buhitter.com Open in urlscan Pro
2606:4700:20::681a:bd7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://buhitter.com/author/monaxmedaka?p=3
Submission: On May 19 via manual (May 19th 2024, 7:03:47 pm UTC) from BR — Scanned from US

Summary HTTP 87 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 20 domains to perform 87 HTTP transactions. The main IP is 2606:4700:20::681a:bd7, located in United States and belongs to CLOUDFLARENET, US. The main domain is buhitter.com.
TLS certificate: Issued by GTS CA 1P5 on May 3rd 2024. Valid for: 3 months.

This is the only time buhitter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:20:... 2606:4700:20::681a:bd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
5	202.231.228.162 202.231.228.162	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
5	142.251.163.154 142.251.163.154	15169 (GOOGLE) (GOOGLE)
1	3.162.112.48 3.162.112.48	16509 (AMAZON-02) (AMAZON-02)
8	2606:2800:220... 2606:2800:220:1410:489:141e:20bb:12f6	15133 (EDGECAST) (EDGECAST)
4	192.229.163.25 192.229.163.25	15133 (EDGECAST) (EDGECAST)
2	2607:f8b0:400... 2607:f8b0:4004:c08::61	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::66	15169 (GOOGLE) (GOOGLE)
2	3.114.80.188 3.114.80.188	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c08::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9b	15169 (GOOGLE) (GOOGLE)
10	172.253.63.102 172.253.63.102	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2199:6400:a:e047:754:3401	16509 (AMAZON-02) (AMAZON-02)
1	2620:100:a00b::4 2620:100:a00b::4	19750 (AS-CRITEO) (AS-CRITEO)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	172.253.115.99 172.253.115.99	15169 (GOOGLE) (GOOGLE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1	2607:f8b0:400... 2607:f8b0:4004:c07::84	15169 (GOOGLE) (GOOGLE)
2	2620:100:a00b... 2620:100:a00b::12	19750 (AS-CRITEO) (AS-CRITEO)
5	142.250.31.155 142.250.31.155	15169 (GOOGLE) (GOOGLE)
3	3.162.112.34 3.162.112.34	16509 (AMAZON-02) (AMAZON-02)
2	34.195.69.162 34.195.69.162	14618 (AMAZON-AES) (AMAZON-AES)
1	13.113.38.141 13.113.38.141	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
2	2607:f8b0:400... 2607:f8b0:4004:c19::84	15169 (GOOGLE) (GOOGLE)
1	172.253.115.147 172.253.115.147	15169 (GOOGLE) (GOOGLE)
2	2600:1408:c40... 2600:1408:c400:e::17cd:6a19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.160.10.79 18.160.10.79	16509 (AMAZON-02) (AMAZON-02)
1	35.75.157.131 35.75.157.131	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:c40... 2600:1408:c400:d::17cd:6a4e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
4	202.210.188.70 202.210.188.70	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
1	18.178.174.25 18.178.174.25	16509 (AMAZON-02) (AMAZON-02)
1	18.182.87.53 18.182.87.53	16509 (AMAZON-02) (AMAZON-02)
1	216.239.34.178 216.239.34.178	15169 (GOOGLE) (GOOGLE)
87	39

3 2606:4700:20::681a:bd7 (United States)

ASN13335 (CLOUDFLARENET, US)

buhitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.231.228.162 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)

fam-8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.163.154 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-112-48.iad61.r.cloudfront.net

cdn-fluct.sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.229.163.25 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::66 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.114.80.188 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-80-188.ap-northeast-1.compute.amazonaws.com

pa.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c08::8a (Washington, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.253.63.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2199:6400:a:e047:754:3401 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.99 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Amsterdam, Netherlands)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::84 (Washington, United States)

ASN15169 (GOOGLE, US)

b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a00b::12 (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.31.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.162.112.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-112-34.iad61.r.cloudfront.net

pdn.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.69.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-69-162.compute-1.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.113.38.141 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-38-141.ap-northeast-1.compute.amazonaws.com

sh.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c19::84 (Washington, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.147 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1408:c400:e::17cd:6a19 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.160.10.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-10-79.iad12.r.cloudfront.net

j.zucks.net.zimg.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.75.157.131 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-157-131.ap-northeast-1.compute.amazonaws.com

i.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:d::17cd:6a4e (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

sync6.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 202.210.188.70 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)

img.fam-8.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.178.174.25 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-174-25.ap-northeast-1.compute.amazonaws.com

sh.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.182.87.53 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-87-53.ap-northeast-1.compute.amazonaws.com

k.zucks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.34.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 646 www.google.com — Cisco Umbrella Rank: 2	70 KB
10	adingo.jp cdn-fluct.sh.adingo.jp — Cisco Umbrella Rank: 168409 pa.adingo.jp pdn.adingo.jp — Cisco Umbrella Rank: 118161 cs.adingo.jp — Cisco Umbrella Rank: 4087 sh.adingo.jp — Cisco Umbrella Rank: 71612 i.adingo.jp — Cisco Umbrella Rank: 113248	25 KB
9	fam-8.net fam-8.net — Cisco Umbrella Rank: 327931 img.fam-8.net — Cisco Umbrella Rank: 686630	1 MB
8	googlesyndication.com b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 164	114 KB
8	twimg.com pbs.twimg.com — Cisco Umbrella Rank: 1214	2 MB
6	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 89	188 KB
5	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1357 syndication.twitter.com — Cisco Umbrella Rank: 1719	31 KB
4	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 29261 sync6.im-apps.net — Cisco Umbrella Rank: 58456 audiencedata.im-apps.net — Cisco Umbrella Rank: 29760	6 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
3	buhitter.com buhitter.com	28 KB
2	zucks.net sh.zucks.net — Cisco Umbrella Rank: 147936 k.zucks.net — Cisco Umbrella Rank: 145721	2 KB
2	criteo.com gum.criteo.com — Cisco Umbrella Rank: 444	550 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 968 id5-sync.com — Cisco Umbrella Rank: 509	28 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	177 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3044	47 KB
1	zimg.jp j.zucks.net.zimg.jp — Cisco Umbrella Rank: 135866	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	903 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 664	13 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3143	3 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 776	30 KB
87	20

	Domain	Requested by
12	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
8	pbs.twimg.com	buhitter.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	buhitter.com securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	fam-8.net	buhitter.com fam-8.net
4	img.fam-8.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	platform.twitter.com	buhitter.com platform.twitter.com
3	pdn.adingo.jp	securepubads.g.doubleclick.net pdn.adingo.jp
3	buhitter.com	buhitter.com
2	dmp.im-apps.net	pdn.adingo.jp dmp.im-apps.net
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	cs.adingo.jp	pdn.adingo.jp
2	gum.criteo.com	static.criteo.net pdn.adingo.jp
2	www.google.com	buhitter.com tpc.googlesyndication.com
2	pa.adingo.jp	cdn-fluct.sh.adingo.jp
2	www.googletagmanager.com	buhitter.com www.googletagmanager.com
2	stackpath.bootstrapcdn.com	buhitter.com
1	k.zucks.net	j.zucks.net.zimg.jp
1	sh.zucks.net	j.zucks.net.zimg.jp
1	audiencedata.im-apps.net	dmp.im-apps.net
1	sync6.im-apps.net	dmp.im-apps.net
1	i.adingo.jp	pdn.adingo.jp
1	j.zucks.net.zimg.jp	pdn.adingo.jp
1	syndication.twitter.com	buhitter.com
1	sh.adingo.jp	pdn.adingo.jp
1	b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	id5-sync.com	cdn.id5-sync.com
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdn-fluct.sh.adingo.jp	buhitter.com
1	code.jquery.com	buhitter.com
87	35

This site contains links to these domains. Also see Links.

Domain
twitter.com
mgpk-api.magazinepocket.com
t.co
fam-8.net

Subject Issuer	Validity	Valid
buhitter.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-03-27` - `2024-06-25`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
fam-8.net FujiSSL Public Validation Authority - G3	`2024-05-10` - `2025-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdn-fluct.sh.adingo.jp Amazon RSA 2048 M01	`2023-08-25` - `2024-09-22`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.adingo.jp Amazon RSA 2048 M02	`2024-02-29` - `2025-03-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2024-04-19` - `2024-07-18`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-25` - `2024-07-19`	3 months	crt.sh
id5-sync.com E1	`2024-04-06` - `2024-07-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.id5-sync.com R3	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-15` - `2024-07-10`	3 months	crt.sh
syndication.twitter.com R3	`2024-04-06` - `2024-07-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2024-03-11` - `2025-03-11`	a year	crt.sh
j.zucks.net.zimg.jp Amazon RSA 2048 M03	`2023-09-29` - `2024-10-27`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2024-03-31` - `2024-06-29`	3 months	crt.sh
img.fam-8.net FujiSSL Public Validation Authority - G3	`2024-05-10` - `2025-06-05`	a year	crt.sh
sh.zucks.net Amazon RSA 2048 M02	`2024-03-02` - `2025-03-31`	a year	crt.sh
k.zucks.net Amazon RSA 2048 M02	`2023-07-09` - `2024-08-06`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://buhitter.com/author/monaxmedaka?p=3
Frame ID: 7BB2E105BD1CF9A3C6E51FE75231D9E7
Requests: 67 HTTP requests in this frame

