9yMiVI-JK9lQ4sBH3wonJ5r2a20tl4NMfB4WwbcVLjOXxQAUr_3IhtTaUaATAXJcpIBydal5sl-Vunj9avix_f2KBFlz5QDM4U3jm39HdDcbLuu1FiqxBn9sxtkoYWHHHdxUo417RL59Yeb_ORkQOEpXu0aGmV19Q_sfKK7Vy10o0bpXFOwusNugNcsL2Os7nYANNDOkqUcvbP8XXB6mhDXWlG90tbQZ3zXTk1PZTE1w5vLMUeggNbBe6gENY8o7WPJEky6DVEA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1755043
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif
static.criteo.net/design/dt/90764/220105/ Frame 5D9C 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220105/b0136391d4ea4d4a997f7f03dea470a1_image_ad_300x250.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 05 Jan 2022 18:27:39 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61d5e31b-41466"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
267366
expires
Thu, 02 Feb 2023 02:41:12 GMT
truncated
/ Frame 05B6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363ed390a3b95ea41077424abfe9c13970ad19f341d4efd82783f727c2badfd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BC53 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dae344cbb0c104b69b92bb0e75784b707174fe72c620a5d01f651ede91df7ef3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 4A3E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4A3E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 4A3E 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Feb 2023 02:41:12 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 4A3E 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 02 Feb 2023 02:41:12 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 4A3E 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=RPBpVVLwSBEDrNcMT-nywS5IngYFgdBu1kTV_XvGJZvYanF-KY2ICT7jzYMOMqypihchjXzWU4y1RIkgQ7aeyVETq9Sbtpfdbhizk4I2v4RQxdX_-DRZbmh7cCppwI3ej6HLbiJhSfjw1e4ZGZfkK2k0at-vB3V64_K7ZYf6rRROUT3qIlbXYTUBDcq27_qoGAlEpE6DTsX4mcXd6trnR3oGtUdkKDFyMQ6hZxrSKHXf3owksRllCZkBUlTIOw51j-xf9MtkJdQae5CRlSofF-UEyHJZc9wjgpFv3ghLeOQ4v54cVEpKOh6WIMT4-1HrqWIZ4xPLJcNnnRs1Ac9TVyqkRBVvwU6j7AZBg6FGlvanjlp8fkK4zpq0QRsw6ku8IDuN58Rq2YO9sDOtDtByzcPN4yEhjbIR7ipp6DM4jqPbOjjT5XhxifB6qtVOnj-MoevOdA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1735277
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
ddee6f86ab554a06a69ed71a64b5e8c5_image_ad_300x600.gif
static.criteo.net/design/dt/90764/220105/ Frame 4A3E 		184 KB
184 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220105/ddee6f86ab554a06a69ed71a64b5e8c5_image_ad_300x600.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6168af066c2e390f9ff5ccdeee66bcde4a7e16ef62cd6bacaa6e8f77815c37d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 05 Jan 2022 18:27:39 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61d5e31b-2de96"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
188054
expires
Thu, 02 Feb 2023 02:41:12 GMT
truncated
/ Frame A56B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
049ff5e6815dbfcfa8297c87c07b10182edce1c23a5d3297326205ec952e9c1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3D1B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3D1B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3D1B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Feb 2023 02:41:12 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 3D1B 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 02 Feb 2023 02:41:12 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 3D1B 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=XzCBgYXfPS4edCvH-jNKLMJPHXaSvqpowiPIVs65I-tnYMktsQdzn9nNd3aPUwixzdHyNo0meFobpAaby-2slAuRwj2ZKQ42b_-LP2tUN3tyYQh57CtW1HMUDInrtg37aWGtZZszV6nK0lvCU3oCJMBQIzX_PhTEE85JilGDqPNt2UmYdgRceEezkkUvGTb8l95dDeRMunNgBJqqVXvmEzrqZRA9RzylMooBIMCmtQ4dXWZAVTIK2_Ryh2AnkHGcmr5Ffkdys4jvsbTyMS69ckC1_jTAajHzgr2FIn6Xj_OkTHBUsr_NEym7GKawg_r_l0pQ3YmCDSFJH7hkEQrl2UFF2GjitwBKK4aDzNfAtUWL7U9hkUU7GjnDj0WTuicmvOx_xjyIVXBd_6YMY7MrhwMcUZZxp9Jh9B7xYoP4K3lDrq73gS8YDj3U5Ghs910mFek0xw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1938764
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
de7ceb82d2b34a9aaa87b9198d2d2b2c_image_ad_728x90.gif
static.criteo.net/design/dt/90764/220105/ Frame 3D1B 		431 KB
432 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/90764/220105/de7ceb82d2b34a9aaa87b9198d2d2b2c_image_ad_728x90.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
6a5a94d0b2fb606a853bc24347234da9e31ecca4a6e35841c6a2443833fdfc30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 05 Jan 2022 18:27:39 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61d5e31b-6bc67"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
441447
expires
Thu, 02 Feb 2023 02:41:12 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 99F8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 99F8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 99F8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Thu, 02 Feb 2023 02:41:12 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 99F8 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Thu, 02 Feb 2023 02:41:12 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 99F8 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=klmbqn8WJ7ScdiDVDfcN1PeaoUC-ZzdYoJrZRlNBbw7z_Bjgqs05RyuReU9QYQW2CoOoMQ1MENdwj-UPtFkMMwhIbm3DfFrLSxnGxiMU_cMWjyZNT0q_uyKKHjpAWaRF8egohyaLWyUZAgIO38oqNcYbbvT7aMDFynZk8rIu0cARRhAOYiucHWBEOxL8mh2J0Uae8fuTWzDp-1ncJek22YMlT2Ipcxr6hWAU5ksgOsJGNCl9SuCOszGvaALLouvOwmtEC-m0n1hiQFyg8bmVadkkDyDZMOma2wSHpTd7_9oXwMmI4uDW8Ydn82mDCVjB5ElcbWMWt-Q3TfB-_xcFbZyretieEeShwQBekf8_3s6c6xLOnQm9qacAKPrUL_lyTuX-I_llRoc4du4378-4BuAzsMaEGH__AZcd23w11969td4HTFNMFVmPr0huc9hGPOqA5Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:12 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1854072
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.eu.criteo.net/ Frame 5D9C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6J9qVOF2oFlH304iGgXkOJ8oF8UqFTgvrlbKSSy020l_nrRhEfJm6jOQxOwK12oEeUTAqkkBuSg11s6T8v88zqRzfzy7JK4gQ68RP1tocRye2q_STS4Po4jkOFTt2KtLns_Jz4MArmQaV1pB7lyFBnQMR128XHla9vY3W_xQbUeXwMkylzm3AKwrnW7sEUCOGkW9r5EvGtvdetIhO5-xkQL9Ze8cR4h17RjbvW5aDMMSPHl79A7-RpiQSspIpImcg2CHxQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5D9C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5D9C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
all
csm.eu.criteo.net/ Frame 4A3E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TdGcT-F2oFlH304iTiz4DAqN3N4THfGDdrPLcyPl-8rodHpjk11emHHx06sYp7E30CFBOhS1mohMGqY24N03Gcef2LbAB_NXFb2gn6FK2XQZqfSV_6n8Bf51iuwWSUc_FTPZHo1w-amCSJ1_y1M5jW45NlS_CST8yEOiGat5Frs0QC8dUtqLUJCOqNRFzrkmP8f380oWYDc_xi7AfGjAg1xTc1xXc-HrZL99H-oegyQDqRDriV9hMuk6Vt3p8UUnQ3g91g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4A3E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 4A3E 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
style.css
vote.yam.com/CF/css/ Frame E557 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vote.yam.com/CF/css/style.css
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c45efbafbdd63225cd5d53367a7764a9b1c495e496ad5628bdb1d0b9a585d830
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 06:15:26 GMT
ETag
"0d310466176d41:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
867
X-Xss-Protection
1; mode=block
jquery-3.2.1.min.js
code.jquery.com/ Frame E557 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15283"
vary
Accept-Encoding
x-hw
1644201672.dop219.fr8.t,1644201672.cds280.fr8.hn,1644201672.cds133.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30125
jquery.devrama.slider.js
vote.yam.com/CF/js/ Frame E557 		51 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vote.yam.com/CF/js/jquery.devrama.slider.js
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ffd2a11d59a7fbb41a2008eb97336977f9f37ebe8156cd8adc4a9ac24b96dc78
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 06:15:28 GMT
ETag
"0042476176d41:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
9412
X-Xss-Protection
1; mode=block
all
csm.eu.criteo.net/ Frame 3D1B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OmDLgeF2oFlH304icwzthxCrt01KMY2dLuVjKmtwbrw5St35uZYqTtqw_hcFoOhJld7Srb4e7i7c0gpSwDE71quzo8Sd5Y_rISShTx8pwip_8V2Qr5sQVhsFH7wX3MaDVaMTGFg52NRGIZXBCBJOzihwktMqrikWcj8XsIqveiNDhm5GU1s9JqQz4LAc726dwHvjThMV-FjvEvJ8k5X1qvYfraoob5BC3EhuoVDuFzf9Bt48GHIyukWJstvBpHSrW7HIxbRTAX7MgIju&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:09 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3D1B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3D1B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
481598564da646f69bf741ec80763656_museocyrl-500.woff
static.criteo.net/design/dt/ Frame 99F8 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/481598564da646f69bf741ec80763656_museocyrl-500.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Jun 2018 08:44:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b349ff6-b5a0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
static.criteo.net/design/dt/ Frame 99F8 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/bc5d9888511b477f8bb2e25a5b427f52_museocyrl-300.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 28 Jun 2018 08:44:38 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5b349ff6-b498"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 99F8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1164866
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PilFx7wW%2FI39bQSDc1lxCgz1dONd2TP44TFxJrawtB6Itl32CLVMLgY0p6Zl%2Fv%2BYkAImCYf2z4YTpKZ6J2y6ac5zZpYHcD8ojGJ52zt%2FrgY2twwb9LL4bJdvhmqr1VTdIHQmxeP8nzG3TF0ufKpYurvp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6d994207d9a93745-MXP
