crypto.livertadquest.com Open in urlscan Pro
183.90.238.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://crypto.livertadquest.com/
Effective URL:
https://crypto.livertadquest.com/
Submission: On September 11 via api (September 11th 2023, 9:57:43 pm UTC) from US — Scanned from JP

Summary HTTP 334 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 69 IPs in 13 countries across 76 domains to perform 334 HTTP transactions. The main IP is 183.90.238.3, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is crypto.livertadquest.com.
TLS certificate: Issued by R3 on August 31st 2023. Valid for: 3 months.

This is the only time crypto.livertadquest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 48	183.90.238.3 183.90.238.3	131965 (XSERVER X...) (XSERVER Xserver Inc.)
12	142.250.196.106 142.250.196.106	15169 (GOOGLE) (GOOGLE)
2	23.39.216.185 23.39.216.185	16625 (AKAMAI-AS) (AKAMAI-AS)
2	202.226.37.225 202.226.37.225	131965 (XSERVER X...) (XSERVER Xserver Inc.)
2	142.250.196.104 142.250.196.104	15169 (GOOGLE) (GOOGLE)
18	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
4 19	202.228.215.14 202.228.215.14	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
9	142.250.207.3 142.250.207.3	15169 (GOOGLE) (GOOGLE)
3	138.113.138.167 138.113.138.167	54994 (ML-1432-5...) (ML-1432-54994)
2 5	202.228.215.63 202.228.215.63	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
10 10	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	51.255.68.171 51.255.68.171	16276 (OVH) (OVH)
3 4	54.95.135.115 54.95.135.115	16509 (AMAZON-02) (AMAZON-02)
5 7	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
1 9	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	23.200.55.26 23.200.55.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4 19	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
3	182.161.74.1 182.161.74.1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2 4	54.251.188.116 54.251.188.116	16509 (AMAZON-02) (AMAZON-02)
1 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
15 50	172.217.161.66 172.217.161.66	15169 (GOOGLE) (GOOGLE)
2 4	220.150.223.50 220.150.223.50	4686 (BEKKOAME ...) (BEKKOAME BEKKOAME INTERNET INC.)
3 4	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
6 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	202.241.208.52 202.241.208.52	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
3 3	18.65.168.89 18.65.168.89	16509 (AMAZON-02) (AMAZON-02)
3	142.250.198.14 142.250.198.14	15169 (GOOGLE) (GOOGLE)
9	172.217.26.226 172.217.26.226	15169 (GOOGLE) (GOOGLE)
2	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
4	23.39.216.189 23.39.216.189	16625 (AKAMAI-AS) (AKAMAI-AS)
3	207.65.34.81 207.65.34.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	207.65.34.83 207.65.34.83	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	142.251.42.131 142.251.42.131	15169 (GOOGLE) (GOOGLE)
30	142.251.42.161 142.251.42.161	15169 (GOOGLE) (GOOGLE)
17	207.65.34.80 207.65.34.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	182.161.74.16 182.161.74.16	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 1	52.192.212.4 52.192.212.4	16509 (AMAZON-02) (AMAZON-02)
1 1	103.229.10.171 103.229.10.171	16509 (AMAZON-02) (AMAZON-02)
2 3	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.251.140.37 54.251.140.37	16509 (AMAZON-02) (AMAZON-02)
1 2	119.9.108.180 119.9.108.180	45187 (RACKSPACE...) (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong)
1	34.124.209.251 34.124.209.251	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	54.248.253.182 54.248.253.182	16509 (AMAZON-02) (AMAZON-02)
3 3	185.84.60.21 185.84.60.21	198622 (ADFORM) (ADFORM)
1 1	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
3	207.65.34.74 207.65.34.74	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 10	142.251.42.164 142.251.42.164	15169 (GOOGLE) (GOOGLE)
5	172.217.161.34 172.217.161.34	15169 (GOOGLE) (GOOGLE)
2	18.65.206.100 18.65.206.100	16509 (AMAZON-02) (AMAZON-02)
1	207.65.34.82 207.65.34.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	139.162.117.143 139.162.117.143	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
2 2	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
1 1	184.27.185.21 184.27.185.21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	23.210.26.170 23.210.26.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.113.112.30 13.113.112.30	16509 (AMAZON-02) (AMAZON-02)
3	133.186.12.12 133.186.12.12	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
1 1	23.208.233.60 23.208.233.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.195.85.58 23.195.85.58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	96.7.39.72 96.7.39.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	222.230.178.27 222.230.178.27	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
1 5	18.176.31.142 18.176.31.142	16509 (AMAZON-02) (AMAZON-02)
2 2	35.213.93.179 35.213.93.179	15169 (GOOGLE) (GOOGLE)
1 2	35.186.254.217 35.186.254.217	15169 (GOOGLE) (GOOGLE)
4	222.230.178.130 222.230.178.130	2519 (VECTANT A...) (VECTANT ARTERIA Networks Corporation)
8 12	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2	34.120.96.193 34.120.96.193	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 7	133.186.12.18 133.186.12.18	10010 (TOKAI TOK...) (TOKAI TOKAI Communications Corporation)
1 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	20.85.134.6 20.85.134.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	202.233.84.1 202.233.84.1	131957 (MICROAD M...) (MICROAD MicroAd)
1	34.111.79.67 34.111.79.67	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	52.22.231.105 52.22.231.105	14618 (AMAZON-AES) (AMAZON-AES)
1 1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 1	184.72.108.234 184.72.108.234	14618 (AMAZON-AES) (AMAZON-AES)
2 3	93.158.134.90 93.158.134.90	13238 (YANDEX) (YANDEX)
1 2	23.45.61.118 23.45.61.118	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	188.42.105.220 188.42.105.220	7979 (SERVERS-COM) (SERVERS-COM)
1	142.250.199.102 142.250.199.102	() ()
2 2	89.207.22.108 89.207.22.108	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	150.95.47.242 150.95.47.242	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	133.186.161.88 133.186.161.88	45974 (NHN-AS-KR...) (NHN-AS-KR NHNCLOUD)
1 2	172.217.175.38 172.217.175.38	15169 (GOOGLE) (GOOGLE)
4	18.65.168.21 18.65.168.21	16509 (AMAZON-02) (AMAZON-02)
2	18.65.185.105 18.65.185.105	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 3	67.220.228.201 67.220.228.201	16509 (AMAZON-02) (AMAZON-02)
2 2	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	52.197.41.226 52.197.41.226	16509 (AMAZON-02) (AMAZON-02)
1 1	139.162.84.221 139.162.84.221	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
1 1	35.186.154.107 35.186.154.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	18.136.94.236 18.136.94.236	16509 (AMAZON-02) (AMAZON-02)
2	182.161.74.11 182.161.74.11	() ()
334	69