Frame: https://b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 92E8C785A3B62C115F7CC033315DC4E3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=buhitter.com
Frame ID: F72125675DBB3EAD8D05611E0F791A47
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNKDHYCzm2KD8Gff51CXGBBRWVRF2YclKlG4c92GDvUmAbqHrwdrG_pEJBpNJZvbtRvuuCPt1rsqxrFkUwCZK4Mpoc02BIjnHH2tKmGG7jp-cTywuO41QcYWm1g-g9_VBm1qMeMpXP4FJcVoTvfVtSV3uM8S7ptOwOH0HgMApdRZTYTLDXtTTnIRGhG2SIN83baqcf_fO4a1aKMuAq1njRsbp8jxfxfsbQ39onXO_Sik7vWgHtfeDpig8OvfJdG7g7t9uezwQtNP3VP_3wgcykLtEIamMFxA9ca4QcdViYn8tkVkH-n1Sjzvn8euCnpIwpKgE9vxxOfAEb_JJ_j-6VM0jr2LRrGVZQ-SO-9gL4zOb3c4px3uOUAxIwtN3QGO1pDHY4d4LFZre71i60&sai=AMfl-YT-MF4ir79W0gKwmSi9e20QGnxiATTXaFe6M-QNXRqvPjU804GDX3tn4Eopj96jKLxtJSfj3wb_e_He6EvnirbiunmAVa-gTltTPamCwT8Txh33pI8tb5jB0jEvF2CY9zcie4ygF9WPFnE4F4jpFKA&sig=Cg0ArKJSzJV6XXhoGYXkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E450CC84CCECC2D79A2497997FC5E86B
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbuhitter.com
Frame ID: C6F2FBD955E537A21814980636097E4B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
Frame ID: 6A29D8440E69718BC4E1E79FA74F48A1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05C590DCD53095D5401BA1125D71BF60
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F03E49A3C18F3886E8718456BA63E15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

monaxmedakaさんのイラストまとめ 3ページ目

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

87
Requests

99 %
HTTPS

45 %
IPv6

20
Domains

35
Subdomains

39
IPs

4
Countries

4135 kB
Transfer

5891 kB
Size

21
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/monaxmedaka
Title: @monaxmedaka

Search URL Search Domain Scan URL

URL: https://mgpk-api.magazinepocket.com/landing?t=1414&e=321120
Title: mgpk-api.magazinepocket.com/landing?t=1414…

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1545368598956298240

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1515525460402348034

Search URL Search Domain Scan URL

URL: https://t.co/lvlxzh9Vtt
Title: https://t.co/lvlxzh9Vtt

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1515163067214008326

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1514784360276574209

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1513791385547456516

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1511266650892701699

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1508821290605445121

Search URL Search Domain Scan URL

URL: https://t.co/8QP0iJ5JKw
Title: https://t.co/8QP0iJ5JKw

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1468887230341345280

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1462348116120973314

Search URL Search Domain Scan URL

URL: https://twitter.com/monaxmedaka/status/1460834972718477312

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=37816&_campaign=1530&_article=13896&_link=145129&_mstype=3&_deliver=1
Title: 【激しくシたい人向け】【激しくシたい人向け】性豪イケメンが24時間"尽くしてくれる"乙女ゲー♡[PR]

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=37816&_campaign=3517&_article=13272&_link=128322&_mstype=3&_deliver=1
Title: どの娘にスル？超絶リアルチャットで…※中毒性あり※ 開始3分28秒で目の前に‥“おっπ”がいっぱいで…パフッぱふっ♪[PR]

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=37816&_campaign=1530&_article=13888&_link=145555&_mstype=3&_deliver=1
Title: 「この…欲しがりめｯ…」「この…欲しがりめｯ(ﾊﾞﾁｭ♡ｽﾞﾁｭ♡)」ｲｹﾒﾝ様のｴﾁﾁ調教…しゅごぃ♡[PR]

Search URL Search Domain Scan URL

URL: https://fam-8.net/ad/p/r?_site=7444&_loc=35111&_campaign=3599&_article=13922&_link=145738&_mstype=4&_deliver=1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request monaxmedaka Show response
buhitter.com/author/ 128 KB
23 KB 1125ms
1036ms Document
text/html 2606:4700:20::681a:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

960c116889ca1d89356257ac63932b8dcf8bc01ed19ce9c785e8a1d67e0810b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 88665908ef904bc9-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 19 May 2024 19:03:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uUKEsnhTa9O%2F1dq8xDGvUM0Xeh5O%2B4h02D%2FKx73LBv%2FboCIHCrQw6%2F%2FVadcUOzlzyNdki40YlRIB9iPyAwpwPWifGm2PmwR%2FRmfm%2B9P3O00B16LVEWbFREsJ1BDzwz7ZaC16N9CPvmfWfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET
H3 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 88ms
43ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1070
age: 1674028
cdn-cachedat: 12/12/2023 01:20:55
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a15c2ac3234aa8f6064ef9c1f7383c37"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2ea82305befe954595e1a290d36d78cc
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8866590fab96ab1b-YYZ
cdn-requestpullsuccess: True

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 130ms
41ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2001587
x-cache: HIT, HIT
content-length: 30879
x-served-by: cache-lga21981-LGA, cache-ewr18130-EWR
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1716145416.676817,VS0,VE0
etag: W/"28feccc0-15d84"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 37, 80308

GET
H3 200 bootstrap.bundle.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 77 KB
23 KB 119ms
74ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Origin: https://buhitter.com
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1068
age: 6993779
cdn-cachedat: 12/25/2022 10:19:13
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"a454220fc07088bf1fdd19313b6bfd50"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5516f98dd6241c8ddcc17fc302fa18a8
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8866590fab97ab1b-YYZ
cdn-requestpullsuccess: True

GET
H/1.1 200
OK fam8-tagify.min.js Show response
fam-8.net/ad/js/ 2 KB
3 KB 1061ms
204ms Script
application/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:36 GMT
Last-Modified: Sat, 12 Jan 2019 00:17:54 GMT
ETag: W/"2306-1547252274000"
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 2306

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
29 KB 219ms
114ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

c59755fc321e6fd333ac2ed0583de3c96f90481f1802d551479f7602f8c480c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30016
x-xss-protection: 0
server: cafe
etag: 665 / 19862 / m202405090101 / config-hash: 6209096975862264858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 May 2024 19:03:35 GMT

GET
H2 200 kv.js Show response
cdn-fluct.sh.adingo.jp/ts/ 4 KB
2 KB 146ms
45ms Script
application/javascript 3.162.112.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-48.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Jan 2024 05:57:37 GMT
content-encoding: gzip
via: 1.1 7c52bc60e0da5f557ed6047264a41c18.cloudfront.net (CloudFront)
last-modified: Tue, 10 Nov 2020 02:43:11 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 10587959
etag: W/"556934705e12b655011cd42324d63d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: no-cache
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KcASWPhsBW8Mw_JZcz-IhekIvfe0BqkqUcupxPX8odhP-LDTNQMUMg==

GET
H2 200 JluLDxFO.jpg
pbs.twimg.com/profile_images/1607756450713206784/ 42 KB
42 KB 174ms
40ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1607756450713206784/JluLDxFO.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D146) /

Resource Hash

b66882d80e8f8f7d9d0bed2668f14b3df490399b95c2aef0dd3fb574a21db47f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 550861
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 42497
x-response-time: 16
surrogate-key: profile_images profile_images/bucket/7 profile_images/1607756450713206784
last-modified: Tue, 27 Dec 2022 15:11:03 GMT
server: ECS (nyd/D146)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 36eaf5c3bf47d354
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: 016a992af5e451bca0c21aa466dda445ba749f55ea4f5a47947a51b6f8f7228a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 186ms
38ms Script
application/javascript 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D12D) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:35 GMT
Content-Encoding: gzip
Age: 1260
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (nyd/D12D)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 pre-loader.gif
buhitter.com/img/ 4 KB
4 KB 44ms
44ms Image
image/gif 2606:4700:20::681a:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://buhitter.com/img/pre-loader.gif

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/author/monaxmedaka?p=3
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 120373
content-length: 3649
last-modified: Sun, 21 Jan 2024 10:27:19 GMT
server: cloudflare
etag: "65acf187-e41"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZkWwNzskquqDmJAg3HyZ%2FnPoygTvjAW0isV04F0Qv7e%2FcEy88EVkxFHnkj3yRq0n8s%2BhEJA4L5XwgNGfvhJU%2FXlmNKa000a2rX%2B8Hil%2BGhO4CtPOrJwFSjhaZH%2BSyowhY8qWsZ3uZbypA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
vary: Accept-Encoding
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 8866590f6a434bc9-BUF
expires: Sat, 25 May 2024 09:37:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 215 KB
77 KB 169ms
66ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faf96890ec0987ede0f61a52e030ba0ef023505da72ffcf300227d173de8ec1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78550
x-xss-protection: 0
last-modified: Sun, 19 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 May 2024 19:03:35 GMT

GET
DATA 200
OK truncated
/ 198 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 46ms
45ms Script
text/javascript 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 15:42:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12069
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 19 May 2025 15:42:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 295 KB
100 KB 71ms
70ms Script
application/javascript 2607:f8b0:4004:c08::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9923dd3be9c2c2c057a58e64dc9aa4ff68bec3b86d046afcc82c50b9042f068

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 May 2024 19:03:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 155ms
49ms Script
text/javascript 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WH4L999

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 19 May 2024 18:43:52 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1184
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 19 May 2024 20:43:52 GMT

OPTIONS
H2 204 kv
pa.adingo.jp/ Frame 0
0 631ms
196ms Preflight 3.114.80.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.adingo.jp/kv
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.80.188 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-80-188.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://buhitter.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Authorization, Accept, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Sun, 19 May 2024 19:03:36 GMT
server: nginx

POST
H2 200 kv Show response
pa.adingo.jp/ 408 B
639 B 198ms
197ms XHR
application/json 3.114.80.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.adingo.jp/kv
Requested by: Host: cdn-fluct.sh.adingo.jp
URL: https://cdn-fluct.sh.adingo.jp/ts/kv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.114.80.188 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-114-80-188.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8fa4744814b9ea3f31015b20d557d4c678538cc4e076c874b17ba5f9ea2f4c07