expires
Sat, 28 Jan 2023 02:41:12 GMT
animejs.js
static.criteo.net/animejs/ Frame 99F8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
f.png
weather.yam.com/Images/status/news/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://weather.yam.com/Images/status/news/f.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:2d58 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
24a0efd193f41e0a7ced33123901e02bf5fb80488ee228d67f8975701c0a6f78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
836
x-powered-by
ASP.NET
content-length
1981
last-modified
Thu, 18 May 2017 09:27:41 GMT
server
cloudflare
etag
"4a8cbcffb8cfd21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUFZiVCdSJRiD5MGXknQWTkLscJljLzH2nA7mk%2FiuzHeGTubYdwPsJdqbxWfIEq7kopW4wVs0djEWpoU5CvShCE6Owc9bJyOetghXWa1uUJWOiE69tuamju8Oy37%2FqIIo2nxsn3bDlK0%2Bdo92g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6d994207a8b1691b-FRA
9.bundle.chunk.js
player.ivideosmart.com/ivsplayer/v3/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ivideosmart.com/ivsplayer/v3/9.bundle.chunk.js
Requested by
Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:5f80:a::b212:e7c3 , Russian Federation, ASN50952 (DATAIX-AS Peering Ltd., RU),
Reverse DNS
Software
/
Resource Hash
a0682a63b832d3473c0eca3dce6a3b09909c0deb86eb24df79d766221e37b5bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Apr 2020 14:47:27 GMT
Connection
keep-alive
ETag
"68fe73af4e8d07add176403af71b4107:1611638356.930142"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
max-age=2678400
Access-Control-Allow-Credentials
true
Akamai-Mon-Iucid-Del
1125181
Accept-Ranges
bytes
Content-Length
5083
3a86e42e8990404ca7a86210aec20dd0_cpn_300x250_1.jpg
static.criteo.net/design/dt/3018/220127/ Frame 99F8 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/3018/220127/3a86e42e8990404ca7a86210aec20dd0_cpn_300x250_1.jpg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
727ce04fc54091e26bbfafdd442febd1d3601d5f0dc83fe42957cbec9d8c7c76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Thu, 27 Jan 2022 14:45:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"61f2b008-31f7"
strict-transport-security
max-age=31536000; preload;
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
12791
expires
Thu, 02 Feb 2023 02:41:12 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=132&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Ffd60b42c500a47969d666715f9e0f7e9_logosin.png&v=3&w=596&s=gcjJ2CuOjIVAGCqaQzxn8lvM
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
b2029a1bc6f7724ad7f03be9e4c51ba10227802dce468c7c995a9a726d250ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29562662
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6541
expires
Sun, 15 Jan 2023 06:32:15 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1604937211%2F20266421-1QetYSgS.jpg&v=3&w=400&s=HhAQSIlk0zABXcPz80b0kMaf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
c977a560c6765bf35f8f7204a453056d86580d82b22a656dfd5730f62a97399b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=592588
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4650
expires
Sun, 13 Feb 2022 23:17:41 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21013320-FVBxd2Lm.jpg&v=3&w=400&s=okatGRSeM1FKw3-320Sk7XgY&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
56d19e2a47665370c9521ca19b803d4e6dd18d2db8aa2c429139b30640696be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=361899
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
17042
expires
Fri, 11 Feb 2022 07:12:52 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F21222333-CGS2cBCY.jpg&v=3&w=400&s=-1MZ0uZgTRvV6j2PB4EYdKfN&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
8301b6a0cd6f51a66c1a75d0512eab5495eeae98bb99e7365c713063252a3a97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=410916
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4886
expires
Fri, 11 Feb 2022 20:49:49 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1562047746%2F19195507-LaHp5YlU.jpg&v=3&w=400&s=njkDbBvGbSuP1ennwZTCo3_D&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e76a718b15ac0a66be5144c0f2463f94fb632041e42dc60ecc627634f5deb0c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=239724
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
15428
expires
Wed, 09 Feb 2022 21:16:37 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1521816930%2F14022414-k11LUOvy.jpg&v=3&w=400&s=WdFp5w9uqVo1f9y1TKoPwuLe&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
88fb9c30c091382351c5f0c5f4ab54d7fdef63ab318534b78b9041cfe7aed5bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=145928
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5784
expires
Tue, 08 Feb 2022 19:13:21 GMT
img
pix.eu.criteo.net/img/ Frame 99F8 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1504098678%2F17225252-yiCPvQFr.jpg&v=3&w=400&s=nZGKqHFZmezGfnh-qbqVxja4&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
a1fe766858986b6edd5c03d83e01db2efc6dc864e9f9c4e925d66d1141e103de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=327477
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7570
expires
Thu, 10 Feb 2022 21:39:10 GMT
all
csm.eu.criteo.net/ Frame 99F8 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=8FxS7uF2oFlH304iPlFHWxMlEBsvyrLr4YydjViqJK5T6a45APduCvedA9eyLvTgNkCJIuae9X1zN0gIYjFW1ptMnq9zcsmNKGfNFucPQUnlReU2eQZ-rGDMuzy3CBzsphMG7NEbmDHSVh4UzSiKpJKPoq7mp-sFw3qEy_mEkph0znKBdNvigzFPUlAObC-kVVBx6P8PeJ1_ijF2aF2YwfSJwjzT4OJD_exOTvxRELx7TxB5cHGF7owNORc&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:12 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 99F8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 99F8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJIIu89KAAOM3BKiNI8zB26JOe9exg&u=%7CIv1Ojxlbn2Q%2F7mpGIOvXT73UysQgDO88MPYusOxIVJk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzdX2sY74JSiSCV8Ph3TDPUHOvaR3wUU5JOeZPNHARR3lOCwHddsykTR0H7eIekOv98lPnDO4dWuN5EFwb9VPvzO92XoN9-Wha8NlZ5SFc2bobfP-o6WZrIDpic2VAhZmyga5kOHz7P0Ort3y6-2N14G1VRmBea0Xg9XyK6u1Pqtse8QGrgjxSwzs5xBv3t_AjWzh0mmjtN0pO3ocF2CtQnbYZ1Av_LRS_MVK3Y6BEsDXPLg-5_nvKpUNH6tg2MUhKeyqNOWvD9aFa-cqUHG3J0BMFANWVNzv-_1pTJVruLlCIpTf611BxQ18loEOWplQMolE0q1Sn-ddvyrLhyT3Lkfqn7s2AMrj-lcbxBKE2pI3y8Ujpf70ut4WlBJ5L5G_hpQ5CyVd7Es7&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC5fesyIYAYpKBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoElAJP0P4YlHuIX6aq0D3KO12fnEO3aORB4uZDjOIwBHcq7-93nK2CITsSRXPhfvfuz26wuS-x9rjxZtq3jwqbrYyBujn3HJWb1OHMLnvr4z8MDpLF5vLu8DN2Z3xEx_MfJ3Hta1uqMQ7fMcnq7tkAUvJRgV8OTF-acvdiGYA0t9baylQOkLl-ncRiF7eZZ3XZyhd11Do1CnCvNOdmiBIjHYDolMAh8KsnOVFaWoZaLtw6tXsYDT-bfrK3Dx0tz15EqetYCsPN438s3edS7g0gjRvuIQmDO5VRE_XhWIGN6jR3zihN5w_BXtrrjsHMIKOxyw4fx49p5JCuipFI-YV7tA0RF91gadi6ynsoAjX-IvV4B0DIyWjgBAGABtyKgb2Ag8b3tgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3fc6HV6pj0uOFSJT9L1oI5sHDOPA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 02 Feb 2023 02:41:12 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 08E3 		975 B
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:12 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
850
cf-polished
origSize=1191
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpdOjKAe1PLAcKmrvI0DFqRaDby1cK8%2FC%2FrxX0unX0NXp6OEvk55PDFK0rFFbUsAFPraTslhtr%2BtsWs2Hb06EZT95%2FbcUXY8j887pwsnehkOH6FaKm%2FyR0OkyfXVfLLQ%2BYUvGj2MXwZuG5DQfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
6d9942081bc783a3-MXP
cf-bgj
minify
idRequest
sync.aralego.com/ Frame 08E3 		46 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US&deviceInfo=81216001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
d266551323bab61c96ab4de427d9b19e6219797f459ca339a7667f055a5d0007

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:13 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://n.yam.com
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 08E3 		411 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=n.yam.com&u=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&adid=ad-BE787DA7299D7E96F7BD3DD684644BDA&w=728&h=90&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.40535836577777284&ao=https%3A%2F%2Fn.yam.com&lang=en-US&deviceInfo=81216001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
c0969e49972e18ee4f5edde6fd55f029d2ac758dced35991d0a288f349ff255a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:13 GMT
X-Width
728
X-Height
90
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://n.yam.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
411
X-AdStyle
banner
view
securepubads.g.doubleclick.net/pcs/ Frame 08E3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslwrmS23JGiLMftw-DTQ6hR8lxvbdAC514YQULWlBfwLc9qd0PkKTM353cQZ_P5io89uSJnGSU_Z-T_w3-kX6ICN7Ym3_qixovdin4vimySEnGmVkTiFHnZRqrvPIOMnPm9Q_aVnMRDK1PcxXPvPfi89Zqfh5MM4zZFxwpw7uLpBS-2nZQJxuAGRg8IpVbdjEBu4i4IbdpRha5amK29AVZNn93S4mucdEItuP5t5tZHjkLauFgGBWmaJWu4veZ5G6uDxc5WfO6Ytb5LEpzyXuyhwO2rq45zq1-_HpQig3eM9f9yd-C9Or5OPW-HyPNZCJyzPixSO74dLIRLBk&sai=AMfl-YR7BgYXVzvb1N4lhsHBWQFP9zbtD-LjVBnfXq5JTOuuOur_KsTEjGerxqtp9-sMt516oC6Vuc0SLh8g1uC6B8wJxBxL7pehyDaL9iSf9d1s664lp_5OffFO68GwGsEy&sig=Cg0ArKJSzJsoVLEJ8169EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 07 Feb 2022 02:41:13 GMT
CFbg.png
vote.yam.com/CF/images/ Frame E557 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/CF/images/CFbg.png