48 183.90.238.3 (Japan) 1 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv2302.xserver.jp

crypto.livertadquest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.196.106 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.39.216.185 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-185.deploy.static.akamaitechnologies.com

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.226.37.225 (Japan)

ASN131965 (XSERVER Xserver Inc., JP)
PTR: webmail.xserver.jp

webfonts.xserver.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.104 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.251.222.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 202.228.215.14 (Japan) 4 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: adm.shinobi.jp

adm.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.207.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.113.138.167 (Canada)

ASN54994 (ML-1432-54994, CA)

cnobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 202.228.215.63 (Japan) 2 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp

sync.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.213.12.39 (Tokyo, Japan) 10 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.68.171 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.95.135.115 (Tokyo, Japan) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-135-115.ap-northeast-1.compute.amazonaws.com

bypass.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 202.232.238.37 (Tokyo, Japan) 5 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

samuraifactory-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.200.55.26 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-55-26.deploy.static.akamaitechnologies.com

sync.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.251.42.194 (Marriottsville, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.251.188.116 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-188-116.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 172.217.161.66 (United States) 15 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 220.150.223.50 (Japan) 2 redirects

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa

sync-dsp.ad-m.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.116.239.135 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (Seattle, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.52 (Japan) 2 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.65.168.89 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-89.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p10.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.198.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.39.216.189 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-216-189.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.34.83 (United States)

ASN62713 (AS-PUBMATIC, US)

sshowads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.42.131 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.251.42.161 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 207.65.34.80 (United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

widget.as.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.212.4 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-212-4.ap-northeast-1.compute.amazonaws.com

ds.uncn.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.10.171 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.251.140.37 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-140-37.ap-southeast-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.9.108.180 (Hong Kong) 1 redirects

ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.124.209.251 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.248.253.182 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-253-182.ap-northeast-1.compute.amazonaws.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.84.60.21 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.126.19 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.65.34.74 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.42.164 (Marriottsville, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.161.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s23-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.206.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-206-100.nrt57.r.cloudfront.net

js.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.34.82 (United States)

