glp.search.yahoo.com Open in urlscan Pro
2a00:1288:80:800::7000 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://daily.comms.yahoo.net/T/v60000017a4a3ef230bbd5b66e965fc958/af0fa156fba548760000021ef3a0bcde/af0fa156-fba5-4876-b98a-b8...
Effective URL:
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcre...
Submission: On June 27 via api (June 27th 2021, 12:24:47 am UTC) from BE

Summary HTTP 36 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 13 domains to perform 36 HTTP transactions. The main IP is 2a00:1288:80:800::7000, located in Frankfurt am Main, Germany and belongs to YAHOO-DEB, GB. The main domain is glp.search.yahoo.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on June 23rd 2021. Valid for: a month.

This is the only time glp.search.yahoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	159.127.187.9 159.127.187.9	19137 (EPSILON-I...) (EPSILON-INTERACTIVE)
3 10	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
3 3	99.81.230.232 99.81.230.232	16509 (AMAZON-02) (AMAZON-02)
1	65.9.77.53 65.9.77.53	16509 (AMAZON-02) (AMAZON-02)
2	3.23.205.215 3.23.205.215	16509 (AMAZON-02) (AMAZON-02)
1	65.9.69.81 65.9.69.81	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:110... 2a00:1288:110:c104::2000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
36	16

1 159.127.187.9 (United States) 1 redirects

ASN19137 (EPSILON-INTERACTIVE, US)

daily.comms.yahoo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1288:80:800::7000 (Frankfurt am Main, Germany) 3 redirects

ASN203220 (YAHOO-DEB, GB)

glp.search.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.81.230.232 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-230-232.eu-west-1.compute.amazonaws.com

guce.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.53 (United States)

ASN16509 (AMAZON-02, US)

scripts-prodga.c2s-sa-production.aws.oath.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.23.205.215 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-205-215.us-east-2.compute.amazonaws.com

ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.81 (United States)

ASN16509 (AMAZON-02, US)

external-frame.c2s-sa-production.aws.oath.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c104::2000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

gla.search.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)

udc.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	yahoo.com 6 redirects glp.search.yahoo.com guce.yahoo.com gla.search.yahoo.com udc.yahoo.com	41 KB
6	facebook.com www.facebook.com	587 B
5	yimg.com s.yimg.com	35 KB
4	facebook.net connect.facebook.net	246 KB
4	oath.cloud scripts-prodga.c2s-sa-production.aws.oath.cloud ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud external-frame.c2s-sa-production.aws.oath.cloud	17 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
2	google.de www.google.de	216 B
2	google.com www.google.com	216 B
2	doubleclick.net googleads.g.doubleclick.net	3 KB
2	taboola.com cdn.taboola.com	47 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	49 KB
1	yahoo.net 1 redirects daily.comms.yahoo.net	251 B
36	13

	Domain	Requested by
6	www.facebook.com	glp.search.yahoo.com
5	s.yimg.com	glp.search.yahoo.com s.yimg.com
5	glp.search.yahoo.com	3 redirects glp.search.yahoo.com
4	connect.facebook.net	glp.search.yahoo.com connect.facebook.net
3	guce.yahoo.com	3 redirects
2	www.google.de	glp.search.yahoo.com
2	www.google.com	glp.search.yahoo.com
2	tr.outbrain.com	amplify.outbrain.com glp.search.yahoo.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	cdn.taboola.com	www.googletagmanager.com glp.search.yahoo.com
2	ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud	glp.search.yahoo.com
1	udc.yahoo.com	s.yimg.com
1	amplify.outbrain.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	external-frame.c2s-sa-production.aws.oath.cloud
1	gla.search.yahoo.com	glp.search.yahoo.com
1	external-frame.c2s-sa-production.aws.oath.cloud	glp.search.yahoo.com
1	scripts-prodga.c2s-sa-production.aws.oath.cloud	glp.search.yahoo.com
1	daily.comms.yahoo.net	1 redirects
36	19

This site contains links to these domains. Also see Links.