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1655a16462aefd8ddafed3e67e58288cca40bcfecdf58be3bb9f1bf7512b81ec
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Last-Modified
Wed, 07 Nov 2018 06:15:28 GMT
ETag
"0042476176d41:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
90554
X-Xss-Protection
1; mode=block
voteLink.png
vote.yam.com/CF/images/ Frame E557 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/CF/images/voteLink.png
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca71ea48130126151c7bb6ae861a878d386eef42a940fd193e672c304357b063
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Last-Modified
Wed, 07 Nov 2018 06:15:28 GMT
ETag
"0042476176d41:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
94513
X-Xss-Protection
1; mode=block
hand.png
vote.yam.com/CF/images/ Frame E557 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/CF/images/hand.png
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
849d0cde47450bead63722e7f6b938226b2bbb65e5d9ec606c6ecfe367e922aa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Last-Modified
Wed, 07 Nov 2018 06:15:28 GMT
ETag
"0042476176d41:0"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Content-Length
91505
X-Xss-Protection
1; mode=block
20211110%5C2021111005480989.jpg
vote.yam.com/imgfix/ Frame E557 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005480989.jpg?h=250&w=0
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
039c38db4dc3cb7760f6c386b58aec1e9617d087b10252a19f1c72054dfabe85
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:53 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386999
Content-Length
31205
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:53 GMT
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 47A2 		807 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
content-type
text/html
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
812
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMhsxNsVIIwB35Sysz%2BTiO%2F6seGCfVngiuqf178IYvRjsPdH7sbUdI3yUUufkehNkmtos6JysL007gyQlb4K1zSCfHQ9OWco52ZxXGlROJU7ACrMxZU9SGPqtOx%2FfmC8wUZwhL4ZMXN%2FhB3Peg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6d99420a8de283a3-MXP
content-encoding
br
pixel
cm.g.doubleclick.net/ Frame 08E3
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/9a1fde9f-b110-35fc-8e00-a2314351f2cf?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/38057c2b-1926-3218-9c7a-4852e2912b60?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/38057c2b-1926-3218-9c7a-4852e2912b60?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/38057c2b-1926-3218-9c7a-4852e2912b60?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sPjtYplE2oWhLEMIa8eFYue2LWqEB1pCtcK99Bk-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=38057c2b-1926-3218-9c7a-4852e2912b60&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=38057c2b-1926-3218-9c7a-4852e2912b60&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=4a56b1fa-5e3b-473c-b171-b4411cc4f5dc&google_hm=NGE1NmIxZmEtNWUzYi00NzNjLWIxNzEtYjQ0MTFjYzRmNWRj
0
0
init.js
cdn.holmesmind.com/js/ Frame 7FD3 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
398f43c6084ffdd737fd29f1bcf50f108a7bbc64e1166d319a4e29fdb40e31e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jul 2021 07:38:23 GMT
server
AmazonS3
age
17
etag
"ed07168d1a38cbba68fed50d6df4c138"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 07 Feb 2022 02:41:13 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
6552
x-amz-cf-id
4COXhOUjG9TmbhbbJr6ouMUf6rzsINVrLy41NKVNdIMaNsH2PkVzRA==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 47A2 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27225
x-xss-protection
0
server
sffe
etag
"1124 / 318 of 1000 / last-modified: 1644015869"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 07 Feb 2022 02:41:13 GMT
pubads_impl_2022020101.js
securepubads.g.doubleclick.net/gpt/ Frame 47A2 		351 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 20:27:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121756
x-xss-protection
0
last-modified
Tue, 01 Feb 2022 09:38:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 06 Feb 2023 20:27:18 GMT
/
admd.yam.com/AD_HTML/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admd.yam.com/AD_HTML/?LSTR=yamAD_01%3A100%7CyamAD_03%3A1064%7CyamAD_10%3A906%7CyamAD_11%3A907%7CyamAD_07%3A903%7CyamAD_09%3A905%7CyamAD_05%3A902%7CyamAD_13%3A825&APP=&Charset=UTF-8&RID=0.6874640049601115&callback=jQuery1113007346219288204558_1644201671813&yamAD.js&_=1644201671815
Requested by
Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.76.41.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / CSCWORM
Resource Hash
97638fe73a3c2fdd1f9872cfb126fb2d3f2515975b5c0efc3d523d3b9ba66c78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
CSCWORM
Content-Type
application/json; charset=utf-8
access-control-allow-origin
*
Cache-Control
private
access-control-allow-headers
content-type
Content-Length
6330
Expires
1 days
cm.php
fcm.holmesmind.com/ Frame C6C0 		0
0
capmapping.htm
cdn.holmesmind.com/js/ Frame BCA0 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ef36c54a8970de684a3fda047b98b9835013bc6dc732889a59dfb0b789c91083

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

content-type
text/html
content-length
2834
last-modified
Thu, 16 Dec 2021 03:21:40 GMT
x-amz-version-id
hFP2Dbhg2mZwleAbJg_nl5dFPosFCjn7
accept-ranges
bytes
server
AmazonS3
date
Mon, 07 Feb 2022 02:41:13 GMT
etag
"1e75e05f4e8821318bbfd65d4196b78c"
x-cache
Hit from cloudfront
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
wXxoOyPm28kitvJtkKAWvjxdy4lLdH3Mjy-j0B2Wxzx0EaGwkkFiWg==
age
13
edmp_init.js
cdn.holmesmind.com/js/ Frame 7FD3 		662 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
age
32
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 07 Feb 2022 02:41:13 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
662
x-amz-cf-id
GWrz9b71zssUigUbafEX_5o5MdU-XurZjuzAo5ZyuvYV8I6cA1jzGA==
presetfn.js
cdn.holmesmind.com/js/ Frame F13C 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15eb44d26f736a4a625736e93a080257b8914784fd0b8a77878e6200a30e81b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
last-modified
Tue, 12 Oct 2021 03:41:12 GMT
server
AmazonS3
age
13
etag
"7b6f1f02da49bb8037c73f66f2ec33ec"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 07 Feb 2022 02:41:13 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
6165
x-amz-cf-id
Ym_oePKCi1wJziYldepwIWT3ovnGKtBqdm9sWPw9OcgiApg1btb2iw==
integrator.js
adservice.google.de/adsid/ Frame 47A2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 47A2 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 47A2 		307 B
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4496074276918514&correlator=61829721824149&output=ldjh&impl=fifs&eid=31064660%2C31064672&vrg=2022020101&ptt=17&sc=1&sfv=1-0-38&ecs=20220207&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&dt=1644201673577&lmt=1597133702&dlt=1644201673387&idt=173&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=64515409&ucis=41b9c0ukxiai&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=2&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fn.yam.com%2F&top=https%3A%2F%2Fn.yam.com%2F&vis=1&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=2132164802.1644201674&ga_sid=1644201674&ga_hid=1784618415&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b860fa45149fd3fe8617f1a9fd86d02e4a6820a7b3df3d39f2238154407c41c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD69 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 07 Feb 2022 02:41:13 GMT
expires
Tue, 07 Feb 2023 02:41:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Preset.js
adcdn.holmesmind.com/adserver/ Frame F13C 		472 B
610 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=11193
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:aa00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e4e2e0d0189bbe4fa32f23013f3970b6629b356e58e08201e2badfc36cccf3f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:36:09 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
age
304
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
http://n.yam.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
wHf4OqS4FpEH0FNTUnYRX9ECboFH8Kq7hue1reV-IiC-d4HqU_sYxg==
via
1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cm
c.holmesmind.com/ Frame BCA0
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Mon, 07 Feb 2022 02:41:13 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
clear
content-type
text/html; charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame A56B 		42 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvkcNsBnAFU7bkfNfbJwoPCGof8Doj5vBRycUIPPQ9pZbOuy-Y3GFYzI_O7flP2Sivnx79MyUPbpHvPdhLghhiP&sig=Cg0ArKJSzF7aL15FCwSjEAE&id=lidar2&mcvt=1024&p=215,436,305,1164&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=582681056&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644201672474&rpt=186&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 05B6 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuer2Yb8yWJfJHwX2-294ULWyY4d7oVGG84DW8w32EwQApne78f8gfl-wai7my3XxdCDoqf5tPF24OnCDE3J2tT&sig=Cg0ArKJSzMpL13mixGG5EAE&id=lidar2&mcvt=1026&p=659,1050,1259,1350&mtos=0,1026,1026,1026,1026&tos=0,1026,0,0,0&v=20220202&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&app=0&itpl=20&adk=612007488&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644201672453&rpt=172&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20211110%5C2021111005463331.jpg