ASN62713 (AS-PUBMATIC, US)

st.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.162.117.143 (Tokyo, Japan) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.175.185 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.27.185.21 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-27-185-21.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.210.26.170 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-210-26-170.deploy.static.akamaitechnologies.com

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.113.112.30 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-112-30.ap-northeast-1.compute.amazonaws.com

ad.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 133.186.12.12 (Yokohama, Japan)

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p012.net133186012.broadline.ne.jp

js.gsspcln.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.233.60 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-233-60.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.195.85.58 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-195-85-58.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.7.39.72 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-7-39-72.deploy.static.akamaitechnologies.com

adn-j.sp.gmossp-sp.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 222.230.178.27 (Tokyo, Japan) 2 redirects

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

rt.gsspat.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.176.31.142 (Tokyo, Japan) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-31-142.ap-northeast-1.compute.amazonaws.com

sync.ad-stir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 179.93.213.35.bc.googleusercontent.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.254.217 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 217.254.186.35.bc.googleusercontent.com

aw.dw.impact-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 222.230.178.130 (Tokyo, Japan)

ASN2519 (VECTANT ARTERIA Networks Corporation, JP)

aladdin.genieesspv.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 69.173.158.64 (Singapore) 8 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.96.193 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 193.96.120.34.bc.googleusercontent.com

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 133.186.12.18 (Yokohama, Japan) 4 redirects

ASN10010 (TOKAI TOKAI Communications Corporation, JP)
PTR: p018.net133186012.broadline.ne.jp

cs.gssprt.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.85.134.6 (Tappahannock, United States) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)

aid.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.79.67 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 67.79.111.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.22.231.105 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-231-105.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States) 1 redirects

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.72.108.234 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-108-234.compute-1.amazonaws.com

fksnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.158.134.90 (Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.61.118 (Tokyo, Japan) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-61-118.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.220 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.199.102 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.22.108 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: sin02-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.95.47.242 (Japan) 1 redirects

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: v150-95-47-242.a00c.g.jpt1.static.cnode.io

sync.dsp.reemo-ad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)

app.cauly.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.175.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.65.168.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-168-21.nrt57.r.cloudfront.net

spdeliver.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spcdnpc.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
xid.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.185.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-105.nrt57.r.cloudfront.net

spsvcpc-tls.i-mobile.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.228.201 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.43.90.21 (Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.197.41.226 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-41-226.ap-northeast-1.compute.amazonaws.com

dps.jp.cinarra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.84.221 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1564-221.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway) 1 redirects

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.154.107 (Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.136.94.236 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-94-236.ap-southeast-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (None, )

ASN- ()