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
server: nginx
access-control-allow-methods: POST, GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Origin, Authorization, Accept, Content-Type
content-length: 408

GET
H2 200 9176203 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 196ms
91ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/9176203?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d23c3a092afa535fcc70e3d92c6527bd469c17720087276a90ece3037663189f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QiBBz5S62ZIidFgOrO-lBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-QiBBz5S62ZIidFgOrO-lBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw05BiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7NfZP0PxEI8HB2zVm5iE7hxY3kHo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgamhmZ6BYXyBAQCGFUM6"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
169 B 56ms
55ms Ping
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je45f0v886998702z8811964994za200&_p=1716145415697&gcd=13l3l3l3l1&npa=0&dma=0&cid=1713025585.1716145416&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716145416&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3&dt=monaxmedaka%E3%81%95%E3%82%93%E3%81%AE%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81%203%E3%83%9A%E3%83%BC%E3%82%B8%E7%9B%AE&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1726
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
95 B 56ms
56ms XHR
text/plain 2607:f8b0:4004:c17::66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1579665662&t=pageview&_s=1&dl=https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3&ul=en-us&de=UTF-8&dt=monaxmedaka%E3%81%95%E3%82%93%E3%81%AE%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81%203%E3%83%9A%E3%83%BC%E3%82%B8%E7%9B%AE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1426018458&gjid=1128844947&cid=1713025585.1716145416&tid=UA-115935434-1&_gid=1332778729.1716145416&_r=1&_slc=1&gtm=45He45f0n81WH4L999v811964994za200&gcd=13l3l3l3l1&dma=0&z=2116884058

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::66 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
345 B 163ms
57ms XHR
text/plain 2607:f8b0:4004:c19::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-115935434-1&cid=1713025585.1716145416&jid=1426018458&gjid=1128844947&_gid=1332778729.1716145416&_u=YADAAEAAAAAAACAAI~&z=1806908919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::9b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 19 May 2024 19:03:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 180ms
71ms XHR
text/html 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.7WutvtiANJY.es5.O/am=AgM/d=1/rs=AJlcJMyfBrQdLYrnmQKOPizfzO16GHTgMA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tHEhJQIvFQxpKw-Z9mW5hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tHEhJQIvFQxpKw-Z9mW5hw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw1JBicEqfwRoExEI8HB2zVm5iE7iwcvdsJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKZnYBZfYAAAnWMiOg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUd7QBRAn6wWVSZ8BMh4WuyvuPuir-MGX5g8lATq85OJHvSiccCrgCWcyhYBAPrhfDDxcfF0WibrdW6Ucru_HBktWG5CNq3A3jsOIQueoHpiRFnQWn4o9Tx4G9MgkAq3Y6iV0Qztg== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 152ms
152ms Script
application/javascript 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUd7QBRAn6wWVSZ8BMh4WuyvuPuir-MGX5g8lATq85OJHvSiccCrgCWcyhYBAPrhfDDxcfF0WibrdW6Ucru_HBktWG5CNq3A3jsOIQueoHpiRFnQWn4o9Tx4G9MgkAq3Y6iV0Qztg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2MTQ1NDE2LDQ1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9idWhpdHRlci5jb20vYXV0aG9yL21vbmF4bWVkYWthIixudWxsLFtbOCwiN1d1dHZ0aUFOSlkiXSxbOSwiZW4tVVMiXSxbMTYsIlsxLDEsMV0iXSxbNywiMTkiXSxbMTEsIltdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::8a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

186bac1e177e5743a63705594f1653165d309275e2cce84626d83f6e98119c0b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tYdrl7S6rJH4J6VbpxsLBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
content-security-policy: script-src 'report-sample' 'nonce-tYdrl7S6rJH4J6VbpxsLBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7FfZP0HxEI8HB2zVm5iE7jwZlEfk5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgamhmZ6BYXyBAQCEY0NA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 155ms
44ms Script
text/javascript 2600:9000:2199:6400:a:e047:754:3401
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2199:6400:a:e047:754:3401 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 19 May 2024 08:27:25 GMT
Via: 1.1 acb5e0138f17ffe7929a4d64a50c4a24.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C1
Age: 38172
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: AgNrpGR4yS8A6zvMWia4v3HwzUY4u-GU5idw2BF303V3GkL1hFNQBA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 41 KB
13 KB 177ms
86ms Script
text/javascript 2620:100:a00b::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Apr 2024 12:20:57 GMT
server: nginx
etag: W/"661532a9-a5c1"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 May 2024 19:03:36 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 94 KB
27 KB 147ms
49ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8070a035a373b78b44da1d975c6cb8b4aab538ddbe46a590e4bf922ddd686b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 08 May 2024 12:31:06 GMT
server: cloudflare
x-amz-request-id: 31V791P874924JVA
age: 2184
etag: W/"7e620160af4322f1830aedb59bbbdb86"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 886659159cfa4bc9-BUF
x-amz-id-2: PkLWYee1fXIzD0Ch/ilIOrUvd4xlkV2mC6fNNYv1et2/R+OvVq2CG6VRa/qK2XYNmHGrAV+yOGk=

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
903 B 126ms
42ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 19 May 2024 19:03:36 GMT
x-content-type-options: nosniff
content-encoding: br
age: 28598
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230042-FRA, cache-nyc-kteb1890028-NYC
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 200ms
107ms Image
image/gif 172.253.115.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-115935434-1&cid=1713025585.1716145416&jid=1426018458&_u=YADAAEAAAAAAACAAI~&z=770463754

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
228 B 375ms
122ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Amsterdam, Netherlands, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://buhitter.com
date: Sun, 19 May 2024 19:03:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H/1.1 200
OK latest-version Show response
fam-8.net/ad/p/ 41 B
494 B 1030ms
195ms XHR
text/html 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/latest-version
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:37 GMT
Content-Type: text/html
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 41

GET
H/1.1 200
OK pjs-1.0.3.min.js Show response
fam-8.net/ad/js/ 15 KB
15 KB 819ms
204ms Script
application/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/fam8-tagify.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:38 GMT
Last-Modified: Wed, 14 Oct 2020 06:13:36 GMT
ETag: W/"14916-1602656016000"
Content-Type: application/javascript
Access-Control-Allow-Credentials: true
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 14916

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
17 KB 534ms
533ms Fetch
text/plain 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1822381789243887&correlator=3983910761809019&eid=31083632%2C31083361&output=ldjh&gdfp_req=1&vrg=202405090101&ptt=17&impl=fifs&iu_parts=62532913%3A22479333033%2Cp_buhitter_970x250_title_28273%2Cp_buhitter_300x250_kensaku-1_28273%2Cp_buhitter_300x250_kensaku-2_28273%2Cp_buhitter_300x250_footer-1_28273%2Cp_buhitter_728x90_overlay_28273&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=970x250%2C300x250%7C336x280%2C300x250%7C336x280%2C300x250%7C336x280%2C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1716145417706&lmt=1716145417&adxs=-9%2C-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ..&url=https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3&vis=1&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1713025585.1716145416&ga_sid=1716145418&ga_hid=1579665662&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRiO0vOR-TFIAFICCGQSGQoKcHViY2lkLm9yZxiT0_OR-TFIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YjtLzkfkxSABSAghkEhkKCnVpZGFwaS5jb20YjdLzkfkxSABSAghk&dlt=1716145415568&idt=522&prev_scp=pa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7Cpa%3Dok%7Cpa%3Dok&adks=1724631948%2C403046175%2C1878229315%2C3801214374%2C3238850784&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

72084c4206766ea189b8c9e1b7ca02f20fb3d73e29f4ce7d1b934942d5ff7ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17345
x-xss-protection: 0
google-lineitem-id: -2,5734155481,5734821323,5734157221,5734823039
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138355405894,138355406017,138355406098,138355061403
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 92E8 0
0 167ms
51ms Document
text/html 2607:f8b0:4004:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 May 2024 19:03:37 GMT
expires: Mon, 19 May 2025 19:03:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame F721 0
0 141ms
49ms Document
text/html 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=buhitter.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 May 2024 19:03:37 GMT
server: Kestrel
server-processing-duration-in-ticks: 427305
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 adbn Show response
fundingchoicesmessages.google.com/f/AGSKWxXPBKIb3RjcYtk4bNrFUPIGQkt4d-H7moKG60bi534m_Mlv0l1uQerYxlw8-NqBmcf5tV5hpezyDuB-H-e_2S5USt32OAkNAY56O0fURyl-_20cnd8FnmMF8l2pihQT1s29tgODoMBgW5O4THdhIekImsuBM... 54 B
110 B 71ms
70ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXPBKIb3RjcYtk4bNrFUPIGQkt4d-H7moKG60bi534m_Mlv0l1uQerYxlw8-NqBmcf5tV5hpezyDuB-H-e_2S5USt32OAkNAY56O0fURyl-_20cnd8FnmMF8l2pihQT1s29tgODoMBgW5O4THdhIekImsuBM0zb2n8aVdLYVHEDAdY_elECaKSaIwya/_/googleads3widetext./adbn?/picAd.=760x120&/adengage0.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.7WutvtiANJY.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMypTMFi8--sIZb19HddD8Os8divsA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