vote.yam.com/imgfix/ Frame E557 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005463331.jpg?h=250&w=0
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4891d2f3b13ad3981865434d54a55b010d7202c8327e60b092854967b68ae99f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:12 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:56 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31387002
Content-Length
35451
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:56 GMT
ads.js
ad.holmesmind.com/adserver/ Frame F13C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=11193&rf=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&n=345&o=1&d=1&b=2&ts=1&ii=2&FPCK=413-gRRZ8mM2QfZqqJnH5TVy2KA584oArakP&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.75.110.87 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-110-87.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
02a7fec208f762863c112063fe04854c502cd64a12760979a5b8007a463ad6f0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin
https://n.yam.com
date
Mon, 07 Feb 2022 02:41:14 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame F13C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
211.20.171.204 Chang-hua, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-20-171-204.hinet-ip.hinet.net
Software
HiNetCDN/2108 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
via
1.1 b3f2829423a128e564944f5af75ecda4.cloudfront.net (CloudFront)
content-type
application/javascript
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
HiNetCDN/2108
age
6
etag
W/"6a605eea47197fa280f27aaf1fa1521d"
vary
Accept-Encoding
x-cache
HIT
x-amz-version-id
null
x-amz-cf-pop
TPE50-C1
content-encoding
br
x-amz-cf-id
sAaQ4sP3YA90iK5H_iP86d4x8d54oZOnfcGLZJHdC7uni8c6f_BW8g==
x-request-id
f0e0e1e8d350da012e027c51d6da07f0
publishertag.js
static.criteo.net/js/ld/ Frame F13C 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
gzip
last-modified
Mon, 31 Jan 2022 09:04:37 GMT
server
nginx
etag
W/"61f7a625-1fc09"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Feb 2022 02:41:13 GMT
criteoV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame F13C 		2 KB
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
211.20.171.204 Chang-hua, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-20-171-204.hinet-ip.hinet.net
Software
HiNetCDN/2108 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
via
1.1 96902189172dc36e37becde22ad7bd8a.cloudfront.net (CloudFront)
content-type
application/javascript
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
HiNetCDN/2108
x-amz-cf-pop
TPE50-C1
etag
W/"e8f33fcb581483ced4a09b3c8e7550e4"
vary
Accept-Encoding
x-cache
HIT
x-amz-version-id
null
content-encoding
br
x-amz-cf-id
Uz02nMeLA0L0EhoD8qVETebHxBTn5PlMndswMeEbz9u4-5pEDRqf8A==
x-request-id
9fded23c014a1c8a85891056cb44f6f2
bridgewellV3.js
banner-cfnetwork.cdn.hinet.net/js/ Frame F13C 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
211.20.171.204 Chang-hua, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-20-171-204.hinet-ip.hinet.net
Software
HiNetCDN/2108 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
via
1.1 d5dce2e7b80787e95d4f29dec07846e2.cloudfront.net (CloudFront)
content-type
application/javascript
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
HiNetCDN/2108
x-amz-cf-pop
TPE50-C1
etag
W/"c3b948e5a48dd0ec20c265d6d8da7add"
vary
Accept-Encoding
x-cache
HIT
x-amz-version-id
null
content-encoding
br
x-amz-cf-id
4W4dSbtwFeQGon-2lNlnsvg1Tx7Zz2VT-IuSrLE429tOH4p-hquCpQ==
x-request-id
6c054b7d4ec275bd4247c60ad98d3516
appierV2.js
banner-cfnetwork.cdn.hinet.net/js/ Frame F13C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
211.20.171.204 Chang-hua, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-20-171-204.hinet-ip.hinet.net
Software
HiNetCDN/2108 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
via
1.1 096a6b8eead4c03424ba5f53bb356c56.cloudfront.net (CloudFront)
content-type
application/javascript
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
HiNetCDN/2108
x-amz-cf-pop
TPE50-C1
etag
W/"548ed610a8571343fb3022f543174735"
vary
Accept-Encoding
x-cache
HIT
x-amz-version-id
null
content-encoding
br
x-amz-cf-id
d6c8pCYp-PjQrhvYy-XBaiAQfSG_JgalTsg6R7gXwOgRlFRLf2dPaQ==
x-request-id
a55bc53cc743d817b8a12f011f59a534
sodar
pagead2.googlesyndication.com/getconfig/ Frame 47A2 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53430fcc44154aef3dcb8aa393825cdbe41fc7ba37836fdc6f99216f8f158126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9805
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 47A2 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020101.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 07 Feb 2022 02:41:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B53 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 07 Feb 2022 00:04:24 GMT
expires
Tue, 07 Feb 2023 00:04:24 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
9409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame EE7E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
736637f2cf0857a005fcb7d072d34a51a1a19949a045f9d243234d82659f6e0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HBNLYfCuv23udxAsTzff6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 07 Feb 2022 02:41:13 GMT
date
Mon, 07 Feb 2022 02:41:13 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-HBNLYfCuv23udxAsTzff6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
all
csm.eu.criteo.net/ Frame 4A3E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TdGcT-F2oFlH304iTiz4DAqN3N4THfGDdrPLcyPl-8rodHpjk11emHHx06sYp7E30CFBOhS1mohMGqY24N03Gcef2LbAB_NXFb2gn6FK2XQZqfSV_6n8Bf51iuwWSUc_FTPZHo1w-amCSJ1_y1M5jW45NlS_CST8yEOiGat5Frs0QC8dUtqLUJCOqNRFzrkmP8f380oWYDc_xi7AfGjAg1xTc1xXc-HrZL99H-oegyQDqRDriV9hMuk6Vt3p8UUnQ3g91g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 3D1B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=OmDLgeF2oFlH304icwzthxCrt01KMY2dLuVjKmtwbrw5St35uZYqTtqw_hcFoOhJld7Srb4e7i7c0gpSwDE71quzo8Sd5Y_rISShTx8pwip_8V2Qr5sQVhsFH7wX3MaDVaMTGFg52NRGIZXBCBJOzihwktMqrikWcj8XsIqveiNDhm5GU1s9JqQz4LAc726dwHvjThMV-FjvEvJ8k5X1qvYfraoob5BC3EhuoVDuFzf9Bt48GHIyukWJstvBpHSrW7HIxbRTAX7MgIju&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJUIu89KAAOM3PiTABdL2KaN8KuEdg&u=%7CIv1Ojxlbn2QDkW%2BqP6KktwoC9oI%2Fy9Jxsz0Jwu7cRUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXBNl7acqytoL8vxjoD-HVme79N7ctwLd969iOorEkW7vyliSw5otAqK4zCtwYuhxg5ZokJaY135-rTr3bydzHEGAuP0-ufcGVmyzBhG3kDDKgEYV8WrgI9dFrS6XljuTP4aNNz3IyFNm4C2vvnBSLKaNu4LJoBqgLvcQCsKlYZ4D22ievfWzXERmHnXP7yxa_vdW8o9M9otCXq1zn8UE0EkPuP53TnwII5DjEXQIHgaS1-nwCsSAEHliMiMoSVVj-e015Xfsi9AZr3XhoXsDn31aG5kaYBdR59ZVif7B4EUTmWuySipez89mUAPwcvE1v9IlNikdGLQp5QiQ_6lRPSAjMkEWhHs_As5Haj1ajkHghpaDzhujf94F3Glzebi2FkvSu6PG1FFTg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZMxnyIYAYpWBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEiwJP0LJJr_wbjLgrPy36F150RNJX5_UOmqjeb76QvKwn-eAHifpdVs24hc5b_p8qJK1mJkT5vhsFd6L0AgO5cMlAnWSPVU5Zm9zLhAKs5mu5eDVuFlXNyPdm5mzRjbXyauE0RcWb8rINVeodocUQa5J378hHHhQHbeX8vl0tyXMFu4VxBKM1f2jzziYGxqQT9ud9K_IjEQtlL6915ADXAK1eyvzGQOlg2mhvvTmqbIck55736eSdtPjT-qJOeF0s_2hFyhZXlO0n_FmC_paMNw3MrivnhdlcSD_FcUqqojhzV-woVMpxgM2SRW7eiIpwKOPAbYXbreb088wFePlzucHIfc_qDaZIqxdp6zfgBAGABq7fmaCz9ord-AGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Y0riuP6alj5e0VqrXS5cZwa4QQA%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:13 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
20211110%5C2021111005432835.jpg
vote.yam.com/imgfix/ Frame E557 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005432835.jpg?h=250&w=0
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd2d36f8d6b97b22a9cd51b09fa138b0a46c2e8e2c5912b2ed5525d34637fd79
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:13 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:57 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31387003
Content-Length
28131
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:57 GMT
landing.php
fp.holmesmind.com/ Frame 3728 		0
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=5140-7lq0qJenbEqaYD4Cd4tvZ5R2zSulrit4&CFFPCKUUID=413-gRRZ8mM2QfZqqJnH5TVy2KA584oArakP&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&maindomain=yam.com
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/

Response headers

server
nginx/1.20.0
date
Mon, 07 Feb 2022 02:41:14 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
access-control-allow-origin
*
access-control-allow-methods
*
access-control-allow-headers
x-requested-with,content-type
content-encoding
gzip
via
1.1 google
alt-svc
clear
utag.js
t.ssp.hinet.net/ Frame F13C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:14 GMT
content-encoding
gzip
last-modified
Fri, 22 Oct 2021 01:23:36 GMT
server
nginx
etag
W/"61721298-11a3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
strict-transport-security
max-age=0
expires
Mon, 07 Feb 2022 02:51:14 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EE7E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020101&jk=4496074276918514&rc=
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
pagead2.googlesyndication.com/bg/ Frame 1B53 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K3QqjkDtpTyrF38W5JrZ5ol4_5B02gVdFCmanKaTR4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 06 Feb 2022 06:54:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