Domain
help.yahoo.com
www.verizonmedia.com
guce.yahoo.com
advertising.yahoo.com

Subject Issuer	Validity	Valid
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-23` - `2021-08-04`	a month	crt.sh
*.c2s-sa-production.aws.oath.cloud Amazon	`2020-12-12` - `2022-01-10`	a year	crt.sh
*.search.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-15` - `2021-09-08`	6 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
analytics.query.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-08` - `2021-09-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Frame ID: 1B916DA87F4B8C4C60C6178A66F748AF
Requests: 10 HTTP requests in this frame

Frame: https://external-frame.c2s-sa-production.aws.oath.cloud/prodga/glpbf.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Frame ID: F79B224E7E62E4E1EB6E2504D9F1796F
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://daily.comms.yahoo.net/T/v60000017a4a3ef230bbd5b66e965fc958/af0fa156fba548760000021ef3a0bcde/af0fa1... HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&... HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=aMxP1PM&done=https%3A%2F%2Fglp.search.yahoo.c... HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&... HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=O8zz6HA&done=https%3A%2F%2Fglp.search.yahoo.c... HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&... HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=JH4u7hA&done=https%3A%2F%2Fglp.search.yahoo.c... HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&... Page URL

Detected technologies

Apache Traffic Server (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /ATS\/?([\d.]+)?/i

Page Statistics

36
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

16
IPs

3
Countries

450 kB
Transfer

1513 kB
Size

6
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://help.yahoo.com/l/us/yahoo/search/;_ylt=AwrC3J9xwoZg4iUApQYPxQt.
Title: Help

Search URL Search Domain Scan URL

URL: https://www.verizonmedia.com/policies/us/en/verizonmedia/privacy/products/searchservices/index.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.verizonmedia.com/policies/us/en/verizonmedia/terms/otos/index.html
Title: Terms

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/privacy-dashboard?locale=en-US
Title: Privacy Dashboard

Search URL Search Domain Scan URL

URL: https://help.yahoo.com/kb/search/sln2244.html
Title: About ads

Search URL Search Domain Scan URL

URL: https://guce.yahoo.com/manage-selling-my-info?locale=en-US
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://advertising.yahoo.com/article/search-advertising.html
Title: Advertise

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://daily.comms.yahoo.net/T/v60000017a4a3ef230bbd5b66e965fc958/af0fa156fba548760000021ef3a0bcde/af0fa156-fba5-4876-b98a-b8384164b86b?__dU__=v0G4RBKTXg2GvzBXXO0iqzhfK3XL_QtCwvEzYEqrVEClg=&__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0DA16EdUMykLx2GY7uT8ruWfzP1yHaf9ztQrAIkTDnN1KHo4ieoWyWOuPe6zENN109vHOyzEjbzZrUKMICb0H0HiEBvywY9rzp4V_1BnGJLRtAvz20Rn_GT11zUPoWvq5stxOdjUhBPYwBQwmM1zoNyN6rkXQc5zupjbPIIINsQkjsdGfqjdoNcBv8F0WHBGquvJpzvFoxMj6H5p6zPi-QFFTKmlDXyS1X5Nhno82l7Cw5E0iJwBu3zrYKxI-ge_WCg2rwbQnTrbyc9WCF3_51_umOsj1NavUk6lKwTlYL_o9ZkDc3Wx-hGaAkhQZMGLsexVoP2n7282W9urXPubpPLpF4W6K8b3iramePTw6qmv_i43uF5Cqe6rA7pFGE4_6SVJ6wEA4R-kWnQHl0YpjL HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=aMxP1PM&done=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&guccounter=1 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=O8zz6HA&done=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26guccounter%3D1 HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&guccounter=2 HTTP 307
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=JH4u7hA&done=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26guccounter%3D2 HTTP 302
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 10.html Show response
glp.search.yahoo.com/as/
Redirect Chain

https://daily.comms.yahoo.net/T/v60000017a4a3ef230bbd5b66e965fc958/af0fa156fba548760000021ef3a0bcde/af0fa156-fba5-4876-b98a-b8384164b86b?__dU__=v0G4RBKTXg2GvzBXXO0iqzhfK3XL_QtCwvEzYEqrVEClg=&__F__=...
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=aMxP1PM&done=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btrans...
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&guccounter=1
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=O8zz6HA&done=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btrans...
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&guccounter=2
https://guce.yahoo.com/consent?brandType=nonEu&gcrumb=JH4u7hA&done=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btrans...
https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495

99 KB
28 KB

119ms
118ms

Document
text/html

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fff1f1cc523a8d9ed88309c4222dcfa74d9ea3600b07d55b1aa67d37c9e40d11