5994db0ab9798d68732a8ba1a32bc9187865a0e41983e0e4fdbed0e2ccab8cb5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NuQmY5O2qDrWzCqIvx1j9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-NuQmY5O2qDrWzCqIvx1j9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1JBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7FfZP0HxOWOF1nrgViIm6Nr1spNbAIv_v2pU9JIyi-MT87PKynKTCotyS9KS05LLU4tKkstijcyMDIxMDU00zMwjC8wAACfbkbg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 85 KB
30 KB 141ms
46ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 18:23:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30705
x-xss-protection: 0
server: cafe
etag: 11611672620318507410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 19 May 2024 19:23:05 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qRwlwGPm8UmdWcDT6aikzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-qRwlwGPm8UmdWcDT6aikzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw0ZBicEqfwRoExEI8HF2zVm5iEzjxZ1ojo5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMTA1NNMzMIsvMAAAn6ciQg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wt9QoJLgZ7Sa_DGghVSGCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-wt9QoJLgZ7Sa_DGghVSGCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmLw0JBicEqfwRoExEI8HF2zVm5iE7hw4OIiRiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKZnYBZfYAAArEIibg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PJhZ5DhTLD3GPXePwWp-Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-PJhZ5DhTLD3GPXePwWp-Gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1pBicEqfwRoExEI8HF2zVm5iE7jx4MkVRiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKZnYBZfYAAAyXUi1g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UIUUpvWAdrUST6Majsl4EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-UIUUpvWAdrUST6Majsl4EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1ZBicEqfwRoExEI8HF2zVm5iE7iw7c51RiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKZnYBZfYAAAukkioQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUU8I4audhBxayX6EYKUI1msH_PqMWCr02M_-eyQzHc7vHYwRK0n24MxXCF1ZGVglhScMMiB4BRGbfMtgRTuI7ajEj3gUtAA0RlzXY1vARbXI6y6vUDAeKH5VU7HVtb3U2FsJC-VQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
79ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUU8I4audhBxayX6EYKUI1msH_PqMWCr02M_-eyQzHc7vHYwRK0n24MxXCF1ZGVglhScMMiB4BRGbfMtgRTuI7ajEj3gUtAA0RlzXY1vARbXI6y6vUDAeKH5VU7HVtb3U2FsJC-VQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2MTQ1NDE4LDQxMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYnVoaXR0ZXIuY29tL2F1dGhvci9tb25heG1lZGFrYSIsbnVsbCxbWzgsIjdXdXR2dGlBTkpZIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjE5Il0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

6d41721bde8d360de6365bd64ca3d1c8bcc15e3edecdb21f118289d28eef9e0b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yGRe9WKafDHbtK68BmvEaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-yGRe9WKafDHbtK68BmvEaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1pBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7FfZP0HxEI8HF2zVm5iE-h48f0mo5JGUn5hfHJ-XklRZlJpSX5RWnJaanFqUVlqUbyRgZGJgamhmZ6BYXyBAQCZO0Og"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVFjEGAqGgg4fyN3rfXmDVEKLyYFnaI_k9VJoF5x2N29iYn_rnEI5yRjm4H-vjfSd10yrCBdaZtbAjjPHLvPI1ioORIjdFcXhqUrBOcjwMMIuEDJiWsZ3cEnPXw8IVJKxkUDUmYDQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7qs6Pgn0HuCOJheiWya8Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-7qs6Pgn0HuCOJheiWya8Kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmII0JBicEqfwRoExEI8HF2zVm5iE1iw9P0_RiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKZnYBZfYAAAu9IipQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://buhitter.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXzMn7AAEa3kFBCIrhMtFfrNXypim5iNuwZ_ZBWRshpYF1sFbJS4Br8fYN4csv85x3wuQiyncwE4t5OlDKEuoXTumL2ZRRgKC6WxpKFws10wGlAwtTf-czMHfMyEGwzHebd0GghAQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 115ms
114ms Script
application/javascript 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXzMn7AAEa3kFBCIrhMtFfrNXypim5iNuwZ_ZBWRshpYF1sFbJS4Br8fYN4csv85x3wuQiyncwE4t5OlDKEuoXTumL2ZRRgKC6WxpKFws10wGlAwtTf-czMHfMyEGwzHebd0GghAQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE2MTQ1NDE4LDUwMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxNV0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vYnVoaXR0ZXIuY29tL2F1dGhvci9tb25heG1lZGFrYSIsbnVsbCxbWzgsIjdXdXR2dGlBTkpZIl0sWzksImVuLVVTIl0sWzE2LCJbMSwxLDFdIl0sWzcsIjE5Il0sWzExLCJbXSJdLFsxOSwiMiJdLFsxNywiWzBdIl0sWzIsIltudWxsLFtudWxsLDEsWzE3MTYxNDU0MTgsNDQ1MTk1MDAwXV1dIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

78df53da2997a9497d7d94545fc0ff1ccc3846ff65c269cafc485fca36f74848

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vHulgOa_yOrgre-5v4_9Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-vHulgOa_yOrgre-5v4_9Dg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1ZBiOO90h-k6EBtoPGeyAGKJry-ZtIA45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UCc9O88awkQ71x8gfUgEK86coF1ExC3f77AOhOIv7FfZP0HxEI8HF2zVm5iE_hx6_oUJiWNpPzC-OT8vJKizKTSkvyitOS01OLUorLUongjAyMTA1NDMz0Dw_gCAwCRbkOQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU-LJ9aXH1sRom9noIkeCP5VnlwPcRkiMaUOFO7keKYGZSOKcdTka4nv1hENcZtN3KoQPx7xxul885jHYiA1bIisc5bvccWmZVC-bhMUbGlWWEXmPXcOqr4xyUAXzeiYpIVdpoJmA== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 71ms
70ms XHR
text/html 172.253.63.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-LJ9aXH1sRom9noIkeCP5VnlwPcRkiMaUOFO7keKYGZSOKcdTka4nv1hENcZtN3KoQPx7xxul885jHYiA1bIisc5bvccWmZVC-bhMUbGlWWEXmPXcOqr4xyUAXzeiYpIVdpoJmA==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-225AwQa9GaJd6pxJvFq4Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-225AwQa9GaJd6pxJvFq4Jw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjEtDikmJw1ZBicEqfwRoExEI8HF2zVm5iE3ix5O5OJiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmBqaKZnYBZfYAAAtD0iiw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://buhitter.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 4 KB
5 KB 1549ms
793ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35206&_jsasync=1&_ref=&_nocache=1716145418702930985
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: 896ada3bfbeaeb5d2f33834722bd328a6a7ea914c2a7506d460051a63a24ded5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:40 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 4284

GET
H/1.1 200
OK js Show response
fam-8.net/ad/p/ 630 B
1 KB 1585ms
830ms XHR
text/javascript 202.231.228.162
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to

Full URL: https://fam-8.net/ad/p/js?_site=7444&_mloc=35207&_jsasync=1&_ref=&_nocache=1716145418704635187
Requested by: Host: fam-8.net
URL: https://fam-8.net/ad/js/pjs-1.0.3.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.231.228.162 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: /
Resource Hash: cb95d3406ae979b76d2a852f2dab40dd4e3de24231f30253acfaf7fb203ea971

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:40 GMT
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 630

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E450 0
0 104ms
103ms Fetch
image/gif 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNKDHYCzm2KD8Gff51CXGBBRWVRF2YclKlG4c92GDvUmAbqHrwdrG_pEJBpNJZvbtRvuuCPt1rsqxrFkUwCZK4Mpoc02BIjnHH2tKmGG7jp-cTywuO41QcYWm1g-g9_VBm1qMeMpXP4FJcVoTvfVtSV3uM8S7ptOwOH0HgMApdRZTYTLDXtTTnIRGhG2SIN83baqcf_fO4a1aKMuAq1njRsbp8jxfxfsbQ39onXO_Sik7vWgHtfeDpig8OvfJdG7g7t9uezwQtNP3VP_3wgcykLtEIamMFxA9ca4QcdViYn8tkVkH-n1Sjzvn8euCnpIwpKgE9vxxOfAEb_JJ_j-6VM0jr2LRrGVZQ-SO-9gL4zOb3c4px3uOUAxIwtN3QGO1pDHY4d4LFZre71i60&sai=AMfl-YT-MF4ir79W0gKwmSi9e20QGnxiATTXaFe6M-QNXRqvPjU804GDX3tn4Eopj96jKLxtJSfj3wb_e_He6EvnirbiunmAVa-gTltTPamCwT8Txh33pI8tb5jB0jEvF2CY9zcie4ygF9WPFnE4F4jpFKA&sig=Cg0ArKJSzJV6XXhoGYXkEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 May 2024 19:03:38 GMT

GET
H2 200 p.js Show response
pdn.adingo.jp/ Frame E450 69 KB
17 KB 196ms
62ms Script
application/javascript 3.162.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-34.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac74f52bc2afd9d1d85a8e982c6491806462aa78a02233353a2cab3499b0da02

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 18:55:39 GMT
content-encoding: br
via: 1.1 58de144297b2ef277d1d9fd26ad452dc.cloudfront.net (CloudFront)
x-amz-version-id: 8hJsiCcoRL8xFTzYLmCZjra.nrsSHNFJ
x-amz-cf-pop: IAD61-P2
age: 480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 16746
last-modified: Tue, 14 May 2024 07:43:26 GMT
server: AmazonS3
etag: "49e5a4dc507bbcb1869045b748ed4a54"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: PVL5YbIL4SjjPBwCiagk-1gvDBPxOse5oZFTeRXYoPKFKF850n_myg==

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E450 214 KB
65 KB 46ms
46ms Script
text/javascript 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 18:59:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66400
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 May 2024 19:59:47 GMT

GET
DATA 200
OK truncated
/ 266 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34ec28d4a67e1e34f833bc05f45967c00703513aa17e10d3dc2cbe29bc6f3e7c

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame C6F2 0
0 149ms
38ms Document
text/html 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fbuhitter.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D140) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4794726
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Sun, 19 May 2024 19:03:38 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyd/D140)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 JluLDxFO_normal.jpg
pbs.twimg.com/profile_images/1607756450713206784/ 2 KB
2 KB 43ms
40ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1607756450713206784/JluLDxFO_normal.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D151) /