71207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Feb 2023 06:54:27 GMT
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:14 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.44
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
null
Expires
Mon, 07 Feb 2022 03:41:14 GMT
recommend
tw.popin.cc/popin_discovery/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&&device=pc&media=n.yam.com&extra=windows&agency=cnplus&topn=50&ad=15&r_category=all&country=tw&redirect=true&uid=0af87a9918fc0aaa0911644201674309&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTcuMC40NjkyIiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNSU4RiVCMCVFNyU4MSVBMyVFNiVBRiU4RjI1JUU1JTg4JTg2JUU5JTkwJTk4MSVFNCVCQiVCNiVFNSU4QiU5RSVFOCVCMyU4NyVFNyU4OCVBRCVFOCVBRCVCMCUyMCVFNCVCQyU4MSVFNiVBNSVBRCVFOSU5RCVBMiVFNSVCMCU4RCVFNSU4QiU5RSVFNiVBQSVBMiVFNCVCOCU4OSVFNiU4QiU5QiVFNiU5QyU4OSVFOCVBNyVBMyVFRiVCQyU4MSUyMCU3QyUyMCVFOCU5NSU4MyVFNiU5NiVCMCVFOCU4MSU5RSIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsInVzZXJfdGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ1c2VyX3RkX2hvc3QiOiJuLnlhbS5jb20iLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjQ0MjAxNjc0MzEwLCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&alg=ltr&callback=_p6_958a0dac7496
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
22cdd754655cb4f708e8a0890af3fdd3715409bf422db9e8d69c709e7dbf1e2e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.13.5
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
popin_discovery5-min.js
api.popin.cc/ 		153 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
790ce9c9da050e908b56ec0600baf60e48f07ee38a4147d49ad7be9e8597f01d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 12 Jan 2022 07:37:23 GMT
Server
nginx
ETag
W/"7cb405c5b70e2e1b9caa161e59ce863e"
X-Cache-Status
HIT from 10.252.55.26
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
Tx0nUjINFWkM92qhV7m6r_J9CxWD1TPv
Expires
Mon, 07 Feb 2022 03:41:14 GMT
generate_204
tpc.googlesyndication.com/ Frame 1B53 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?UTO0RQ
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
drawV2.js
cdn.holmesmind.com/js/ Frame F13C 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=11193&rf=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&n=345&o=1&d=1&b=2&ts=1&ii=2&FPCK=413-gRRZ8mM2QfZqqJnH5TVy2KA584oArakP&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:c800:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
age
12
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 07 Feb 2022 02:41:14 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
10359
x-amz-cf-id
EtA1AvkahZFyVmtFv_4hHZjR_CBIkUeZfvfj009J_qvW4GVdwSWOtw==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 47A2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020101&jk=4496074276918514&bg=!PD-lP3vNAAYZkRhwGZE7ACkAdvg8Wok_BS-XpNPnSDBuSJ4K9i0YQySHuEAjhuI8anvp3vlCPkEYuAIAAAF6UgAAAANoAQcKABl4j-8O-9zf0rJdnVPzA_khjXrSnIymlEmnmQLZbObEa-GL0ptobcIN2uFpHXEUxbC0xHqyr0mfP1BxT6ZVLhwsTml84Bh6VV7zJJToFmLpbdIyItRjGKF3t5A5St8YRt9JwaC_C-pO17wLmB_1UozcpTZ8CXD8lIP2JJfE-0f3kGPtMxcJYoTRRAocTmr5DNpgu_oewT26BCnrD2V1nzsEoqjjzULLG792T-AAIkhzIdSlqFcKG8DILD4Hif-3IGOw2vZg47DqCwrNr8Vlikk3Meo0fIQZr6UPKdAQZZvRBlH3jRYPJT7xPvfk-M9CF8QfR9elDM0UGpnF7S9gheGgObl4lAjlqPyUZnyQqPFXaFTDNG6MEtOZIBbmVO5llKZr18m_khqY3xxPMyuuiGvQ8-UiKwkvtBzoOqwATw9RCF4b3rx2dxg4eRPrntC6_3N1-GgxJuojcBjJZYVZkORi2GdgXE1jnor658zOvhpIuHcylsnQKtltvFT-5FonHFBEy2Wm1NstOmGbMbTPwH11dXfDZ-8Ilnz-lVNOH-QC2aMrv158B0puuygEXinwlZTxTgsJNURX0oJdN1s18ZIPFPouzzS3kMxuBalMTqvPkCPH89jDbKcRawXtUnCkh9AwGfDCa4mIQHS9ZHOldccdTcCd3AS6hMwuLHJJC-HbrXtssv_pWl6tXhCqMXDhvr71QpJ1XmdufowJqvum2aNJl4odrr-XJ9RAhTFdyVkQDyt8miy_KwyoBq1xrSQUkrNNu_vUh8CUkB41oibMKHokb7Owbvz4u_lepttjcS3orH9o4VEhKHN2pX5D54X8rf2tmtDLx-VY0vL6HJGkMYPFEypmQjQtmm4CFLifGaqBz46mtPUgciph3aW0vcWhWkBEIQXNT5TdDKYl7j63l4tjEvsAzRRoOtstVnjbNyfDFOSgtbsHCDoahYVHDmTwgnXp3CXIEsHbw6vvTLP28UNg7SW1KEmOpDTU1QmRBhY-gcpYCpfi
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Feb 2022 02:41:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.ssp.hinet.net/ Frame F13C 		37 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
af981878bb3cf4dd86377f88bb5fb0dbb22a3a2082f4b8cd30cce9461c11fb23
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
popin_send_cookie_set_fail.js
api.popin.cc/test/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:15 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 03:29:29 GMT
Server
nginx
ETag
W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status
HIT from 10.252.55.26
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Expires
Mon, 07 Feb 2022 03:41:15 GMT
emome2
t.ssp.hinet.net/ Frame F13C 		30 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=392c8fb0-24cb-4113-a23a-0eb702653cc7
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame F13C 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://n.yam.com
date
Mon, 07 Feb 2022 02:41:16 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ Frame F13C 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=119&profileId=184&cb=22831369441
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 07 Feb 2022 02:41:14 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://n.yam.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cm
t.ssp.hinet.net/ Frame F13C 		0
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=5140-7lq0qJenbEqaYD4Cd4tvZ5R2zSulrit4&mp=392c8fb0-24cb-4113-a23a-0eb702653cc7
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://n.yam.com
cache-control
no-cache, private
access-control-allow-credentials
true
strict-transport-security
max-age=0
pixel
392c8fb0-24cb-4113-a23a-0eb702653cc7.t.ssp.hinet.net/ Frame F13C 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://392c8fb0-24cb-4113-a23a-0eb702653cc7.t.ssp.hinet.net/pixel?bd=392c8fb0-24cb-4113-a23a-0eb702653cc7&t=50ef57
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:17 GMT
server
nginx
content-length
0
strict-transport-security
max-age=0
content-type
image/png
bid
ad2.apx.appier.net/v1/prebid/ Frame F13C
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=vS7id9bDAtGnptAmzIYAYg
2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=vS7id9bDAtGnptAmzIYAYg
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Server
34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:16 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
clear
content-length
2

Redirect headers

date
Mon, 07 Feb 2022 02:41:16 GMT
server
nginx
access-control-allow-origin
null
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=vS7id9bDAtGnptAmzIYAYg
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame F13C 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.27551561057269525
Requested by
Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Feb 2022 02:41:16 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html
access-control-allow-origin
https://n.yam.com
cache-control
private
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ Frame F13C 		0
210 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://n.yam.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://n.yam.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ Frame F13C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 02 Feb 2023 02:41:15 GMT
pixel.gif
static.criteo.net/images/ Frame F13C 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:15 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
strict-transport-security
max-age=31536000; preload;
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 02 Feb 2023 02:41:15 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1644201675758&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkLXBjIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjE1LCJyZXNwb25zZV9hZCI6MTUsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJsb2dpZCI6IjJkNzc0M2M5LTFiNjUtNDg2Ny1hMDBhLWI1YjFiNjVhNWM2NiIsInVpZCI6IjBhZjg3YTk5MThmYzBhYWEwOTExNjQ0MjAxNjc0MzA5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNzVmMmIwMWMtZGFmNi00NjIxLThhODQtNGE4NDFjOGIxMTNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWPsOeBo%2BavjzI15YiG6ZCYMeS7tuWLnuizh%2BeIreitsCDkvIHmpa3pnaLlsI3li57mqqLkuInmi5vmnInop6PvvIEgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiNzVmMmIwMWMtZGFmNi00NjIxLThhODQtNGE4NDFjOGIxMTNiIiwiY29tbW9uX2NhdGVnb3J5IjoiZWNvbm9teSIsImNhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.191.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-191-232.compute-1.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
logo.png
api.popin.cc/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.popin.cc/images/logo.png
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:15 GMT
Last-Modified
Tue, 02 Apr 2019 12:00:56 GMT
Server
nginx
ETag
"b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status
HIT from 10.252.55.26
x-amz-version-id
null
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2316
Expires
Mon, 07 Feb 2022 03:41:15 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1644201675785&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6IndvcmQtcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MSwicmVxdWVzdF9hZCI6MTUsInJlc3BvbnNlX2FkIjoxNSwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsImxvZ2lkIjoiMmQ3NzQzYzktMWI2NS00ODY3LWEwMGEtYjViMWI2NWE1YzY2IiwidWlkIjoiMGFmODdhOTkxOGZjMGFhYTA5MTE2NDQyMDE2NzQzMDkiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Y%2Bw54Gj5q%2BPMjXliIbpkJgx5Lu25Yue6LOH54it6K2wIOS8gealremdouWwjeWLnuaqouS4ieaLm%2Bacieino%2B%2B8gSB8IOiVg%2BaWsOiBniIsInRkX3VybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJjb21tb25fY2F0ZWdvcnkiOiJlY29ub215IiwiY2F0ZWdvcnkiOiLljbPmmYLmlrDogZ4iLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.191.232 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-191-232.compute-1.amazonaws.com