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.yahoo.com https://.aws.oath.cloud https://.yimg.com https://.vidible.tv https://.advertising.com; script-src 'self' 'unsafe-inline' https://.vidible.tv https://.vidible.tv https://.advertising.com https://.yahoo.com https://.aws.oath.cloud https://.yimg.com https://www.googletagmanager.com https://www.googleadservices.com; img-src 'self' https://.advertising.com https://.vidible.tv https://.aws.oath.cloud https://.yahoo.com https://.yimg.com data:; connect-src 'self' https://.vidible.tv https://.advertising.com https://.aws.oath.cloud https://.yahoo.com; style-src 'unsafe-inline' 'self' https://.yahoo.com https://.aws.oath.cloud https://.yimg.com; media-src data: https://.vidible.tv;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: glp.search.yahoo.com
:scheme: https
:path: /as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: B=7lrmc35gdfh9p&b=3&s=vi; A1=d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4; A3=d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4; A1S=d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4&j=GDPR; GUC=AQEBBAFg2RBhukIfpgSQ; GUCS=ASR-Lu4Q
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
server: ATS
date: Sun, 27 Jun 2021 00:21:11 GMT
x-amz-apigw-id: BjuiqGpboAMFUOA=
x-frame-options: DENY
content-security-policy: default-src 'self' https://*.yahoo.com https://*.aws.oath.cloud https://*.yimg.com https://*.vidible.tv https://*.advertising.com; script-src 'self' 'unsafe-inline' https://*.vidible.tv https://*.vidible.tv https://*.advertising.com https://*.yahoo.com https://*.aws.oath.cloud https://*.yimg.com https://www.googletagmanager.com https://www.googleadservices.com; img-src 'self' https://*.advertising.com https://*.vidible.tv https://*.aws.oath.cloud https://*.yahoo.com https://*.yimg.com data:; connect-src 'self' https://*.vidible.tv https://*.advertising.com https://*.aws.oath.cloud https://*.yahoo.com; style-src 'unsafe-inline' 'self' https://*.yahoo.com https://*.aws.oath.cloud https://*.yimg.com; media-src data: https://*.vidible.tv;
cache-control: public,max-age=600
x-amzn-requestid: ca21edc2-9be2-4f5a-903b-d53f076f95c5
x-amzn-trace-id: Root=1-60d7c477-24ac17a6339453d314f5f12f;Sampled=0
x-amz-cf-pop: FRA2-C1 AMS50-C1
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-id: SQNzcZrhyvdEYhqbq3jrV32wlkVslluxAIlQfqvzWkPK12P7cLzMAg==
age: 194
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

Redirect headers

Connection: keep-alive
Server: guce
Strict-Transport-Security: max-age=31536000; includeSubDomains
Location: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Content-Length: 0
Date: Sun, 27 Jun 2021 00:24:25 GMT

GET
H2 200 rapid3.js Show response
s.yimg.com/ss/ 49 KB
18 KB 11ms
10ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/ss/rapid3.js

Requested by

Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9aea3b55470359e75d103539f9ce1eb537d25596f20f880add43d7e223a1ba43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 5BCVDHMA79YT7YRV
x-amz-id-2: lKn4vQIf/dUgSNgEcVFiYVPXiak0pTlflR5ChqFrBCbgTk0bWVsDqaK3WRnn+2SCQAaubK9QqyI=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Jun 2021 17:16:47 GMT
server: ATS
etag: "ddd13696f2cbd3765df95131183a4f3b-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: rMlSkoZ4Pk0yzjO4UV58RuhFNUxQ_UMs
x-xss-protection: 1; mode=block
cache-control: max-age=600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 syndication.js Show response
s.yimg.com/uv/dm/scripts/ 25 KB
9 KB 13ms
12ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/uv/dm/scripts/syndication.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b41d3866f039d722abc2f2abf5c97e4b511797010de632d46ae951d637e76602

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: 8Z2VGJWFGQJ971C5
x-amz-id-2: CSmRV5XwJdK4reVugBj9ra1MPFBHyhMzs6v9id9P9kdxDmJrF58UnsEgJOFfeRS4NeCtB7QHzCk=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 04 May 2021 21:12:47 GMT
server: ATS
etag: "9211c6876ec9718ac70b4fb7a9250114-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: Lx80WD58sMXOvq52dh4KtN9rCnGOZkN9
x-xss-protection: 1; mode=block
cache-control: public,max-age=60
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 bs3.css
glp.search.yahoo.com/resources/css/ 12 KB
3 KB 10ms
9ms Stylesheet
text/css 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://glp.search.yahoo.com/resources/css/bs3.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c7c5d8eb3d3420c6e9f3dd08b1f5da68d060c01c36c8ee18814bcb928b559116