Resource Hash

3177118a6a144737c032e996cb0b6b20397c2168dc83068a503839222d3e1014

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 128601
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 2035
x-response-time: 9
surrogate-key: profile_images profile_images/bucket/7 profile_images/1607756450713206784
last-modified: Tue, 27 Dec 2022 15:11:03 GMT
server: ECS (nyd/D151)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 67d5cd0c98a8331a
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: e7d1f1f911c25999d26bbb50dbc4b17bdcf2d32a2b4f65a426ea3e9b54bdebe6
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FWzjxt6aQAIydV4.jpg
pbs.twimg.com/media/ 134 KB
134 KB 221ms
218ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FWzjxt6aQAIydV4.jpg

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D165) /

Resource Hash

57fc0d0a9a1c3419b2a211b99266cefdf8493b71e786fc4bbb5a8aedd7045a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 136794
x-response-time: 157
surrogate-key: media media/bucket/6 media/1543859215558918146
last-modified: Mon, 04 Jul 2022 07:26:15 GMT
server: ECS (nyd/D165)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 6d116cd5a34b0d3c
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: 1a6ec1c7395107ff7c53e4c3728acbaa13c383231c93a0f4a6155f8a2293aff9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FQXPth9VgAY2dkl.jpg:small
pbs.twimg.com/media/ 70 KB
70 KB 304ms
302ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FQXPth9VgAY2dkl.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D177) /

Resource Hash

a1a0335985779cd15b839b4a8dd7efa871705a1dc703e34d8da164c62c7ba314

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:39 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 1
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 71767
x-response-time: 141
surrogate-key: media media/bucket/0 media/1514845230796734470
last-modified: Fri, 15 Apr 2022 05:55:02 GMT
server: ECS (nyd/D177)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: 3491566c2e3ba6a1
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: 8ed9162c8ac8e2a8500ec386028da37bb65bcaf9dbf649e8b8601bb2dfaa5ac0
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FQXOqz3VEAQynov.jpg:small
pbs.twimg.com/media/ 79 KB
79 KB 152ms
150ms Image
image/jpeg 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FQXOqz3VEAQynov.jpg:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D165) /

Resource Hash

c47ce1e2a36f7209f519ce386c178335d885016a7d0e3526ccb33f72450ddfa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 80565
x-response-time: 86
surrogate-key: media media/bucket/3 media/1514844084552142852
last-modified: Fri, 15 Apr 2022 05:50:28 GMT
server: ECS (nyd/D165)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: c43c011bb7955b9e
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: ef68d738922239593e1c66d95e7fd226cb6a79f76e3aaadbabecb895f93807fd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FQXOqz4VcAMTGB2.png:small
pbs.twimg.com/media/ 510 KB
510 KB 261ms
260ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FQXOqz4VcAMTGB2.png:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D12D) /

Resource Hash

ff958f9638768c8221f2b3e73fb65dc9455e8808b872699aea8b06c3a3bf8c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 522037
x-response-time: 159
surrogate-key: media media/bucket/6 media/1514844084556361731
last-modified: Fri, 15 Apr 2022 05:50:28 GMT
server: ECS (nyd/D12D)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: 43cc0b499f09725c
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: 56e7cb2a84edfd406965376e21714063899430e8fb8bcc0b6f0469ea8576bfa9
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FQXOq0lUYAMa-GN.png:small
pbs.twimg.com/media/ 554 KB
554 KB 221ms
220ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FQXOq0lUYAMa-GN.png:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D10A) /

Resource Hash

5bc98be729a7991e855d5ce79d2138a28b144bfe600c383393733bce5c066022

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:38 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 0
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 566976
x-response-time: 157
surrogate-key: media media/bucket/4 media/1514844084745035779
last-modified: Fri, 15 Apr 2022 05:50:28 GMT
server: ECS (nyd/D10A)
x-tw-cdn: VZ, VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: b2238cbf53387e52
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: 6ed40340f234f4fdd75833ca17b2df755673fcd2379ea11e71bbaa36e31e90cd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FQXOq2IVUAIwaIk.png:small
pbs.twimg.com/media/ 535 KB
536 KB 664ms
663ms Image
image/png 2606:2800:220:1410:489:141e:20bb:12f6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FQXOq2IVUAIwaIk.png:small

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (nyd/D16B) /

Resource Hash

dac360ec162116ad3ec94709f09c29322ce062efb0733eefc6e14ba474cfc9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:39 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 1
x-cache: MISS
server-timing: x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length: 548177
x-response-time: 585
surrogate-key: media media/bucket/6 media/1514844085160333314
last-modified: Fri, 15 Apr 2022 05:50:29 GMT
server: ECS (nyd/D16B)
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
x-transaction-id: bacb9693050b8bf1
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7402827104
x-connection-hash: 28cdfbf27ce4f657abb225963a3aac9f2ec749bf652d76436d8d98e023eb57c5
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E450 0
0 204ms
115ms Fetch
image/gif 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E450 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da3939370a99a6168d359a19e550ad4b996416b5bd4d7184e1432f941d94de6

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame E450 43 B
286 B 163ms
50ms Fetch
image/gif 34.195.69.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=fluct_uid&id=86af9af1-062d-4242-b9a5-9f8d3bb228c2
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.69.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-69-162.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Sun, 19 May 2024 19:03:39 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E450 0
0 191ms
103ms Fetch
image/gif 142.251.163.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfzjWm2H1MS6WlFwZ6xQ4V8VT6adX_78ezBywy_1ikDWSQYiHkDLQ6AngPj3WxEF6Ng4bB23KnbiUmkfoPSewoA2sgPXZDGvv32uO2xZfa-fwMAGmuFy50hr_-svEDKxsU8qkZbxN22eRq-TNogkHL86isY1cYAsMAyXtA35WBFFqPbE1QEl51wb37OHR4xPwmpWkiueyXEJaMiOLIbEJMqzZbmFWOVqRTtYi6IT3wrbkBsEEeQ3MXWp4zewsClGzezAalYTAfrgqPEWM3FYB4dMLQna5dKb9KNkHRbCaSieKbmiH8k3HebFQdyfLxMLdiY4Z52yUImq9mC1Vznf_lYxCR6PwBY5wQm3ZTurG6vrR4P-qien-wQe6dxao6uamSLF7Y6ofb5yskCrbOKlQ&sai=AMfl-YS2gMSdr9sZXdKN6vd6KaMkHntlU79dzEyfEE0TQUVE83ut3WIFpZjzVaDwMsKQyZy_6ewNufLZ6I4L5ON5XXVQK0jjI5AKhU889kHt2A8yVH7hv8VJRx9iFrp0ghwxdDDAZ3ypFtXwRC8-NSqF3VQ&sig=Cg0ArKJSzGWqKm4B4_yIEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ%3D%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.163.154 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 May 2024 19:03:39 GMT

GET
H2 200 / Show response
sh.adingo.jp/p/ Frame E450 3 KB
1 KB 967ms
351ms XHR
application/json 13.113.38.141
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.adingo.jp/p/?G=1000134479&href=https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3&R=&serial=24693427776509&guid=ON&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=86af9af1-062d-4242-b9a5-9f8d3bb228c2&ch_pv=10.0.0

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.113.38.141 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-113-38-141.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

d53edfc42e271800b7b89e173bde516c108f9c5a6777a3b117b26d901b60a6e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 May 2024 19:03:39 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://buhitter.com
p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 210ms
210ms Script
application/javascript 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D12D) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:39 GMT
Content-Encoding: gzip
Age: 4794689
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (nyd/D12D)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
platform.twitter.com/widgets/ Frame 6A29 0
0 39ms
39ms Document
text/html 192.229.163.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2f70fb173b9000da126c79afe2098f02.ja.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.163.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (nyd/D151) /
Resource Hash

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4794706
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 14249
Content-Type: text/html; charset=utf-8
Date: Sun, 19 May 2024 19:03:39 GMT
Etag: "c991f3ffcb9c7623e2755ad4e86921b5+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (nyd/D151)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
294 B 191ms
67ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1716145419478%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=e84436d78bcfb6b53a7129b9ce274e7e467653c7

Requested by

Host: buhitter.com
URL: https://buhitter.com/author/monaxmedaka?p=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 6
date: Sun, 19 May 2024 19:03:39 GMT
strict-transport-security: max-age=631138519
last-modified: Sun, 19 May 2024 19:03:39 GMT
server: tsa_b
vary: Origin
content-type: image/gif
x-transaction-id: 25bd8d5516b61911
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: 2d6a576377b330af2ee487ec70bfaa0327b8f230dfce8847fa4b5671b93dc652
content-length: 43

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 106ms
106ms XHR
application/json 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202405090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

98e50a5755c046095ecb37af842d6d3750a691a67b9f34427fe7dea4ec82fa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12522
x-xss-protection: 0

GET
H2 200 favicon.ico
buhitter.com/ 5 KB
965 B 740ms
739ms Other
image/x-icon 2606:4700:20::681a:bd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buhitter.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ec85fba587a55f802b52fd4f141f38f6683f6c456d2b0f4b5ce0292a1e3de4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/author/monaxmedaka?p=3
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sun, 21 Jan 2024 10:27:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65acf187-1536"
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYdzZFqYiHx8bc9g%2FsLGuu5aTFvj%2BbG8zuLTdTczY8Yk4KT80%2BhyAzujYSMmeJJ6MkvrhvcUtkdvLJgMH9FeUzoiuFO%2F%2BCkLiiS91OZ95%2FOFMKFG601X3LoLyanIBMEN4J7Jzz9xRkJWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
vary: Accept-Encoding
cache-control: max-age=14400
cf-ray: 886659290d1a4bc9-BUF