Software
/
Resource Hash
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
adlogs
log.popin.cc/log/popin_ads/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6InN0YW5kYXJkLXBjIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjE1LCJyZXNwb25zZV9hZCI6MTUsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJsb2dpZCI6IjJkNzc0M2M5LTFiNjUtNDg2Ny1hMDBhLWI1YjFiNjVhNWM2NiIsInVpZCI6IjBhZjg3YTk5MThmYzBhYWEwOTExNjQ0MjAxNjc0MzA5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNzVmMmIwMWMtZGFmNi00NjIxLThhODQtNGE4NDFjOGIxMTNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWPsOeBo+avjzI15YiG6ZCYMeS7tuWLnuizh+eIreitsCDkvIHmpa3pnaLlsI3li57mqqLkuInmi5vmnInop6PvvIEgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijk3LjAuNDY5MiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJjb21tb25fY2F0ZWdvcnkiOiJlY29ub215IiwiY2F0ZWdvcnkiOiLljbPmmYLmlrDogZ4iLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1644201675760
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&uid=0af87a9918fc0aaa0911644201674309&type=pc_pv&nid=pc&media=n.yam.com&r5=ca_%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E|ab_standard&t=1644201675761&tz=tw
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:16 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsImxvZ2lkIjoiMmQ3NzQzYzktMWI2NS00ODY3LWEwMGEtYjViMWI2NWE1YzY2IiwidWlkIjoiMGFmODdhOTkxOGZjMGFhYTA5MTE2NDQyMDE2NzQzMDkiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Y+w54Gj5q+PMjXliIbpkJgx5Lu25Yue6LOH54it6K2wIOS8gealremdouWwjeWLnuaqouS4ieaLm+acieino++8gSB8IOiVg+aWsOiBniIsInRkX3VybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTcuMC40NjkyIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijc1ZjJiMDFjLWRhZjYtNDYyMS04YTg0LTRhODQxYzhiMTEzYiIsImNvbW1vbl9jYXRlZ29yeSI6ImVjb25vbXkiLCJjYXRlZ29yeSI6IuWNs+aZguaWsOiBniIsImFidGVzdCI6InN0YW5kYXJkIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1644201675761
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
other
inrecsys.popin.cc/PopinService/Logs/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Y+w54Gj5q+PMjXliIbpkJgx5Lu25Yue6LOH54it6K2wIOS8gealremdouWwjeWLnuaqouS4ieaLm+acieino++8gSB8IOiVg+aWsOiBniIsInRkX3VybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6IjE5My4yNy4xNC4zNyIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5Ny4wLjQ2OTIiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZGlzaF9jb21tb25fY2F0ZWdvcnkiOiJlY29ub215Iiwia2V5Ijoia2V5MTY0NDIwMTY3NDMxMCIsIm5vdyI6MTY0NDIwMTY3NTc2MSwiY2xpZW50X2lkIjoiNzVmMmIwMWMtZGFmNi00NjIxLThhODQtNGE4NDFjOGIxMTNiIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsInVpZCI6IjBhZjg3YTk5MThmYzBhYWEwOTExNjQ0MjAxNjc0MzA5Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJuLnlhbS5jb20iLCJkaXNoX2NhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiZGlzaF9kb21haW4iOiJuLnlhbS5jb20iLCJ2X2Rpc2hfbGFiZWxzIjoi5YSq56eA5Lq65omNLOS6i+alreWWruS9jSzlronlhajooZvnlJ8s5Yue5YuV6YOoLOizh+acrOmhjSzkuK3lpK7npL4s5Yqg54+t6LK7LOWLnuWfuuazlSzokaPkuovplbcs5raI6LK76ICFLOi2hemBjizli57li5Us6KaP5a6aLOmBleWPjSzotbfot7Ms6YGV5rOVLOaUv+W6nCzomZXku6Us6ZmQ5pyfLOaEj+WRsyznh5/pgYss6JaE5YawLOWQiOS9nCzlt6Xos4cs5LqL5qWtLOmZjeS9jizlj6/pgZQs6L+R5pelLOelreWHuizlk4HniYws5o+t6ZyyLOmWk+malCzllYborb0s5b2x6Z+/LOaqouafpSznmbznlJ8s5pyN5YuZLOapn+acgyzph43nvbAs6auY6YGULOaUv+etlizkv6Hos7Qs5aSx5Y67LOe1puS7mCzliqDph40s5raI5oGvLOS4iumZkCzpoJDlkYos6Lyq54+tLOWCt+WPiizmlLnlloQs5oqV6LOHLOaxguiBtyzogbfmpa0s5LqU5pyILOWFqOi6qyzmjqXlj5cs5ZOh5belLOazleS7pCzoqIrmga8s57SA6YyELOihqOekuizlgYfml6Us6YeR6aGNLOaEj+mhmCIsInZfZGlzaF90bGFiZWxzIjoi5LyB5qWtLOeIreitsCzli57os4cs6Z2i5bCNLOaWsOiBniIsImxvZ2lkIjoiMmQ3NzQzYzktMWI2NS00ODY3LWEwMGEtYjViMWI2NWE1YzY2IiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRvbWFpbiI6Im4ueWFtLmNvbSIsInBvcGluX3ZlcnNpb24iOjZ9
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Cross-Origin-Resource-Policy
cross-origin
Content-Length
0
Content-Type
text/plain
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&uid=&type=pc_channel_pv&nid=pc&media=n.yam.com&r5=ca_%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E|ab_standard|ch_standard-pc&t=1644201675779&tz=tw
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:16 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJzdGFuZGFyZC1wYyIsImV4cGVjdGVkX2FkIjo0LCJyZW5kZXJlZF9hZCI6NCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJuLnlhbS5jb20iLCJ1cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwibG9naWQiOiIyZDc3NDNjOS0xYjY1LTQ4NjctYTAwYS1iNWIxYjY1YTVjNjYiLCJ1aWQiOiIwYWY4N2E5OTE4ZmMwYWFhMDkxMTY0NDIwMTY3NDMwOSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijc1ZjJiMDFjLWRhZjYtNDYyMS04YTg0LTRhODQxYzhiMTEzYiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLlj7DngaPmr48yNeWIhumQmDHku7bli57os4fniK3orbAg5LyB5qWt6Z2i5bCN5Yue5qqi5LiJ5oub5pyJ6Kej77yBIHwg6JWD5paw6IGeIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTcuMC40NjkyLjcxIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5Ny4wLjQ2OTIiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNzVmMmIwMWMtZGFmNi00NjIxLThhODQtNGE4NDFjOGIxMTNiIiwiY29tbW9uX2NhdGVnb3J5IjoiZWNvbm9teSIsImNhdGVnb3J5Ijoi5Y2z5pmC5paw6IGeIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1644201675779
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Last-Modified
Thu, 13 Dec 2018 07:24:27 GMT
Server
nginx/1.13.5
ETag
"5c12092b-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
adlogs
log.popin.cc/log/popin_ads/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6IndvcmQtcGMiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MSwicmVxdWVzdF9hZCI6MTUsInJlc3BvbnNlX2FkIjoxNSwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsImxvZ2lkIjoiMmQ3NzQzYzktMWI2NS00ODY3LWEwMGEtYjViMWI2NWE1YzY2IiwidWlkIjoiMGFmODdhOTkxOGZjMGFhYTA5MTE2NDQyMDE2NzQzMDkiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5Y+w54Gj5q+PMjXliIbpkJgx5Lu25Yue6LOH54it6K2wIOS8gealremdouWwjeWLnuaqouS4ieaLm+acieino++8gSB8IOiVg+aWsOiBniIsInRkX3VybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTcuMC40NjkyIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijc1ZjJiMDFjLWRhZjYtNDYyMS04YTg0LTRhODQxYzhiMTEzYiIsImNvbW1vbl9jYXRlZ29yeSI6ImVjb25vbXkiLCJjYXRlZ29yeSI6IuWNs+aZguaWsOiBniIsImFidGVzdCI6InN0YW5kYXJkIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1644201675785
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&uid=&type=pc_channel_pv&nid=pc&media=n.yam.com&r5=ca_%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E|ab_standard|ch_word-pc&t=1644201675789&tz=tw
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:16 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3b3JkLXBjIiwiZXhwZWN0ZWRfYWQiOjIsInJlbmRlcmVkX2FkIjoyLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MDgxOTMyOTAiLCJsb2dpZCI6IjJkNzc0M2M5LTFiNjUtNDg2Ny1hMDBhLWI1YjFiNjVhNWM2NiIsInVpZCI6IjBhZjg3YTk5MThmYzBhYWEwOTExNjQ0MjAxNjc0MzA5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNzVmMmIwMWMtZGFmNi00NjIxLThhODQtNGE4NDFjOGIxMTNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuWPsOeBo+avjzI15YiG6ZCYMeS7tuWLnuizh+eIreitsCDkvIHmpa3pnaLlsI3li57mqqLkuInmi5vmnInop6PvvIEgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDA4MTkzMjkwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Ny4wLjQ2OTIuNzEgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQwODE5MzI5MCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6Ijk3LjAuNDY5MiIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI3NWYyYjAxYy1kYWY2LTQ2MjEtOGE4NC00YTg0MWM4YjExM2IiLCJjb21tb25fY2F0ZWdvcnkiOiJlY29ub215IiwiY2F0ZWdvcnkiOiLljbPmmYLmlrDogZ4iLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1644201675789
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
log.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=0af87a9918fc0aaa0911644201674309&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210408193290&t=1644201675789
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://n.yam.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 07 Feb 2022 02:41:16 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
20211110%5C2021111005463331.jpg
vote.yam.com/imgfix/ Frame E557 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005463331.jpg?h=250&w=0
Requested by
Host: vote.yam.com
URL: https://vote.yam.com/CF/js/jquery.devrama.slider.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4891d2f3b13ad3981865434d54a55b010d7202c8327e60b092854967b68ae99f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:15 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:56 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386999
Content-Length
35451
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:56 GMT
20211110%5C2021111005463331.jpg
vote.yam.com/imgfix/ Frame E557 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005463331.jpg?h=250&w=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4891d2f3b13ad3981865434d54a55b010d7202c8327e60b092854967b68ae99f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:56 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386999
Content-Length
35451
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:56 GMT
20211110%5C2021111005480989.jpg
vote.yam.com/imgfix/ Frame E557 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005480989.jpg?h=250&w=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