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /resources/css/bs3.css
pragma: no-cache
cookie: B=7lrmc35gdfh9p&b=3&s=vi; A1=d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4; A3=d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4; A1S=d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4&j=GDPR; GUC=AQEBBAFg2RBhukIfpgSQ; GUCS=ASR-Lu4Q
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: glp.search.yahoo.com
referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 14 May 2021 23:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3719593
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
vary: Accept-Encoding
content-length: 2857
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 17 Jan 2021 09:36:30 GMT
server: ATS
etag: W/"f096c11cf4df9ce7e5c024b26c36e83e"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 95HDqErk33udadi_zs9FwuZ-KChSej7JOcvu6GpI-tQS713URxhNiw==

GET
H2 200 / Show response
scripts-prodga.c2s-sa-production.aws.oath.cloud/ 92 KB
15 KB 1595ms
1280ms Script
text/javascript 65.9.77.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts-prodga.c2s-sa-production.aws.oath.cloud/?h=glp.search.yahoo.com&e=6&widgets=SA,GI,SRP&partner=glp
Requested by: Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 5e2b706fce1de8b814b8ea402ebbe6edb89222ed535dc956e227a0683665e03a

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:27 GMT
via: 1.1 ed3a324a0ea0d1dfe339969855915050.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS1-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=1800
content-encoding: gzip
content-length: 14782
x-amz-cf-id: MGPtyMPWOiHLzFSuNr8JMIrUEKhUhNwwEvbjcTKQta-6QxsAzqP1Ng==

GET
H2 200 Privacy_Rights_icon.png
s.yimg.com/cv/apiv2/default/20200109/ 1 KB
2 KB 7ms
7ms Image
image/png 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/cv/apiv2/default/20200109/Privacy_Rights_icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

c5af395b9cea7019c48f33c8aced3e9f3dbf56e67901ae036590c12976301c5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 17 Jun 2021 13:45:45 GMT
x-content-type-options: nosniff
age: 815922
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=15552000
content-length: 1514
x-amz-id-2: 2nyudKhScYD++gRy5sMRYETKhel/5Ks58pj9Yt7h7QqNRkJvdPyoNXZ3WzHbVN6Lkj/wrpBGdGU=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Jan 2020 08:02:39 GMT
server: ATS
etag: "d61bd4381b75efdf07e827ad267213ea"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-request-id: 0CEW9YVWBGZDCDNV
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/png

POST
H2 200 beacon
ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud/v00/ 0
0 429ms
140ms Ping
application/json 3.23.205.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud/v00/beacon
Requested by: Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.205.215 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-205-215.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

GET
H2 200 glpbf.html Show response
external-frame.c2s-sa-production.aws.oath.cloud/prodga/ Frame F79B 2 KB
2 KB 76ms
18ms Document
text/html 65.9.69.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://external-frame.c2s-sa-production.aws.oath.cloud/prodga/glpbf.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Requested by: Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00689b1ea60ad65cbad4ed04b5d5dfb584d046a140cba7b124ac102c9ee97097

Request headers

:method: GET
:authority: external-frame.c2s-sa-production.aws.oath.cloud
:scheme: https
:path: /prodga/glpbf.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495

Response headers

content-type: text/html
content-length: 1768
last-modified: Tue, 22 Jun 2021 13:06:31 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-version: 0.62.226
accept-ranges: bytes
server: AmazonS3
date: Sat, 26 Jun 2021 20:04:44 GMT
cache-control: public,max-age=21600
etag: "18d8cd19dca1ca7c61d181112c0e5764"
x-cache: Hit from cloudfront
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 6vMBxS4XFrK2m6sEGG6Cs_KMZ_5_VJrmhraoSE4tt63aFi5d_I3w-Q==
age: 15762

GET
H2 200 search Show response
gla.search.yahoo.com/datap/v3/ 8 KB
5 KB 760ms
478ms XHR
application/json 2a00:1288:110:c104::2000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://gla.search.yahoo.com/datap/v3/search?query=zero%20interest%20credit%20card%20transfers&appid=2534f9ad&features=ads,ads.north&ads.north-count=5&ads-sitelink=0&adType=zerointerestcreditcardtransfers%26p%3Das-10-SRP%26c%3Dc2s_srp_glp_na_g_d_&adSourceTag=yahoo_mktg_search_ginsu3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c104::2000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