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	doubleclick.net 20 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 ad.doubleclick.net — Cisco Umbrella Rank: 183	265 KB
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	550 KB
48	livertadquest.com 1 redirects crypto.livertadquest.com	563 KB
29	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 572 image6.pubmatic.com — Cisco Umbrella Rank: 869 sshowads.pubmatic.com — Cisco Umbrella Rank: 22753 simage2.pubmatic.com — Cisco Umbrella Rank: 896 image2.pubmatic.com — Cisco Umbrella Rank: 1056 image4.pubmatic.com — Cisco Umbrella Rank: 1271 st.pubmatic.com — Cisco Umbrella Rank: 1186 simage4.pubmatic.com — Cisco Umbrella Rank: 1301	72 KB
24	shinobi.jp 6 redirects adm.shinobi.jp — Cisco Umbrella Rank: 173522 sync.shinobi.jp — Cisco Umbrella Rank: 186279 pb.shinobi.jp	15 KB
15	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1188 eus.rubiconproject.com — Cisco Umbrella Rank: 656 token.rubiconproject.com — Cisco Umbrella Rank: 662 pixel.rubiconproject.com — Cisco Umbrella Rank: 385	18 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	350 KB
12	ad-stir.com 4 redirects bypass.ad-stir.com — Cisco Umbrella Rank: 111322 js.ad-stir.com — Cisco Umbrella Rank: 285227 ad.ad-stir.com — Cisco Umbrella Rank: 314544 sync.ad-stir.com — Cisco Umbrella Rank: 4787	27 KB
12	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 406 fonts.googleapis.com — Cisco Umbrella Rank: 58	128 KB
11	openx.net 2 redirects samuraifactory-d.openx.net jp-u.openx.net — Cisco Umbrella Rank: 11245 rtb.openx.net — Cisco Umbrella Rank: 796 us-u.openx.net — Cisco Umbrella Rank: 518	21 KB
10	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
10	bidswitch.net 10 redirects x.bidswitch.net — Cisco Umbrella Rank: 369	5 KB
9	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1180 www.googleadservices.com — Cisco Umbrella Rank: 156	609 B
7	gssprt.jp 4 redirects cs.gssprt.jp — Cisco Umbrella Rank: 17451	2 KB
7	fout.jp 5 redirects sync.fout.jp — Cisco Umbrella Rank: 41234	4 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 335 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1106	4 KB
6	i-mobile.co.jp spdeliver.i-mobile.co.jp — Cisco Umbrella Rank: 394909 spsvcpc-tls.i-mobile.co.jp — Cisco Umbrella Rank: 374728 spcdnpc.i-mobile.co.jp — Cisco Umbrella Rank: 443836 xid.i-mobile.co.jp — Cisco Umbrella Rank: 295211	138 KB
6	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 866 dis.criteo.com — Cisco Umbrella Rank: 633 widget.as.criteo.com — Cisco Umbrella Rank: 46459 gum.criteo.com	8 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 379	3 KB
6	im-apps.net sync.im-apps.net — Cisco Umbrella Rank: 4466 dmp.im-apps.net — Cisco Umbrella Rank: 25161 audiencedata.im-apps.net — Cisco Umbrella Rank: 27680	7 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 226	283 KB
5	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 490 ups.analytics.yahoo.com — Cisco Umbrella Rank: 352	3 KB
4	genieesspv.jp aladdin.genieesspv.jp — Cisco Umbrella Rank: 94255	4 KB
4	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 991 r.turn.com — Cisco Umbrella Rank: 4368	2 KB
4	ad-m.asia 2 redirects sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3312	1 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 22833	1 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5088	1 KB
3	gsspcln.jp js.gsspcln.jp — Cisco Umbrella Rank: 80030	13 KB
3	appier.net 3 redirects a.c.appier.net — Cisco Umbrella Rank: 14071 gocm.c.appier.net — Cisco Umbrella Rank: 2652	2 KB
3	adform.net 3 redirects c1.adform.net — Cisco Umbrella Rank: 660	2 KB
3	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 524	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	21 KB
3	ladsp.com 3 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 19566 cr-p10.ladsp.com — Cisco Umbrella Rank: 918458	2 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 653	42 KB
3	cnobi.jp cnobi.jp — Cisco Umbrella Rank: 305117	16 KB
3	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 3638 log.pinterest.com — Cisco Umbrella Rank: 4898	19 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1052	2 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 778	796 B
2	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5824	673 B
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 597	1 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3462	890 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1452	605 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 773	2 KB
2	inmobi.com 2 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 4144	971 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 405	826 B
2	impact-ad.jp 1 redirects aw.dw.impact-ad.jp — Cisco Umbrella Rank: 93333	570 B
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 2776	963 B
2	gsspat.jp 2 redirects rt.gsspat.jp — Cisco Umbrella Rank: 59275	531 B
2	bluevoox.com 2 redirects im.bluevoox.com — Cisco Umbrella Rank: 13837	1 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 799	676 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5644	1 KB
2	semasio.net 1 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1294	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 957	855 B
2	socdm.com 2 redirects tg.socdm.com — Cisco Umbrella Rank: 1207	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	147 KB
2	xserver.jp webfonts.xserver.jp — Cisco Umbrella Rank: 378584	48 KB
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3221	643 B
1	opera.com 1 redirects t.adx.opera.com — Cisco Umbrella Rank: 1528	555 B
1	cinarra.com dps.jp.cinarra.com — Cisco Umbrella Rank: 16197	38 B
1	cauly.co.kr app.cauly.co.kr — Cisco Umbrella Rank: 60542	161 B
1	reemo-ad.jp 1 redirects sync.dsp.reemo-ad.jp — Cisco Umbrella Rank: 11580	356 B
1	2mdn.net s0.2mdn.net	490 B
1	fksnk.com 1 redirects fksnk.com — Cisco Umbrella Rank: 5466	614 B
1	adkernel.com 1 redirects dsp.adkernel.com — Cisco Umbrella Rank: 7079	543 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1326	213 B
1	microad.jp aid.send.microad.jp — Cisco Umbrella Rank: 7775	641 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11052	335 B
1	gmossp-sp.jp adn-j.sp.gmossp-sp.jp — Cisco Umbrella Rank: 340464	1 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2860	1 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 935	612 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 933	592 B
1	uncn.jp 1 redirects ds.uncn.jp — Cisco Umbrella Rank: 23376	455 B
1	nrich.ai 1 redirects dsp.nrich.ai — Cisco Umbrella Rank: 3650	562 B
0	loopme.me Failed csync.loopme.me Failed
0	nex8.net Failed cs.nex8.net Failed
334	76