039c38db4dc3cb7760f6c386b58aec1e9617d087b10252a19f1c72054dfabe85
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:16 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:53 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386996
Content-Length
31205
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:53 GMT
all
csm.eu.criteo.net/ Frame 5D9C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=6J9qVOF2oFlH304iGgXkOJ8oF8UqFTgvrlbKSSy020l_nrRhEfJm6jOQxOwK12oEeUTAqkkBuSg11s6T8v88zqRzfzy7JK4gQ68RP1tocRye2q_STS4Po4jkOFTt2KtLns_Jz4MArmQaV1pB7lyFBnQMR128XHla9vY3W_xQbUeXwMkylzm3AKwrnW7sEUCOGkW9r5EvGtvdetIhO5-xkQL9Ze8cR4h17RjbvW5aDMMSPHl79A7-RpiQSspIpImcg2CHxQ&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJMIu89KAAOM3OJAgSa0VjetUSj4dg&u=%7CIv1Ojxlbn2TMNGBurdYinYVFVPJcx32oIWE4ZzGDtQw%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4VBZk7o6r4u2Tz-b9i3H_G-X5MXpmH_vXDDH0SawykmzQdNoNLWy9ltKLz3nPeYlsIEGW5j28FJ0ZIucU-eJmgX327v6rGfCt32M9fVS4ZD3TNHEK2neb92zab_ZkYBHdEznm2eXDuSfI-AE8SoCsEQi3rmNUMaIWCwPxveYC1p_Lu9DXpcD2xhQGwvAm8LZjLmi7gc5gVIT4nsLb0ihDleq8LpGWUqbj-6kQDGqtuTQIUFD2lYI6fCaeOgN0-jUnklRItZ-BdKI_ZxXIjJBzUsopf9HeXaaO5VZQn__oPpHIm7i-DjqHidtIQZRpu_WpPiWhigjIelWhda7fqLLbiWdODjgvNmDPKF4p2qYLC77U5MWt02_P0zvcuvG5MMai5V5OZd-T2bYf7XLXzpKqDAQRTIe0HR72m9tUeui5OEeKywH1ydOE2N&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQ1U9yIYAYpOBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEnwJP0KranxL8bfW73DfoBxTMrBKSKbjGR1Z74u1s2G_2izlO2qo15t8Mb223XozrZaIStWbEoQlLCdVYYvJUh44z346-1LiOttp214Vpr0X-X_2qJ2CtzX5hQyKLMqgcfGEsN87PDEkOUofmMkE1x3l7YGwegMZE0Wok3WqnaaaaompRSNhkkvH2Jvz0oXBg09OR9BwuXH2oJgjDYwWMoLlckm-_K1LLbq4auA_AfJWCEit9Yw5584puaOb1tXNXNEvsyxRcol9B6dWV3ugXa-YwFzjd7mazGF9ZMhiYb76C3Fc077kS-wSsokOtc5GY2UBW7q5MP3hUbznEBhHZ_dy3fRHlSW0PiXT1RgZ8NpLKw3arDhlG_xeXUzy1uo9dlOAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3eAf0mgJbELf7GSTxqDugyMsrs5Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:19 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
all
csm.eu.criteo.net/ Frame 4A3E 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=TdGcT-F2oFlH304iTiz4DAqN3N4THfGDdrPLcyPl-8rodHpjk11emHHx06sYp7E30CFBOhS1mohMGqY24N03Gcef2LbAB_NXFb2gn6FK2XQZqfSV_6n8Bf51iuwWSUc_FTPZHo1w-amCSJ1_y1M5jW45NlS_CST8yEOiGat5Frs0QC8dUtqLUJCOqNRFzrkmP8f380oWYDc_xi7AfGjAg1xTc1xXc-HrZL99H-oegyQDqRDriV9hMuk6Vt3p8UUnQ3g91g&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YgCGyAABgJEIu89KAAOM3MeFmGap00gvSnfdNg&u=%7CIv1Ojxlbn2R7CW0GonmsvKyelujNyzOud1SWPRPmZY8%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUAZKNvHYJLpTwYKDzg_lmTENhFMXxHEwIA8D6K6_93MLu0zsIv8_2ftv4cylzZWLX2XRoyjLM0jqQt_oBbDe5f1dQavAJeMCja1xa-pYMQ5I2y-c2ntnJtWzMTY5G4ebdAbI2k-VBUnJ_eZMwVLJFVwt-4kHlrdaVpdwN2ta6hIIaVq1MZ4Cc9Qb317nf9t4qxYpGDSjTOvbivMxF9RI8sFACqlF-6K2EDzU_3Mf9ISzjl7EQWU5rvd-XwEmxSJ7yC-OEdd-HlpDzAGMJLvaqi9HCGuaH9lGNMOv46Pl1MVNmu4_BVFu3HIRVwXxmiAjlcY_ucCpOHDsx1kkDq8dKdZxu4bZIagHJ0LFD9DrSrtGFSdH5m943dq329N0bQDSc9n_e269BBkPdK8oTIadCFjdK8EYms9JPloKPlUEYuQy2oQBRKiscQX4fRGTNsPBy8&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaF8IyIYAYpGBBsqe7_UP3JmOkA_JntKxXNWdkfdwwI23ARABIABgldqIgpgHggEXY2EtcHViLTEzMTA4NTI2MDQzMzUyNTSgAdW20uoDyAEJqQKF7wPBzjWzPuACAKgDAaoEigJP0Ji0a1BBFUNVntcTkh_ayCn02jLOhUMhVR60CUxqVd2TEFpb2nTmKpKPlYMjAXvh7mjgS4poxo4QcDDXNiF_iyngQSHDQ6vTxhRJq7VEHun-bSoPOfeSYky2JHkxi0slzBlgQHkiyvXp9Mw-o-io2hule7PWotNZWBBapd5pnCsX87kuza4AuS4U5s_Y5s8-_oIRuz2pz8Xay4x4xzURCHrT9QdY5LBhWcj6MkO_0ZW5S9ZYDRRpJccOPPNPgHyLta0gXicTqLNvAcmioD0Wz-9NNuRhuuC36XotX-e6PP_E8Rnm6c48UFpejI20vxNFdvTcvrgyKxla3BmF1in6C73bMWJ5d4_L1uAEAYAGrt-ZoLP2it34AaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2v06DQ6zH05vUpKicsAsX9Vbl24Q%26client%3Dca-pub-1310852604335254%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Feb 2022 02:41:16 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
20211110%5C2021111005432835.jpg
vote.yam.com/imgfix/ Frame E557 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005432835.jpg?h=250&w=0
Requested by
Host: n.yam.com
URL: https://n.yam.com/Article/20210408193290
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd2d36f8d6b97b22a9cd51b09fa138b0a46c2e8e2c5912b2ed5525d34637fd79
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:20 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:57 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386996
Content-Length
28131
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:57 GMT
20211110%5C2021111005432835.jpg
vote.yam.com/imgfix/ Frame E557 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005432835.jpg?h=250&w=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dd2d36f8d6b97b22a9cd51b09fa138b0a46c2e8e2c5912b2ed5525d34637fd79
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:20 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:57 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386995
Content-Length
28131
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:57 GMT
20211110%5C2021111005463331.jpg
vote.yam.com/imgfix/ Frame E557 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vote.yam.com/imgfix/20211110%5C2021111005463331.jpg?h=250&w=0
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4891d2f3b13ad3981865434d54a55b010d7202c8327e60b092854967b68ae99f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://vote.yam.com/CF/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 07 Feb 2022 02:41:21 GMT
X-AspNetMvc-Version
5.2
Last-Modified
Sat, 05 Feb 2022 09:17:56 GMT
Content-Type
image/jpeg
Cache-Control
public, max-age=31386995
Content-Length
35451
X-Xss-Protection
1; mode=block
Expires
Sun, 05 Feb 2023 09:17:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
vote.yam.com
URL
https://vote.yam.com/CF/index.html
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=4a56b1fa-5e3b-473c-b171-b4411cc4f5dc&google_hm=NGE1NmIxZmEtNWUzYi00NzNjLWIxNzEtYjQ0MTFjYzRmNWRj
Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| $ function| jQuery object| $yA object| googletag object| dataLayer function| gtag function| gaevent function| getWebPathName function| ResizeSensor object| FB object| ggeac boolean| google_plmetrics object| google_js_reporting_queue object| google_tag_manager object| adGeekUtil function| adGeekRenderEndedHelper undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| DFP object| adGeekDfp object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| webpackJsonp boolean| sp-tools-loaded object| retryerror object| appInsights function| fbAsyncInit object| jQuery1113007346219288204558 undefined| jQuery1113007346219288204558_1644201671813 function| onYouTubeIframeAPIReady function| setImmediate function| clearImmediate object| AI object| Microsoft function| __extends function| _endsWith object| ampInaboxIframes object| ampInaboxPendingMessages object| AmpVideoIframe number| yam_AD_UNID object| $yamAD boolean| $yADReady string| $yADURL object| $yAV object| criteo_syncframe_state object| _pop object| _popIn5_config object| PopInGlobal function| Treasure2 object| PopIn6 object| popInGlobal object| PopIn object| JSON3 object| PopIn5Conf number| mediagoAdPosition object| PopIn5 string| qString function| TreasureJSONPCallback0 function| TreasureJSONPCallback1 boolean| popInPositionAndStyle

33 Cookies

Domain/Path Name / Value
.yam.com/ Name: _ga_RE4LTMGVEF
Value: GS1.1.1644201671.1.0.1644201671.60
.yam.com/ Name: _ga
Value: GA1.2.314239862.1644201672
.yam.com/ Name: _gid
Value: GA1.2.409756655.1644201672
.yam.com/ Name: _gat_gtag_UA_16227618_1
Value: 1
n.yam.com/ Name: ai_user
Value: u116g|2022-02-07T02:41:12.350Z
.yam.com/ Name: __gads
Value: ID=f0fb7b833a8b9a39-2291576537cd00aa:T=1644201672:S=ALNI_MaDLR6GcN9InNZ__nwPMjLj5fCC4Q
.doubleclick.net/ Name: IDE
Value: AHWqTUn7dkFZRSRcS8GY7Dr5PWsIqAVsiQepk8odXkCaLtXatrDNjqfUHHdQxmCSkVg
vote.yam.com/ Name: ASP.NET_SessionId
Value: 5emf040hn4k1rbv0sqzvvlmr
.vote.yam.com/ Name: ARRAffinity
Value: b5263b03750953481e3d9b75e540e38a0eaaad041c2728537674c6e27204a8d1
.vote.yam.com/ Name: ARRAffinitySameSite
Value: b5263b03750953481e3d9b75e540e38a0eaaad041c2728537674c6e27204a8d1
n.yam.com/ Name: ai_session
Value: XV+nj|1644201673033|1644201673033
.aralego.com/ Name: sspid
Value: 38057c2b-1926-3218-9c7a-4852e2912b60
n.yam.com/ Name: CFFPCKUUID
Value: 413-gRRZ8mM2QfZqqJnH5TVy2KA584oArakP
.yam.com/ Name: CFFPCKUUIDMAIN
Value: 5140-7lq0qJenbEqaYD4Cd4tvZ5R2zSulrit4
.holmesmind.com/ Name: P
Value: 775578-PZtmuQQ31dGtTUShXjP1Vxw2UGe8EATd
.holmesmind.com/ Name: Vision
Value: 20220207-23:59,20220207-13,20220207-13,20220207-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.yahoo.com/ Name: A3
Value: d=AQABBMmGAGICEElXJi4D9CZJqRetSKEYlUIFEgEBAQHYAWIKYgAAAAAA_eMAAA&S=AQAAApzPF6GgOwdThCG2OAc1aPI
.yam.com/ Name: _ss_pp_id
Value: 0af87a9918fc0aaa0911644201674309
.adsrvr.org/ Name: TDID
Value: 768dfbba-fbe3-49e0-8dde-0c9b8b6d0bb6
.hinet.net/ Name: uuid
Value: 392c8fb0-24cb-4113-a23a-0eb702653cc7
.popin.cc/ Name: uid
Value: 0af87a9918fc0aaa0911644201674309
.yam.com/ Name: __htid
Value: 392c8fb0-24cb-4113-a23a-0eb702653cc7
.yam.com/ Name: _ht_50ef57
Value: 1
.yam.com/ Name: _td
Value: 75f2b01c-daf6-4621-8a84-4a841c8b113b
.yam.com/ Name: _ht_em
Value: 1
.in.treasuredata.com/ Name: _td_global
Value: 9172249b-1c01-42c8-825f-f4e84907553e
.c.appier.net/ Name: _auid
Value: vS7id9bDAtGnptAmzIYAYg
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjMws_Bwfu0OhAFOAFaB253dXNsdW1gAg..