43400245ad3b8bb4a913a8475a06647ecda1bd0a06d19485bc2b86e439285dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:26 GMT
x-ats-disc-connection: 127.0.0.1:18001
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 1
expect-ct: max-age=31536000, enforce
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://glp.search.yahoo.com
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-encoding: gzip
content-length: 4830
x-content-type-options: nosniff
x-ats-discplugin-version: 2.2.4.0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame F79B 147 KB
49 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T4PDD4Q

Requested by

Host: external-frame.c2s-sa-production.aws.oath.cloud
URL: https://external-frame.c2s-sa-production.aws.oath.cloud/prodga/glpbf.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35df4c924adc3e74c3b9eb2042ab157c59ccea6a1ffdd4a4432ebf408b0be1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49568
x-xss-protection: 0
last-modified: Sun, 27 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 27 Jun 2021 00:24:26 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame F79B 36 KB
14 KB 70ms
27ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4PDD4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a15f6a7c5191be77ed55a7edc0fc260c36cf3a0bc3352902f86b8b8681377ac8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14015
x-xss-protection: 0
server: cafe
etag: 3892345837017921139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 00:24:26 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ Frame F79B 7 KB
3 KB 78ms
26ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4PDD4Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 00:24:26 GMT
Content-Encoding: gzip
X-Check-Cacheable: YES
Server: AkamaiNetStorage
X-Akamai-Pragma-Client-IP: 10.53.140.30, 37.46.199.188
ETag: "c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
X-Serial: 1
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Last-Modified: Mon, 22 Mar 2021 12:03:44 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Sun, 27 Jun 2021 00:44:26 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1147963/ Frame F79B 70 KB
23 KB 66ms
20ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1147963/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T4PDD4Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3561388262ef48d29cfdd3076d569b2d750d48585a9dbc14577593d056ceb94f

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: x.wLvq7W2zrRoBDmwe4Aq4BxlDtuklVU
content-encoding: gzip
etag: "9588878015214d8e9b8b41a131159e7a"
age: 26021
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23462
x-amz-id-2: hDeQYX89gi9LeMaHvEUNr26sqW07DnSeOjrXn+byuWigKcbu4qf165fSG4q8AzE1XZn/m7GcM7w=
x-served-by: cache-hhn11574-HHN
last-modified: Wed, 16 Jun 2021 10:25:57 GMT
server: AmazonS3
x-timer: S1624753466.144803,VS0,VE0
date: Sun, 27 Jun 2021 00:24:26 GMT
vary: Accept-Encoding
x-amz-request-id: KGE9EFWT61J76YAC
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 2

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame F79B 15 KB
6 KB 7ms
7ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 26 Jun 2021 23:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2817
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: xtiwLp0hWcMAt7hIgztOBFUxw2Zf1Tc7kAPr0sZPh8+eM4yzsV6AyWwUyOYIU9jV0X+gHmQ3ozw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 0KKMMJAJBMQ16BMW
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame F79B 94 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f35fd99c15de392199c3c5b116fab65bb8aaaaa74bcf1c1729e9e01bb26780e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24632
x-xss-protection: 0
pragma: public
x-fb-debug: dCFTHRafsy9wlU+uBxXQGt519bY4A8YHFORTiilaBQeOM/INJyhAUA2nvWy+1gmeEpUxYXGh02c8Orv8S99cWw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sun, 27 Jun 2021 00:24:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1373343/ Frame F79B 70 KB
23 KB 165ms
124ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1373343/tfa.js
Requested by: Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89225b9b8e76304062e2c43c6535afc00a8f0023ef44909923374fca0cda4f82

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Wh7zvNiNWu0I4TbrKvRimGeRtzp4Q4G9
content-encoding: gzip
etag: "4d5356c0124dd3983e2572e421551e8b"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23462
x-amz-id-2: s73AmVv2OU8f1GTDFhQh/TDBaVUmVcOcItY02fYBiKIcxMtcmMFgfVJAkGDPKi9BXPDZrMHeyOc=
x-served-by: cache-hhn11574-HHN
last-modified: Wed, 16 Jun 2021 10:20:36 GMT
server: AmazonS3
x-timer: S1624753466.144785,VS0,VE105
date: Sun, 27 Jun 2021 00:24:26 GMT
vary: Accept-Encoding
x-amz-request-id: N6SDQVAH04KN5JYX
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 74
x-cache-hits: 1