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 169ms
68ms Script
text/javascript 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 May 2024 19:03:39 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05C5 0
0 146ms
48ms Document
text/html 2607:f8b0:4004:c19::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c19::84 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 205447
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 May 2024 09:59:33 GMT
expires: Sat, 17 May 2025 09:59:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 9F03 0
0 150ms
61ms Document
text/html 172.253.115.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f147.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZkL3kubL0b_lacc6bnGIoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-US,en;q=0.9;q=0.9
Referer: https://buhitter.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZkL3kubL0b_lacc6bnGIoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 May 2024 19:03:40 GMT
expires: Sun, 19 May 2024 19:03:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E450 42 B
65 B 104ms
103ms Fetch
image/gif 142.250.31.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNlESZaayaZxy-65NtWrFBhA-He_WzQYASlagU0w1jwQMu-iFrcWigrdoTzFHbLIT6Z8xcQuGDJvNg_SNv4lzRsTJaTYkAaA_JSD06ZBe76lep8_KlaY5IJQymqqZLisjyo_SUaS9ye7OfsPh9NdrBicSO6AvrkGbzhxlkFg&sig=Cg0ArKJSzHI6TVwRlEhjEAE&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3238850784&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNC4wLjYzNjcuMjA3IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTI0LjAuNjM2Ny4yMDciXSxbIkdvb2dsZSBDaHJvbWUiLCIxMjQuMC42MzY3LjIwNyJdLFsiTm90LUEuQnJhbmQiLCI5OS4wLjAuMCJdXSwwXQ%3D%3D&vs=4&r=v&co=1207821800&rst=1716145418747&rpt=222&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.31.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pmt.js Show response
dmp.im-apps.net/pms/r7RdVKlj/ 6 KB
2 KB 154ms
45ms Script
application/javascript 2600:1408:c400:e::17cd:6a19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:e::17cd:6a19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6c2c43612b9e53467fbe9f5ee67c29533bb78dddbd66842a01193114d1dccd65

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .uxXyX5lCDwpBVGcpPS7Nf3Xzhh245vK
content-encoding: gzip
date: Sun, 19 May 2024 19:03:40 GMT
last-modified: Tue, 24 Aug 2021 11:51:36 GMT
etag: "2af1afff2612b7de3cca7767700b4b41"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=2882
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 1994
expires: Sun, 19 May 2024 19:51:42 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame E450 83 B
550 B 134ms
44ms Script
text/javascript 2620:100:a00b::12
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

969ea5767eedc3a66875493c021d0c950db370d6d0cabecdfada071f0f307759

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 906165
expires: 60

GET
H2 200 2.js Show response
pdn.adingo.jp/p/9734363/lib/tpl/ Frame E450 10 KB
3 KB 57ms
56ms Script
application/javascript 3.162.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pdn.adingo.jp/p/9734363/lib/tpl/2.js
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-34.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ded26fd1ccaa3a4456bbdf2e2528f29d879eec99cf318b062973e7a1ecd4e36

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:01:06 GMT
content-encoding: br
via: 1.1 58de144297b2ef277d1d9fd26ad452dc.cloudfront.net (CloudFront)
x-amz-version-id: j8OvUqClRNSU2pcJ.pfQCGXysAori.qa
x-amz-cf-pop: IAD61-P2
age: 155
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2521
last-modified: Tue, 14 May 2024 07:43:26 GMT
server: AmazonS3
etag: "ecac6ddf3848b63047e413971eeec941"
content-type: application/javascript; charset=utf-8
cache-control: max-age=600, s-maxage=600, immutable
accept-ranges: bytes
x-amz-cf-id: S5YISiIjWhLhNSUgoAWWkNHglvPeAckCszDJ9Rt8ODemmPtQeLA-VA==

GET
H2 200 j Show response
j.zucks.net.zimg.jp/ Frame E450 8 KB
4 KB 318ms
220ms Script
text/javascript 18.160.10.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://j.zucks.net.zimg.jp/j?f=512731

Requested by

Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.160.10.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-160-10-79.iad12.r.cloudfront.net

Software

Resource Hash

fabc494f98771bc638580a4415ff3c9af16388bce34ee98a3e469764e9667ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:03:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 May 2024 19:03:02 GMT
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
p3p: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
x-amz-cf-id: 4CcFUeleZvO6_fHF1zeBN_g7nxBv4lxnlp56zT_49GwQJlSvlhZIsw==
expires: Sun, 19 May 2024 19:08:40 GMT

GET
H2 200 / Show response
i.adingo.jp/ Frame E450 43 B
409 B 661ms
218ms Fetch
image/gif 35.75.157.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.adingo.jp/?p=64DXN7JET4hRH0M4yS67bZ47qGDEIUg9Xx2jLv_wEaRhdH4EhudhhvFHb88-LOhHZFk-XG39LOkmdy4G4NrgxObmSc8D-GjjJuGrOBzg2PXnUnLbdjzF1KEgw4mqVpXqFUBz8XnuNQPPcYtWp7lw0120xvN5S_7mC8iaiXuBma6Oqr24wpN1LnpyjeihjGjs2in9QN0TyGc6OEqMzoWiDQ9x3VelGcCFMHsKcok6Klax5a_p0TJxiXFOzZN8shizCEsgyQpm5V7kSaEmA1_eD-4Np_Mq70LjNViZd93TZDuqOH9PmvM-mpDBN8br5BFTrPbJTePAFQBvG6TmNkuRIIM5ItRnKR_Nb67hk6aWKlpWryrzLK9incNX9uJOJWPfXv4TFl_tBK5j&k=3&v=4--fwR3Udlx0iXGl
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.157.131 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-157-131.ap-northeast-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:40 GMT
server: openresty
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 43
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 close.svg
pdn.adingo.jp/asset/ 668 B
1 KB 58ms
56ms Image
image/svg+xml 3.162.112.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdn.adingo.jp/asset/close.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.162.112.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-162-112-34.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f49c5525fcd7050780d3286acf4fc0c1868db2543038791f7c0de838788867cf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 01:57:19 GMT
x-amz-version-id: BkzRZs3QMTKdIPguJSYs8PTUpZlR4Qhw
via: 1.1 58de144297b2ef277d1d9fd26ad452dc.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 07:43:27 GMT
server: AmazonS3
x-amz-cf-pop: IAD61-P2
age: 61582
x-amz-server-side-encryption: AES256
etag: "2a92048396f5f7ce7cf36f6049b46107"
x-cache: Hit from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 668
x-amz-cf-id: 0CqLzgyJOJOdiC4qcPZr8n_yZZ9x3lLIdAutoXSXvjmizRJCTv72hw==

GET
H2 200 / Show response
cs.adingo.jp/sync/ Frame E450 43 B
284 B 50ms
49ms Fetch
image/gif 34.195.69.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.adingo.jp/sync/?from=criteo_rtus&id=kRDFirA-giX_3N3oHTY8i2uYH5q_s1ui
Requested by: Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.69.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-69-162.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Sun, 19 May 2024 19:03:40 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 7 KB
3 KB 46ms
45ms Script
application/javascript 2600:1408:c400:e::17cd:6a19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:e::17cd:6a19 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: af9d723d4c621600964048ddded8d311960ded0483d2293f279d708497cb6e65

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: Hmkyz3C3ABTJF0QN5rR1wzGkuuogp5IL
content-encoding: gzip
date: Sun, 19 May 2024 19:03:40 GMT
last-modified: Tue, 16 Apr 2024 06:12:21 GMT
etag: "72e16b9479224b45c74655a798f93cb8"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2699
expires: Sun, 19 May 2024 22:03:40 GMT

GET
H/1.1 200
OK segment Show response
sync6.im-apps.net/ 35 B
318 B 337ms
230ms XHR
application/json 2600:1408:c400:d::17cd:6a4e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sync6.im-apps.net/segment?token=X19pbV9zaWRzNA
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:d::17cd:6a4e Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 16c53d5f9adafc9a00083e1cbd987e8087e7f1dcea1baf2867d9861c873bbd70

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:03:40 GMT
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
180 B 249ms
179ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6837&vid=01HY93SXYNPGBAR7N6QMWZR896
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://buhitter.com
date: Sun, 19 May 2024 19:03:40 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H/1.1 200
OK 27252_360x360_081.gif
img.fam-8.net/pic/124/ 971 KB
971 KB 1405ms
224ms Image
image/gif 202.210.188.70
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/27252_360x360_081.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.210.188.70 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: Apache /
Resource Hash: bbe41e3dba276f788082f8b4f29ccdb7114c0b8052626895a0f8a89fd9a1c359

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:07:22 GMT
Last-Modified: Wed, 10 May 2023 03:27:07 GMT
Server: Apache
ETag: "1631393-f2a8d-5fb4e724998c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 993933

GET
H/1.1 200
OK 27216_360x360_008.jpg
img.fam-8.net/pic/124/ 52 KB
53 KB 1405ms
224ms Image
image/jpeg 202.210.188.70
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/27216_360x360_008.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.210.188.70 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: Apache /
Resource Hash: ef64d1fe979b944560b948249028594b051373d4d902dd433b8a34c6b9e9f33a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:07:22 GMT
Last-Modified: Fri, 21 Apr 2023 08:57:42 GMT
Server: Apache
ETag: "163138a-d127-5f9d4d98f8d80"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 53543

GET
H/1.1 200
OK 26969_360x360_074.gif
img.fam-8.net/pic/124/ 283 KB
283 KB 1403ms
261ms Image
image/gif 202.210.188.70
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/26969_360x360_074.gif
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.210.188.70 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: Apache /
Resource Hash: d754b3e09a9fe462eeacb2ae1338a87954bf4fd0367904d52f563f944d3801a4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:07:22 GMT
Last-Modified: Tue, 07 Mar 2023 06:57:47 GMT
Server: Apache
ETag: "1631361-46aa7-5f649edd8b0c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 289447