.bidswitch.net/ Name: tuuid
Value: 4a56b1fa-5e3b-473c-b171-b4411cc4f5dc
.bidswitch.net/ Name: c
Value: 1644201677
.bidswitch.net/ Name: tuuid_lu
Value: 1644201677

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=4a56b1fa-5e3b-473c-b171-b4411cc4f5dc&google_hm=NGE1NmIxZmEtNWUzYi00NzNjLWIxNzEtYjQ0MTFjYzRmNWRj
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

392c8fb0-24cb-4113-a23a-0eb702653cc7.t.ssp.hinet.net
624b5f966af4dd7d753c7f249cbdb54d.safeframe.googlesyndication.com
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
admd.yam.com
ads.aralego.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.google.com
api.popin.cc
az416426.vo.msecnd.net
banner-cfnetwork.cdn.hinet.net
bidder.criteo.com
c.holmesmind.com
cat.nl.eu.criteo.com
cdn.aralego.net
cdn.holmesmind.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
d18ffd7022e95760909c3af011dffe77.safeframe.googlesyndication.com
fcm.holmesmind.com
fp.holmesmind.com
gocm.c.appier.net
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
n.yam.com
pagead2.googlesyndication.com
pix.eu.criteo.net
player.ivideosmart.com
prebid-asia.creativecdn.com
prebid.scupio.com
r.popin.cc
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync.aralego.com
t.ssp.hinet.net
tpc.googlesyndication.com
tw.popin.cc
vote.yam.com
weather.yam.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
cm.g.doubleclick.net
fcm.holmesmind.com
vote.yam.com
103.132.192.30
119.63.193.220
119.63.198.143
119.63.198.172
119.63.198.188
119.63.198.189
13.76.41.74
142.250.184.226
172.105.213.147
178.250.0.165
178.250.2.135
178.250.2.148
178.250.2.150
18.215.191.232
192.96.200.41
2001:4de0:ac18::1:a:1a
203.75.214.136
210.59.219.181
211.20.171.204
2600:1901:0:7a0b::
2600:9000:2156:aa00:3:1794:2540:93a1
2600:9000:224a:c800:0:e06c:e940:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:47fe
2606:4700:3035::6815:2d58
2606:4700::6810:135e
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c08::9c
2a02:2638:1::11
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:5f80:a::b212:e7c3
34.117.219.39
34.96.119.68
35.201.76.93
35.75.110.87
52.230.1.186
014ff211237f60ea59febe3d16b1c62411b191714f7d4c617e368cbb8642a81f
02a7fec208f762863c112063fe04854c502cd64a12760979a5b8007a463ad6f0
039c38db4dc3cb7760f6c386b58aec1e9617d087b10252a19f1c72054dfabe85
049ff5e6815dbfcfa8297c87c07b10182edce1c23a5d3297326205ec952e9c1b
05ed7424c6f3c3d2aec5dfe7fa92e5f617afe58a01666c1c584d342a8b57a0e7
088918082f62717d37a1d62e8a251e9a4e10d036090fddbbba37ca7bc03335fd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ddcf5079938afa282f4221d58e7dbaf18b4540b4ab5783995a4c5be8c0d6d3c
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
101d2adecdc84a8dddd428b3de2cc7a12373eda82eb2057893960437dc55a1d6
10a7e524db359a94a66ea75b97e81a52932f0e10a04deabb49fb73ec5d038946
12a14a185b05f3f38dcbda8c599c64989d05169c906d01b740474bf2e8450f35
1419b8b18e2084e1d79ca111dba4eb9ea7dd22171029e13467e77d90c3f1a06e
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
15eb44d26f736a4a625736e93a080257b8914784fd0b8a77878e6200a30e81b3
1655a16462aefd8ddafed3e67e58288cca40bcfecdf58be3bb9f1bf7512b81ec
180c7cb3d801ef8f115e4800430b2622d76002c39c32495b8aa6cc0b865f0a00
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19e63a64055145811f19b89020689bb5230a3b8d957455044ddcbf4d7308fe63
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1edc83f7137848a661dbf5a61dbe4bb3b42fc7d064004560ea0269b45747e7d3
20b7efa85f61ef7ed2b2a29f97c40b2d8c698442e6671058ef3af71ed882b104
21b52d38e72f291fba9fa4b02f6a2fe68f281f87ab8c73a53984cc163a0ed08b
22cdd754655cb4f708e8a0890af3fdd3715409bf422db9e8d69c709e7dbf1e2e
24a0efd193f41e0a7ced33123901e02bf5fb80488ee228d67f8975701c0a6f78
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
296580ed43f86df1adf09c8f7f110abbe7d7f4773804fff85e72e74efe23e9f0
2b742a8e40eda53cab177f16e49ad9e68978ff9074da055d14299a9ca6934787
2fe96ef95f0ef87759dd5ee2cee663219fa46363e2fbe34aacf66cb0ff6e575a
363ed390a3b95ea41077424abfe9c13970ad19f341d4efd82783f727c2badfd7
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
37b0c310b8588d36ea8c3523528731c1aa007efd01bc6eeff67c0a9373de1a95
398f43c6084ffdd737fd29f1bcf50f108a7bbc64e1166d319a4e29fdb40e31e3
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3b095582926d785ec101de15de7cd7310e8c3961a2a9101cf1aac3f90ef2d9dd
3b3446a0e1254ba70508b10b7ea5bfbd60e42f22c1bdba89a421a72d25aed643
484e1ade8644fbae375deb6a8d759868b28120a4bfa22271e7256f065d969c1d
4891d2f3b13ad3981865434d54a55b010d7202c8327e60b092854967b68ae99f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
516fed5a83f65f5b5a9910b0280ed17d26e8a49da27c040b5365a2a199e428bf
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
53430fcc44154aef3dcb8aa393825cdbe41fc7ba37836fdc6f99216f8f158126
535c0cbf7d9ba30714479b2fbc3c5c6f8aac89d1aebe4280d1026d1fa29c7d72
536429eab51aaed2d0386c52000bbe9877a97bb7c825381fefbbdf2ae0c22007
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56d19e2a47665370c9521ca19b803d4e6dd18d2db8aa2c429139b30640696be6
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63649b0266963dc62ef62f4f019da966ae28076f19d7d6b97244a9400cbed560
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6a5a94d0b2fb606a853bc24347234da9e31ecca4a6e35841c6a2443833fdfc30
6a780c5fa5c99f71f5c5f711477fffc2e6c453995ce779d3f66a8d74c6983141
6b8de92a24d18f8c52d07bef8979336e4f14834121bfae5c071fe430213247b3
6c57ce5b30d6521364075a0fb27d615a7124f494f789067c6a8ecf0162ee2fc1
6c6414ec1f58ce4a0475014dd742c1382f163931d7ad64a64386027e1dd53faf
727ce04fc54091e26bbfafdd442febd1d3601d5f0dc83fe42957cbec9d8c7c76
7330d5c4be45574f4ade6ba316484f31259b4289890104243d39ebf00668f81f
736637f2cf0857a005fcb7d072d34a51a1a19949a045f9d243234d82659f6e0d
777d9ba97f71b58516554830a448987a1f8498931acb677792265beb5ceae646
790ce9c9da050e908b56ec0600baf60e48f07ee38a4147d49ad7be9e8597f01d
80182a21e69d7232583dcf7b19a5cfb9a597e7adbcc22f1a14e4096d8602612d
80b410ec29856b8a73f32c11d586a7fe30fb0398b485d41420144b217ccdf930
8246297b958c38c4ce4902ff522c1e9192ec9b35c883587b22533f78b57e1d28
8301b6a0cd6f51a66c1a75d0512eab5495eeae98bb99e7365c713063252a3a97
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849d0cde47450bead63722e7f6b938226b2bbb65e5d9ec606c6ecfe367e922aa
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
88fb9c30c091382351c5f0c5f4ab54d7fdef63ab318534b78b9041cfe7aed5bc
8959cbb31bc9bfc1725be63c62be12e61153d1323bcbbd72583a920cbdde82a3
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
93f871ce94c730e02c2d43634d4819bed0f282df99c2f59b0795786bb8accf22
95901cd872570c226a2a131e926a275006f1d37e2dfbda1e6d004b1b0d6a4568
97638fe73a3c2fdd1f9872cfb126fb2d3f2515975b5c0efc3d523d3b9ba66c78
99c655b2b3de05c3e42e1668660a4f525f5fc477ce21380937195db3768cc965
9a99f9f1c9939b5174008575d44dca5c126d7ec9438430ceb3537e354d29e6a2
9aafdca8db8d8ab1bb303bf8af5a0c1eb26977f36ab4ad6801ef447b7b71daa9
9d5cbcadd2608ad6a3d4736c41b799d5b02635ff9443c32282a901c1efe0e2b5
a0682a63b832d3473c0eca3dce6a3b09909c0deb86eb24df79d766221e37b5bd
a0bb23f0a426f87ab98c8300fa03a131327d6fc5d5d6d1e17a4afcb475d5252b
a0c36d5a7429cd2e2ca22ad8e991492327824c53f1fbfa22bb1508fb9087a0f0
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fe766858986b6edd5c03d83e01db2efc6dc864e9f9c4e925d66d1141e103de
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a312e4bf61796f18c8a913a17cb848b77d32e98cdc5418f94a0dd83739023ceb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ac0fd75bb413471276f5f9b2a919915a2eff38553fb71b72222cf562831488
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9397d2e32082fda51a48c97987d76738d6087c6cf92e6566b448370748e033c
af981878bb3cf4dd86377f88bb5fb0dbb22a3a2082f4b8cd30cce9461c11fb23
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ad18d59a923a30397279d4545c15ae7088bb6e70f37b6468b890fc4cfee8ba
b2029a1bc6f7724ad7f03be9e4c51ba10227802dce468c7c995a9a726d250ccb
b4515b8f273639bb116e123e614d446918aca49d7216151885da47a90370e837
b470a9ccb87f12a1e884dd7b83f52df6cbaabd71f89b9d844e94df1da9f76623
b488cc39842ffd22a5aa4fb06c2ed61746e085befd83791209ccc3d45408c4c3
b54a654e4217dfdaea2128cda6d60cee61ebbb994594d9f6b26ddea0e649d0d8
b860fa45149fd3fe8617f1a9fd86d02e4a6820a7b3df3d39f2238154407c41c4
ba44cdbcfe1363caf6f1ab3bf350e9141ea3f893c6952e0dbb48537141e3bdad
bc13afc32c81c66b102a63a2c672cc4ab9a3338964e3e32c8f17f8cc5ab0db49
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c0969e49972e18ee4f5edde6fd55f029d2ac758dced35991d0a288f349ff255a
c45efbafbdd63225cd5d53367a7764a9b1c495e496ad5628bdb1d0b9a585d830
c977a560c6765bf35f8f7204a453056d86580d82b22a656dfd5730f62a97399b
c99442f2685ab85f1219dc1da3b9ce48891300e612914f862d85f5ea372e38e6
ca71ea48130126151c7bb6ae861a878d386eef42a940fd193e672c304357b063
cb6edda44b62692b7e6c1b810291c46162b99c1f0c6228ab2a187b7d1072d026
ce060c4b31136228f92c39acd9a2b4e090d0cdb950d0f68c641cc4f2477decfa
ce1f3c592fb1fa8ec36e24e94c7ee1078b7b5cce37aa1f2dfad408e48f7bc83d
d266551323bab61c96ab4de427d9b19e6219797f459ca339a7667f055a5d0007
d3a6fb9e39c82eed501889521b19cc4fc13d1104f83128928775b520c86f8abc
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d6168af066c2e390f9ff5ccdeee66bcde4a7e16ef62cd6bacaa6e8f77815c37d
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d95f012777dd8b2dd121ce32ee1f1469392e0324cd983f1e8077f86b607d2773
dae344cbb0c104b69b92bb0e75784b707174fe72c620a5d01f651ede91df7ef3
dce196c44d8bd79fea22e1c0419f9f56da0c70d65de227c00043ae1834282dcb
dd2d36f8d6b97b22a9cd51b09fa138b0a46c2e8e2c5912b2ed5525d34637fd79
ddd6d5dc5139d523200d4a7517286c8feb2c981affd3c0a72e6d785dfdabb771
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0e2d7cefffb4d70cc26783bdb91ad8d563733ee196f63e5b99a870b14efd126
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e39f4d0766632aea74b7e75ca572ac66208ffbce5582069a9c1ef9ebbe69d0b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e2e0d0189bbe4fa32f23013f3970b6629b356e58e08201e2badfc36cccf3f0
e70d938561bf4d2cc26cb6f7db5634c5c1cc7c5f2c21fa330185739cf07e126d
e76a718b15ac0a66be5144c0f2463f94fb632041e42dc60ecc627634f5deb0c1
ea4d8446159d1f71f8dad379c62fe855418b1a7ea0ecdaa5815fb72a8c8ea08c
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef36c54a8970de684a3fda047b98b9835013bc6dc732889a59dfb0b789c91083
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f4a615fdae8e2e26bc507686077d9f6b0432493cfb32e3a03828aca4c93c869a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f637b8ad6844fc6e2b9db188f1113abd2895a07050649ab6884929fec86fd7ac
f987b7beba9c09d83e550788b3dc5190d20c705f744fcedb14a541211b5db0ec
ffd2a11d59a7fbb41a2008eb97336977f9f37ebe8156cd8adc4a9ac24b96dc78