GET
H2 200 10088179.json Show response
s.yimg.com/wi/config/ Frame F79B 46 B
434 B 8ms
8ms XHR
application/octet-stream 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10088179.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

8f230d49e9ea45c17f0e65368d130b8b0597af12f074d145b895838c37259edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 26 Jun 2021 00:47:30 GMT
x-content-type-options: nosniff
age: 85017
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: WGH26BXN9ZFVF4S9
x-amz-id-2: jnU8Zloq4uBXDMW5PFqrcQOCNAs34EiFPRG+rkIp1HvxgDXhGbOUnk0ZEO0e7JNEaf6wPGvI99g=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 13 Mar 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 05 Feb 2021 19:30:47 GMT
server: ATS
etag: "66404796b69a0964aedc8e0a3387496b"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: MFIsYfqhCZi02CZbZMcp4aLp9Xx0u68j
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H3-29 200 996439000689867 Show response
connect.facebook.net/signals/config/ Frame F79B 260 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/996439000689867?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bea13bbed68cdce5de3f38f70d464e805c1eee4d332246f63d313594351143b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75623
x-xss-protection: 0
pragma: public
x-fb-debug: VcSaWO2DOVFJYL7wIiFuNifZZjVNH+Y+baDWXNUnmZt2Z3sJ4xWjXhxZ/CKkpH6TslprOFDwz2o9VlqIYk39SA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 27 Jun 2021 00:24:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 268919727981133 Show response
connect.facebook.net/signals/config/ Frame F79B 260 KB
74 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/268919727981133?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5ca934054966933244cf226d13132a4ca62a6c6399ed8b93f08ac904066f690

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75579
x-xss-protection: 0
pragma: public
x-fb-debug: VHYXD5inp5aK/9uB5SfQyvgcE6oQqLqx9azoTJslN2AwofB3aJVi1yXhBJQYCqW7Zz7S6E/HcxD7S3Qlv8heLQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 27 Jun 2021 00:24:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame F79B 44 B
147 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996439000689867&ev=PageView&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&rl=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&if=true&ts=1624753466150&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&it=1624753466111&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 27 Jun 2021 00:24:26 GMT

POST
H2 204 yql Show response
udc.yahoo.com/v2/public/ 0
67 B 35ms
34ms XHR
text/plain 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://udc.yahoo.com/v2/public/yql?yhlVer=2&yhlClient=rapid&yhlS=1351195855&yhlCT=2&yhlBTMS=1624753466166&yhlClientVer=3.53.28&yhlRnd=Ssv6iPHJTUKwWTfx&yhlCompressed=0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/ss/rapid3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:25 GMT
server: ATS
age: 1
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
p3p: policyref="http://info.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
access-control-allow-origin: https://glp.search.yahoo.com
cache-control: no-store, no-cache, private, max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=31536000
expires: -1

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/790869493/ Frame F79B 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/790869493/?random=1624753466170&cv=9&fst=1624753466170&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&ref=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&tiba=Title&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c4feec2342098aea42d2fdce25fe173d3d07fefba5aea0f6c9290674b6c2993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/649470338/ Frame F79B 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/649470338/?random=1624753466175&cv=9&fst=1624753466175&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&ig=1&frm=2&url=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&ref=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&tiba=Title&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

354e3f91c7102b75c1eea09aaef16d3cf1fd15bb735cb073641fd33acda417df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1142
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ Frame F79B 35 B
239 B 460ms
115ms Script
application/javascript 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=0041aaa81d5bbe3ba2ed2b45f2304c0f0f,00225670a7fb955f7d965b61597a19cdf0,00234b8040c52a5ffc8362858b31e3bcef,00fda49b4b520bb94ed0ee9c30d6be4776
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 00:24:26 GMT
content-encoding: gzip
X-TraceId: f42838afb104f914548efe0d53487193
Content-Length: 56
Content-Type: application/javascript

GET
H3-29 200 151211446908896 Show response
connect.facebook.net/signals/config/ Frame F79B 260 KB
74 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/151211446908896?v=2.9.42&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b075a0a02fa92341b3dfbeed5082070bc05b2fc3ca0ca748c6a34ffb452b9752

