额外信息 针对 https://yahoo.net
Date
| Step #0: Sat, 04 May 2024 12:59:04 GMT
|
Strict-Transport-Security
| Step #0: max-age=31536000
|
Server
| Step #0: ATS
|
Cache-Control
| Step #0: no-store Step #2: no-store, no-cache, max-age=0, private
|
Content-Type
| Step #0: text/html
|
Content-Language
| Step #0: en
|
Expect-CT
| Step #0: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
|
X-Frame-Options
| Step #0: DENY Step #1: SAMEORIGIN
|
X-Content-Type-Options
| Step #0: nosniff
|
Referrer-Policy
| Step #0: strict-origin-when-cross-origin Step #1: no-referrer-when-downgrade
|
Content-Security-Policy
| Step #0: sandbox allow-scripts; default-src 'self'; img-src https:; style-src 'unsafe-inline'; script-src 'unsafe-inline'; report-uri http://csp.yahoo.com/beacon/csp?src=redirect Step #1: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage®ion=US&lang=en-US&device=&yrid=7ova5ulj3cc8o&partner=; Step #2: frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage®ion=FR&lang=fr-FR&device=&yrid=5k67fh5j3cc8o&partner=;
|
Location
| Step #0: https://www.yahoo.com/ Step #1: https://fr.yahoo.com/?p=us
|
Content-Length
| Step #0: 4411 Step #1: 17 Step #2: 4
|
Redirect #1
| HTTP/1.0 302 Found |
Age
| Step #0: 0
|
X-XSS-Protection
| Step #0: 1; mode=block
|
Redirect #2
| HTTP/1.0 200 OK |
Expires
| -1 |
Date Step #0:
Sat, 04 May 2024 12:59:04 GMT
Strict-Transport-Security Step #0:
max-age=31536000
Server Step #0:
ATS
Cache-Control Step #0:
no-store
Step #2:
no-store, no-cache, max-age=0, private
Content-Type Step #0:
text/html
Content-Language Step #0:
en
Expect-CT Step #0:
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
X-Frame-Options Step #0:
DENY
Step #1:
SAMEORIGIN
X-Content-Type-Options Step #0:
nosniff
Referrer-Policy Step #0:
strict-origin-when-cross-origin
Step #1:
no-referrer-when-downgrade
Content-Security-Policy Step #0:
sandbox allow-scripts; default-src 'self'; img-src https:; style-src 'unsafe-inline'; script-src 'unsafe-inline'; report-uri http://csp.yahoo.com/beacon/csp?src=redirect
Step #1:
frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage®ion=US&lang=en-US&device=&yrid=7ova5ulj3cc8o&partner=;
Step #2:
frame-ancestors 'self' https://*.builtbygirls.com https://*.rivals.com https://*.engadget.com https://*.intheknow.com https://*.autoblog.com https://*.techcrunch.com https://*.yahoo.com https://*.aol.com https://*.huffingtonpost.com https://*.oath.com https://*.search.yahoo.com https://*.pnr.ouryahoo.com https://pnr.ouryahoo.com https://*.search.aol.com https://*.search.huffpost.com https://*.onesearch.com https://*.verizonmedia.com https://*.publishing.oath.com https://*.autoblog.com; sandbox allow-forms allow-same-origin allow-scripts allow-popups allow-popups-to-escape-sandbox allow-presentation; report-uri https://csp.yahoo.com/beacon/csp?src=ats&site=frontpage®ion=FR&lang=fr-FR&device=&yrid=5k67fh5j3cc8o&partner=;
Location Step #0:
https://www.yahoo.com/
Step #1:
https://fr.yahoo.com/?p=us
Content-Length Step #0:
4411
Step #1:
17
Step #2:
4
Redirect #1 HTTP/1.0 302 Found Age Step #0:
0
X-XSS-Protection Step #0:
1; mode=block
Redirect #2 HTTP/1.0 200 OK Expires -1