GET
H/1.1 200
OK 28781_600x500_003.jpg
img.fam-8.net/pic/124/ 88 KB
89 KB 1370ms
261ms Image
image/jpeg 202.210.188.70
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.fam-8.net/pic/124/28781_600x500_003.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 202.210.188.70 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS
Software: Apache /
Resource Hash: 760dcf7fcd65607e0225473fbe203cabe70d357e35f7b914b656d5d8ced9c79c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 19:07:22 GMT
Last-Modified: Fri, 26 Apr 2024 09:56:29 GMT
Server: Apache
ETag: "16314fa-16183-616fceae96d40"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 90499

GET
H/1.1 200 v1 Show response
sh.zucks.net/opt/multi/json/api/ Frame E450 670 B
2 KB 806ms
197ms XHR
application/json 18.178.174.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sh.zucks.net/opt/multi/json/api/v1?f=512731&rnd=19327532&sw=1600&sh=1200&touch=0&num=5&ref=https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3&chm=&chpv=10.0.0

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.178.174.25 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-178-174-25.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

0390ff3a47280b75863e3b49d28450b7ee4022d2036f7cfcba2251e5db4d73db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Sun, 19 May 2024 19:03:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 19 May 2024 19:03:41 GMT
vary: accept-encoding
transfer-encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate, no-cache="set-cookie"
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H/1.1 200
OK / Show response
k.zucks.net/i/ Frame E450 2 B
741 B 1071ms
218ms XHR
application/json 18.182.87.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://k.zucks.net/i/?k=ZGOK&p=x1Lp1odhpDv4_9tJgKaLSthLccfWyiBoRihCK3aS8CIKT6Yeu036FdYROujS2u3d9mrGSkPhYQr9GOowlnpyXCc3RyRir7yA7Qu5x_oO1JmIE_abdUsVQ9Ox96JM3DJS6Da0Jp3XNzmEE3aHLB__ZE5_BYd5oM3erPLIfpqBvVpAfwGJ7oUI5mwB2tnqU21Zl3A5AdY3OHDUCQS77jmPq24zNj-_ZIQKd6i3u4NFgTe2aivsbDVy6FvpLDld-0gfh4vydwRUtUr5kG31VfUng6x9ZMXQbQtEmAqK3rA5OY7i4NUlhVnYGG1iBCudXKp4vLwOywAYLAaVO_eVKZnvyRuH7FC0fBYY9GQ6fxv_eacAclGYY3v2fiQYy15OJN5sVrWCbYjv1VtdcXRgmcWibpjJRKv3KeqmozJvPYYbPttcmKxjauc7IdJP10L-J1xl4ol71GKKYD84Cc_Ibg8SmksF7jDChqQSxe7KtZy-zhc_TuDA8pCdZVVzd4OklUQcFxlDolfyabB5BPM-ajTWfpFnv0PCZUFXNpSXb8NjZSfAXybDP8x0CQjFPwty0RGL&v=dBJZee8AXyo

Requested by

Host: j.zucks.net.zimg.jp
URL: https://j.zucks.net.zimg.jp/j?f=512731

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.182.87.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-182-87-53.ap-northeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
Date: Sun, 19 May 2024 19:03:42 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 19 May 2024 19:03:42 GMT
Server: nginx
Access-Control-Allow-Methods: GET
Content-Type: application/json
Access-Control-Allow-Origin: https://buhitter.com
P3P: CP='NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA'
Cache-Control: no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type
Content-Length: 2
Expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 54ms
53ms Ping
text/plain 216.239.34.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-74YKYKK7PB&gtm=45je45f0v886998702za200&_p=1716145415697&gcd=13l3l3l3l1&npa=0&dma=0&cid=1713025585.1716145416&ul=en-us&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEI&_s=2&sid=1716145416&sct=1&seg=0&dl=https%3A%2F%2Fbuhitter.com%2Fauthor%2Fmonaxmedaka%3Fp%3D3&dt=monaxmedaka%E3%81%95%E3%82%93%E3%81%AE%E3%82%A4%E3%83%A9%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81%203%E3%83%9A%E3%83%BC%E3%82%B8%E7%9B%AE&en=ad_impression&ep.query_id=CMS0ifCzmoYDFXivywEd8e4I2Q&_et=2604&tfd=9334
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-74YKYKK7PB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://buhitter.com/
Accept-Language: en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 19:03:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://buhitter.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405090101&jk=1822381789243887&bg=!cXKlcj3NAAaTdHvKs3Q7ADQBe5WfOO2GsrBohRJeQm6PJfN5WjxZIJfXQIrP3hremL0J-o2RKNZHSzkbmh3nNXfrSMtLAgAAAFxSAAAABWgBB34ANUfdfE4peqKKkdIkIEYaAUETob7Pbyw0N3dSGnkbdKCo4LYzErdyXLmumzXq1DEFS71Glx2xCgCOz_mpqtEiACFGiSqYQNwm6Hu7lVrrPDEk4CcdcBkCNW3P6oVSL-b-ptJDQzGpG1po9ktxd4q4N8bpanUt7kd-Qjo6F3js1vy_mCb08Inlb6CmTYOSsQ-02IwCy5yhHPrnN4T0JoFFrlrpOIRUElsNMNJbH2svyai3q2xwkVK-WnTcmxEilzlhnijULK_wLJkCnPe1z4b2N0OG5PS3WfGQ8sEvv9VUVgfFnb7aLzb1QTcPi9GOWCqfEP0x2r4swekC4eZ73CHHBGOQKb7Eapr4lOzBS6RMm5BNYlnlX3NUVIfW1aVn1RRWDzPvn4oH9un2UySXonogjado-98LkW-5IM4T-wlAjXpC6pydyh_Hiv2vTgSyD4SjqOL6T2roVTTzxiVsOQPcSFtoNJ_ZvBcx6qR7eYWHeVvxLmoRiouq4axpHr9UzA94guZBWJqeYk4Bx50uIzJCVwi9-NEQpnWO0W_RThboy9KUgomrDvp-94y6-A-1OSVfEG419NuWmdrCkTwd1mcfBdjM-Ptd1sn-DkPRmoYZrwczise-gpyGCZwOQ_U1OeYlSyBF3o55c2dwa1muIPSHpinhpS-Pv4aFkPjjnUaGeyaQhsd9d3EtZBU3udO9JmNn61epwFLYIzW9SMXu9QGBM727VsaWTwNf3Zdf5RsCEnr_KZZ9NO1lwKu9tCKI-FBo_IT1In4UliiDKxXb8O4gRVGXGAEQSWKkFu6UccsFVi2aMRqwTJqupokRPxqS5IVibhN6g5h-sm-b71Eqo3YOZp28shZLU83EcX-T8PRLRsNo2sA2xyPiX-nCz6Lgfg7KBARDysorIZ3FP6NJ5Je8mV6wnuKcZrkESdtSrkrJNatdlDVruaLrhPdweR723GHgEPZSxXHjICctFfwD3RC-R9HhaKbYdDn3TKAzZhbeVglXA-7IMXv3OBNWbhaRUBoq65kPls60fiaq-s1NppceFFn8Mz4p-4BCCWyLZkmxSid7Vp0cBrRS4lK0dAMCzfzSnHAMjhhyHFBL7eGdvt-SPIo6pV53jfQuYP6Xdjk3RVSgD3SdGo3J24eFQ3HGDFwDA5v4m0sv

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
buhitter.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: r2nvtckt5g1ujqfrtbfr0ma1t2
.buhitter.com/	1970-01-21 06:18:25	Name: _ga Value: GA1.2.1713025585.1716145416
.buhitter.com/	1970-01-20 20:43:51	Name: _gid Value: GA1.2.1332778729.1716145416
.buhitter.com/	1970-01-20 20:42:25	Name: _gat_UA-115935434-1 Value: 1
.criteo.com/	1970-01-21 06:04:01	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 06:04:01	Name: uid Value: 328c005d-7780-4a93-a938-d26f76f5012b
.buhitter.com/	1970-01-21 06:04:01	Name: cto_bundle Value: acEaWl9vZjZzWlglMkI5YkVXYno5dk0zd1FPc2ZpNExFJTJGWHpmMVklMkZlQ0hkdVZ1SXRaOHNWMDczUmFxbHR5U0JWaERnNUFiJTJGeHRPNlFxR2R1Z0lWUVRCR1ZaeGtGcU9BRnNOJTJCVVB5bnNmSEdLUjNBMURLRERuU05WSWpxeEZ3YXoxQUFXS2dUUFZGdFNyTkIlMkI0cURGQSUyQnc0QXB5USUzRCUzRA
.buhitter.com/	1970-01-21 06:04:01	Name: __gads Value: ID=480515e0eaf8622b:T=1716145417:RT=1716145417:S=ALNI_MY7VcQATZ5Rct_nZYUx1KI6cGI1LA
.buhitter.com/	1970-01-21 06:04:01	Name: __gpi Value: UID=00000e20d8cc2253:T=1716145417:RT=1716145417:S=ALNI_MZm93sWx3GEFY472Ld_8Smtf_2y1g
.buhitter.com/	1970-01-21 01:01:37	Name: __eoi Value: ID=448fc6a87b652ad1:T=1716145417:RT=1716145417:S=AA-AfjZQ9j5KyJojll0CtKI0eA-W
.buhitter.com/	1970-01-21 05:28:01	Name: FCNEC Value: %5B%5B%22AKsRol-PIU0HByEgZ4zJw0WE0xtZtCncldGHod5eRHKgaF92C2jFVp79pjz_LJjRXsBWSKXuNnfcDTteOHOzR7w8IQY5GkkgLwU-beP2zC7dW5PYVFYp_Yq6vjP6c2cCMg0APcS6FUZbZJZTbOYjxvwBseLsr_uaZw%3D%3D%22%5D%2Cnull%2C%5B%5B5%2C%22196%22%5D%2C%5B2%2C%22%5Bnull%2C%5Bnull%2C1%2C%5B1716145418%2C445195000%5D%5D%5D%22%5D%5D%5D
.buhitter.com/	1970-01-21 06:18:25	Name: _ga_74YKYKK7PB Value: GS1.1.1716145416.1.0.1716145418.0.0.0
.doubleclick.net/	1970-01-21 06:18:25	Name: IDE Value: AHWqTUkpjgjq-M0eiHYAXAZc2yqzzQKR2Kk3GarNuJYEMl-2PFA85OFKxaoQA2W7goE
sh.adingo.jp/	1970-01-21 01:01:37	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 06:04:01	Name: cto_bundle Value: ZLU1p19EWnN1b1FnWDNTYXhHUEU5WjdtUHFqMlB1TG1NRlNFNmR2WU11NUZOOGJNYm1WaThyTDJweWhCbDh4UFdwNSUyRno
.buhitter.com/	1970-01-20 21:25:37	Name: _im_vid Value: 01HY93SXYNPGBAR7N6QMWZR896
.fam-8.net/	1970-01-20 22:52:01	Name: uid Value: admx8f923cf796x493
fam-8.net/	1970-01-20 22:52:01	Name: _imps Value: 35111%2C7444%2C0%2C35111%2C13922%2C145738%2C0%2C0%2C3599%2C1716145420%2C%2C%2C%2C0%2C%2C%2C0
.adingo.jp/	1970-01-21 05:28:01	Name: ID Value: a8f6cbd063a3bd65e3e5f4390063d7e1
sh.zucks.net/	1970-01-20 20:42:29	Name: AWSELBCORS Value: 41A171131E9B8C939F7087DC96908658B57851A86484F8DD0F0ED9CABA7F99F6ED1A8F8B6DA1F11CDBC719CC9340337AEBC1FD94659F4FB8E5E58E7F9082775C2073B11FEC
.zucks.net/	1970-01-21 05:28:01	Name: ID Value: eb97366682645d5d68ffc14d3ee04ee9