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75563
x-xss-protection: 0
pragma: public
x-fb-debug: 7qF0vaB6awom2NfFBAfHFB+uWD1Jk8dm13xWAYvt2BpuKJQVPA5XExZHarnujGEtcBDM1+5bQw4kEPv/2fMi2A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 27 Jun 2021 00:24:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame F79B 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=268919727981133&ev=PageView&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&rl=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&if=true&ts=1624753466188&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&it=1624753466111&coo=false&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 27 Jun 2021 00:24:26 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/790869493/ Frame F79B 42 B
108 B 20ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/790869493/?random=1624753466170&cv=9&fst=1624752000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&ref=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&tiba=Title&async=1&fmt=3&is_vtc=1&random=1598459929&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/790869493/ Frame F79B 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/790869493/?random=1624753466170&cv=9&fst=1624752000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&ref=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&tiba=Title&async=1&fmt=3&is_vtc=1&random=1598459929&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/649470338/ Frame F79B 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/649470338/?random=1624753466175&cv=9&fst=1624752000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&ref=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&tiba=Title&async=1&fmt=3&is_vtc=1&random=2572218728&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/649470338/ Frame F79B 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/649470338/?random=1624753466175&cv=9&fst=1624752000000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6n0&sendb=1&frm=2&url=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&ref=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&tiba=Title&async=1&fmt=3&is_vtc=1&random=2572218728&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Jun 2021 00:24:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame F79B 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=151211446908896&ev=PageView&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&rl=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&if=true&ts=1624753466215&sw=1600&sh=1200&v=2.9.42&r=stable&ec=0&o=30&it=1624753466111&coo=false&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 27 Jun 2021 00:24:26 GMT

POST
H2 200 beacon
ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud/v00/ 0
0 139ms
139ms Ping
application/json 3.23.205.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud/v00/beacon
Requested by: Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.205.215 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-23-205-215.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ Frame F79B 43 B
256 B 116ms
116ms Image
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=0041aaa81d5bbe3ba2ed2b45f2304c0f0f,00225670a7fb955f7d965b61597a19cdf0,00234b8040c52a5ffc8362858b31e3bcef,00fda49b4b520bb94ed0ee9c30d6be4776&obApiVersion=1.0-gtm&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&optOut=false&bust=046598197485822257
Requested by: Host: glp.search.yahoo.com
URL: https://glp.search.yahoo.com/as/10.html?hspart=yahoo&hsimp=yhs-g3a&p=zero+interest+credit+card+transfers&type=zerointerestcreditcardtransfers&_guc_consent_skip=1624753495
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 27 Jun 2021 00:24:26 GMT
Cache-Control: no-cache
X-TraceId: 13a755ad666cbbd625ccecddab7a7837
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3-29 200 /
www.facebook.com/tr/ Frame F79B 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=996439000689867&ev=Microdata&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&rl=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&if=true&ts=1624753467654&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Title%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.42&r=stable&ec=1&o=30&it=1624753466111&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 27 Jun 2021 00:24:27 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame F79B 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=268919727981133&ev=Microdata&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&rl=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&if=true&ts=1624753467690&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Title%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.42&r=stable&ec=1&o=30&it=1624753466111&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 27 Jun 2021 00:24:27 GMT

GET
H3-29 200 /
www.facebook.com/tr/ Frame F79B 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=151211446908896&ev=Microdata&dl=https%3A%2F%2Fexternal-frame.c2s-sa-production.aws.oath.cloud%2Fprodga%2Fglpbf.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&rl=https%3A%2F%2Fglp.search.yahoo.com%2Fas%2F10.html%3Fhspart%3Dyahoo%26hsimp%3Dyhs-g3a%26p%3Dzero%2Binterest%2Bcredit%2Bcard%2Btransfers%26type%3Dzerointerestcreditcardtransfers%26_guc_consent_skip%3D1624753495&if=true&ts=1624753467718&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Title%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.42&r=stable&ec=1&o=30&it=1624753466111&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://external-frame.c2s-sa-production.aws.oath.cloud/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 00:24:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sun, 27 Jun 2021 00:24:27 GMT