	Domain	Requested by
50	cm.g.doubleclick.net	15 redirects jp-u.openx.net googleads.g.doubleclick.net crypto.livertadquest.com eus.rubiconproject.com
48	crypto.livertadquest.com	1 redirects crypto.livertadquest.com
30	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	pagead2.googlesyndication.com	crypto.livertadquest.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
11	simage2.pubmatic.com	ads.pubmatic.com crypto.livertadquest.com
11	adm.shinobi.jp	3 redirects crypto.livertadquest.com adm.shinobi.jp
11	fonts.googleapis.com	crypto.livertadquest.com googleads.g.doubleclick.net
10	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
10	x.bidswitch.net	10 redirects
9	fonts.gstatic.com	fonts.googleapis.com
8	www.googleadservices.com	googleads.g.doubleclick.net crypto.livertadquest.com
8	pb.shinobi.jp	1 redirects adm.shinobi.jp crypto.livertadquest.com
7	pixel.rubiconproject.com	4 redirects eus.rubiconproject.com
7	cs.gssprt.jp	4 redirects crypto.livertadquest.com
7	sync.fout.jp	5 redirects crypto.livertadquest.com
6	image2.pubmatic.com	ads.pubmatic.com
6	match.adsrvr.org	6 redirects
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	sync.ad-stir.com	1 redirects crypto.livertadquest.com adn-j.sp.gmossp-sp.jp eus.rubiconproject.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	sync.shinobi.jp	2 redirects adm.shinobi.jp sync.shinobi.jp crypto.livertadquest.com
4	aladdin.genieesspv.jp	crypto.livertadquest.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	ads.pubmatic.com	pb.shinobi.jp ads.pubmatic.com
4	sync-dsp.ad-m.asia	2 redirects jp-u.openx.net crypto.livertadquest.com ads.pubmatic.com
4	pr-bh.ybp.yahoo.com	2 redirects jp-u.openx.net ads.pubmatic.com
4	bypass.ad-stir.com	3 redirects crypto.livertadquest.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	sync.gonet-ads.com	3 redirects
3	an.yandex.ru	2 redirects crypto.livertadquest.com
3	js.gsspcln.jp	pb.shinobi.jp crypto.livertadquest.com
3	dmp.im-apps.net	js.ad-stir.com js.gsspcln.jp dmp.im-apps.net
3	c1.adform.net	3 redirects
3	pixel.tapad.com	2 redirects ads.pubmatic.com
3	image6.pubmatic.com	ads.pubmatic.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	us-u.openx.net	jp-u.openx.net
3	ad.turn.com	3 redirects
3	jp-u.openx.net	samuraifactory-d.openx.net jp-u.openx.net
3	static.criteo.net	pb.shinobi.jp crypto.livertadquest.com
3	samuraifactory-d.openx.net	1 redirects pb.shinobi.jp crypto.livertadquest.com
3	cnobi.jp	crypto.livertadquest.com
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	pm.w55c.net	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	ipac.ctnsnet.com	1 redirects ads.pubmatic.com
2	ib.adnxs.com	2 redirects
2	simage4.pubmatic.com	ads.pubmatic.com
2	spsvcpc-tls.i-mobile.co.jp	spdeliver.i-mobile.co.jp spsvcpc-tls.i-mobile.co.jp
2	spdeliver.i-mobile.co.jp	adm.shinobi.jp spdeliver.i-mobile.co.jp
2	ad.doubleclick.net	1 redirects crypto.livertadquest.com
2	b1sync.zemanta.com	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	sync.teads.tv	1 redirects crypto.livertadquest.com
2	sync.srv.stackadapt.com	2 redirects
2	mweb.ck.inmobi.com	2 redirects
2	px.ads.linkedin.com	1 redirects eus.rubiconproject.com
2	audiencedata.im-apps.net	dmp.im-apps.net
2	aw.dw.impact-ad.jp	1 redirects crypto.livertadquest.com
2	a.sportradarserving.com	2 redirects
2	rt.gsspat.jp	2 redirects
2	eus.rubiconproject.com	js.ad-stir.com eus.rubiconproject.com
2	im.bluevoox.com	2 redirects
2	onetag-sys.com	2 redirects
2	a.c.appier.net	2 redirects
2	js.ad-stir.com	pb.shinobi.jp crypto.livertadquest.com
2	pool.admedo.com	2 redirects
2	uipglob.semasio.net	1 redirects ads.pubmatic.com
2	sync.crwdcntrl.net	1 redirects ads.pubmatic.com
2	bidder.criteo.com	static.criteo.net
2	cr-p3.ladsp.com	2 redirects
2	tg.socdm.com	2 redirects
2	rtb.openx.net	1 redirects jp-u.openx.net
2	www.googletagmanager.com	crypto.livertadquest.com www.googletagmanager.com
2	webfonts.xserver.jp	crypto.livertadquest.com webfonts.xserver.jp
2	assets.pinterest.com	crypto.livertadquest.com assets.pinterest.com
1	cm-supply-web.gammaplatform.com	1 redirects
1	t.adx.opera.com	1 redirects
1	gocm.c.appier.net	1 redirects
1	dps.jp.cinarra.com	ads.pubmatic.com
1	xid.i-mobile.co.jp	spdeliver.i-mobile.co.jp
1	spcdnpc.i-mobile.co.jp	spsvcpc-tls.i-mobile.co.jp
1	app.cauly.co.kr	googleads.g.doubleclick.net
1	sync.dsp.reemo-ad.jp	1 redirects
1	s0.2mdn.net
1	fksnk.com	1 redirects
1	r.turn.com	crypto.livertadquest.com
1	dsp.adkernel.com	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	aid.send.microad.jp	googleads.g.doubleclick.net
1	s.uuidksinc.net	1 redirects
1	adn-j.sp.gmossp-sp.jp	js.ad-stir.com
1	secure-assets.rubiconproject.com	1 redirects
1	ad.ad-stir.com	js.ad-stir.com
1	analytics.pangle-ads.com	1 redirects
1	st.pubmatic.com	sshowads.pubmatic.com
1	image4.pubmatic.com	ads.pubmatic.com
1	ups.analytics.yahoo.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	cms.quantserve.com	1 redirects
1	ds.uncn.jp	1 redirects
1	widget.as.criteo.com	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	cr-p10.ladsp.com	1 redirects
1	sshowads.pubmatic.com	ads.pubmatic.com
1	log.pinterest.com	crypto.livertadquest.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sync.im-apps.net	crypto.livertadquest.com
1	dsp.nrich.ai	1 redirects
1	ajax.googleapis.com	crypto.livertadquest.com
0	csync.loopme.me Failed	ads.pubmatic.com
0	cs.nex8.net Failed	jp-u.openx.net
334	114