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://fam-8.net/ad/js/fam8-tagify.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://fam-8.net/ad/js/fam8-tagify.min.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://fam-8.net/ad/js/pjs-1.0.3.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	warning	URL: https://pdn.adingo.jp/p.js(Line 14) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://buhitter.com/author/monaxmedaka?p=3 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audiencedata.im-apps.net
b693d7983edde6d50b8369a4983747f9.safeframe.googlesyndication.com
buhitter.com
cdn-fluct.sh.adingo.jp
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
code.jquery.com
cs.adingo.jp
dmp.im-apps.net
fam-8.net
fundingchoicesmessages.google.com
gum.criteo.com
i.adingo.jp
id5-sync.com
img.fam-8.net
j.zucks.net.zimg.jp
k.zucks.net
pa.adingo.jp
pagead2.googlesyndication.com
pbs.twimg.com
pdn.adingo.jp
platform.twitter.com
securepubads.g.doubleclick.net
sh.adingo.jp
sh.zucks.net
stackpath.bootstrapcdn.com
static.criteo.net
stats.g.doubleclick.net
sync6.im-apps.net
syndication.twitter.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
pagead2.googlesyndication.com
104.18.10.207
104.244.42.200
13.113.38.141
142.250.31.155
142.251.163.154
162.19.138.120
172.253.115.147
172.253.115.99
172.253.63.102
18.160.10.79
18.178.174.25
18.182.87.53
192.229.163.25
202.210.188.70
202.231.228.162
216.239.34.178
2600:1408:c400:d::17cd:6a4e
2600:1408:c400:e::17cd:6a19
2600:1901:0:e207::
2600:9000:2199:6400:a:e047:754:3401
2606:2800:220:1410:489:141e:20bb:12f6
2606:4700:10::ac43:266a
2606:4700:20::681a:bd7
2607:f8b0:4004:c07::84
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c17::66
2607:f8b0:4004:c19::84
2607:f8b0:4004:c19::9b
2620:100:a00b::12
2620:100:a00b::4
2a04:4e42:200::485
2a04:4e42:400::649
3.114.80.188
3.162.112.34
3.162.112.48
34.195.69.162
35.75.157.131
001fca0c70a55362c8ae8e33ac675fe8e5054439537b10ae75de374cd5a68f07
0390ff3a47280b75863e3b49d28450b7ee4022d2036f7cfcba2251e5db4d73db
045195637bee3150d8ab91964b576be80df50bf4c3a802f8b4ec25b44e2acf73
07eff9d9f81261e700e6812c2a47f189153f25c1d5bbc8c78af811e4d567a10f
0ded26fd1ccaa3a4456bbdf2e2528f29d879eec99cf318b062973e7a1ecd4e36
16c53d5f9adafc9a00083e1cbd987e8087e7f1dcea1baf2867d9861c873bbd70
16eef82325d88bccb3f09d34d6155a3ee890edfdb479d44264212b5d5eca1af9
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
186bac1e177e5743a63705594f1653165d309275e2cce84626d83f6e98119c0b
18ec85fba587a55f802b52fd4f141f38f6683f6c456d2b0f4b5ce0292a1e3de4
3177118a6a144737c032e996cb0b6b20397c2168dc83068a503839222d3e1014
3486e75cbcec83fac64b744262840c0cf45746e11e15b158b652bc451c849ab7
34ec28d4a67e1e34f833bc05f45967c00703513aa17e10d3dc2cbe29bc6f3e7c
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bd55f89acdfd8dda416b2e6e81c302be408e8a03b9ff2f5b43f1262604cf395
57fc0d0a9a1c3419b2a211b99266cefdf8493b71e786fc4bbb5a8aedd7045a1a
5994db0ab9798d68732a8ba1a32bc9187865a0e41983e0e4fdbed0e2ccab8cb5
5bc98be729a7991e855d5ce79d2138a28b144bfe600c383393733bce5c066022
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c2c43612b9e53467fbe9f5ee67c29533bb78dddbd66842a01193114d1dccd65
6d41721bde8d360de6365bd64ca3d1c8bcc15e3edecdb21f118289d28eef9e0b
72084c4206766ea189b8c9e1b7ca02f20fb3d73e29f4ce7d1b934942d5ff7ca2
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
760dcf7fcd65607e0225473fbe203cabe70d357e35f7b914b656d5d8ced9c79c
78df53da2997a9497d7d94545fc0ff1ccc3846ff65c269cafc485fca36f74848
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8070a035a373b78b44da1d975c6cb8b4aab538ddbe46a590e4bf922ddd686b8a
87ef4be5f593f23f6a2c064185251923d9bc397cdfcb9eab38c0b4429d125bc7
896ada3bfbeaeb5d2f33834722bd328a6a7ea914c2a7506d460051a63a24ded5
8da3939370a99a6168d359a19e550ad4b996416b5bd4d7184e1432f941d94de6
8fa4744814b9ea3f31015b20d557d4c678538cc4e076c874b17ba5f9ea2f4c07
960c116889ca1d89356257ac63932b8dcf8bc01ed19ce9c785e8a1d67e0810b6
969ea5767eedc3a66875493c021d0c950db370d6d0cabecdfada071f0f307759
98e50a5755c046095ecb37af842d6d3750a691a67b9f34427fe7dea4ec82fa75
9e833c2bb524b75edd90f3203dca8b9ccad32cd0c897b397bcee372728046a05
a1a0335985779cd15b839b4a8dd7efa871705a1dc703e34d8da164c62c7ba314
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a9923dd3be9c2c2c057a58e64dc9aa4ff68bec3b86d046afcc82c50b9042f068
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
ac74f52bc2afd9d1d85a8e982c6491806462aa78a02233353a2cab3499b0da02
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af9d723d4c621600964048ddded8d311960ded0483d2293f279d708497cb6e65
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b66882d80e8f8f7d9d0bed2668f14b3df490399b95c2aef0dd3fb574a21db47f
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bbe41e3dba276f788082f8b4f29ccdb7114c0b8052626895a0f8a89fd9a1c359
c47ce1e2a36f7209f519ce386c178335d885016a7d0e3526ccb33f72450ddfa6
c59755fc321e6fd333ac2ed0583de3c96f90481f1802d551479f7602f8c480c1
cb95d3406ae979b76d2a852f2dab40dd4e3de24231f30253acfaf7fb203ea971
d23c3a092afa535fcc70e3d92c6527bd469c17720087276a90ece3037663189f
d53edfc42e271800b7b89e173bde516c108f9c5a6777a3b117b26d901b60a6e8
d754b3e09a9fe462eeacb2ae1338a87954bf4fd0367904d52f563f944d3801a4
dac360ec162116ad3ec94709f09c29322ce062efb0733eefc6e14ba474cfc9ab
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef64d1fe979b944560b948249028594b051373d4d902dd433b8a34c6b9e9f33a
f49c5525fcd7050780d3286acf4fc0c1868db2543038791f7c0de838788867cf
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fabc494f98771bc638580a4415ff3c9af16388bce34ee98a3e469764e9667ede
faf96890ec0987ede0f61a52e030ba0ef023505da72ffcf300227d173de8ec1d
fe17e70b190a001b79a66fa7b55d2dbac42a25b2fd575f72cf3e1470a9c40161
ff958f9638768c8221f2b3e73fb65dc9455e8808b872699aea8b06c3a3bf8c23

buhitter.com Open in urlscan Pro 2606:4700:20::681a:bd7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

87 Requests

99 %HTTPS

45 %IPv6

20 Domains

35 Subdomains

39 IPs

4 Countries

4135 kBTransfer

5891 kBSize

21 Cookies

18 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buhitter.com Open in urlscan Pro
2606:4700:20::681a:bd7 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

99 %
HTTPS

45 %
IPv6

20
Domains

35
Subdomains

39
IPs

4
Countries

4135 kB
Transfer

5891 kB
Size

21
Cookies

87 HTTP transactions
3 data transactions