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yahoo.com/	1969-12-31 23:59:59	Name: A1S Value: d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4&j=GDPR
.yahoo.com/	1970-01-20 04:05:11	Name: A3 Value: d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4
.yahoo.com/	1970-01-19 19:19:15	Name: GUCS Value: ASR-Lu4Q
.yahoo.com/	1970-01-20 04:05:11	Name: A1 Value: d=AQABBDnF12ACEHlK_2SKKzo0nm8_Pg2JQAsFEgEBBAEQ2WC6Ybu9b2UB_eMAAAcIOcXXYBnM7no&S=AQAAAva-_tSGMzAibZZuRnCpuw4
.yahoo.com/	1970-01-20 04:05:11	Name: GUC Value: AQEBBAFg2RBhukIfpgSQ
.yahoo.com/	1970-01-20 04:05:32	Name: B Value: 7lrmc35gdfh9p&b=3&s=vi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.yahoo.com https://.aws.oath.cloud https://.yimg.com https://.vidible.tv https://.advertising.com; script-src 'self' 'unsafe-inline' https://.vidible.tv https://.vidible.tv https://.advertising.com https://.yahoo.com https://.aws.oath.cloud https://.yimg.com https://www.googletagmanager.com https://www.googleadservices.com; img-src 'self' https://.advertising.com https://.vidible.tv https://.aws.oath.cloud https://.yahoo.com https://.yimg.com data:; connect-src 'self' https://.vidible.tv https://.advertising.com https://.aws.oath.cloud https://.yahoo.com; style-src 'unsafe-inline' 'self' https://.yahoo.com https://.aws.oath.cloud https://.yimg.com; media-src data: https://.vidible.tv;
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
cdn.taboola.com
connect.facebook.net
daily.comms.yahoo.net
external-frame.c2s-sa-production.aws.oath.cloud
ginsubeacons-prodga.c2s-sa-production.aws.oath.cloud
gla.search.yahoo.com
glp.search.yahoo.com
googleads.g.doubleclick.net
guce.yahoo.com
s.yimg.com
scripts-prodga.c2s-sa-production.aws.oath.cloud
tr.outbrain.com
udc.yahoo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.162
159.127.187.9
199.232.137.44
2.18.234.190
2a00:1288:110:c104::2000
2a00:1288:110:c204::b000
2a00:1288:80:800::7000
2a00:1450:4001:810::2004
2a00:1450:4001:828::2008
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.23.205.215
65.9.69.81
65.9.77.53
70.42.32.31
99.81.230.232
00689b1ea60ad65cbad4ed04b5d5dfb584d046a140cba7b124ac102c9ee97097
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
354e3f91c7102b75c1eea09aaef16d3cf1fd15bb735cb073641fd33acda417df
3561388262ef48d29cfdd3076d569b2d750d48585a9dbc14577593d056ceb94f
35df4c924adc3e74c3b9eb2042ab157c59ccea6a1ffdd4a4432ebf408b0be1cb
43400245ad3b8bb4a913a8475a06647ecda1bd0a06d19485bc2b86e439285dbf
4c4feec2342098aea42d2fdce25fe173d3d07fefba5aea0f6c9290674b6c2993
5e2b706fce1de8b814b8ea402ebbe6edb89222ed535dc956e227a0683665e03a
6bea13bbed68cdce5de3f38f70d464e805c1eee4d332246f63d313594351143b
89225b9b8e76304062e2c43c6535afc00a8f0023ef44909923374fca0cda4f82
8f230d49e9ea45c17f0e65368d130b8b0597af12f074d145b895838c37259edf
9aea3b55470359e75d103539f9ce1eb537d25596f20f880add43d7e223a1ba43
a15f6a7c5191be77ed55a7edc0fc260c36cf3a0bc3352902f86b8b8681377ac8
b075a0a02fa92341b3dfbeed5082070bc05b2fc3ca0ca748c6a34ffb452b9752
b41d3866f039d722abc2f2abf5c97e4b511797010de632d46ae951d637e76602
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
c5af395b9cea7019c48f33c8aced3e9f3dbf56e67901ae036590c12976301c5b
c7c5d8eb3d3420c6e9f3dd08b1f5da68d060c01c36c8ee18814bcb928b559116
d5ca934054966933244cf226d13132a4ca62a6c6399ed8b93f08ac904066f690
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35fd99c15de392199c3c5b116fab65bb8aaaaa74bcf1c1729e9e01bb26780e7
fff1f1cc523a8d9ed88309c4222dcfa74d9ea3600b07d55b1aa67d37c9e40d11

glp.search.yahoo.com Open in urlscan Pro 2a00:1288:80:800::7000 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

100 %HTTPS

50 %IPv6

13 Domains

19 Subdomains

16 IPs

3 Countries

450 kBTransfer

1513 kBSize

6 Cookies

7 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

glp.search.yahoo.com Open in urlscan Pro
2a00:1288:80:800::7000 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

19
Subdomains

16
IPs

3
Countries

450 kB
Transfer

1513 kB
Size

6
Cookies

36 HTTP transactions
0 data transactions