This site contains links to these domains. Also see Links.

Domain
feedly.com
coin.z.com
coincheck.com
zaif.jp
bitflyer.com
www.binance.com
partner.bybit.com
twitter.com
www.facebook.com
www.linkedin.com
getpocket.com
thk.kanzae.net

Subject Issuer	Validity	Valid
crypto.livertadquest.com R3	`2023-08-31` - `2023-11-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.xserver.jp SecureCore RSA DV CA	`2023-03-31` - `2024-04-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.shinobi.jp R3	`2023-07-10` - `2023-10-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.fout.jp RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-01-23` - `2024-02-22`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.as.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-10` - `2023-10-07`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.ad-stir.com Sectigo ECC Domain Validation Secure Server CA	`2022-10-17` - `2023-10-14`	a year	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.gsspcln.jp GeoTrust TLS RSA CA G1	`2023-04-17` - `2024-05-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.sp.gmossp-sp.jp DigiCert TLS RSA SHA256 2020 CA1	`2023-02-05` - `2024-02-07`	a year	crt.sh
*.genieesspv.jp GeoTrust TLS RSA CA G1	`2023-03-31` - `2024-04-30`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.send.microad.jp GlobalSign RSA OV SSL CA 2018	`2022-10-05` - `2023-11-06`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.cauly.co.kr Sectigo RSA Organization Validation Secure Server CA	`2023-02-17` - `2024-03-06`	a year	crt.sh
*.i-mobile.co.jp JPRS Domain Validation Authority - G4	`2023-03-01` - `2024-03-31`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.jp.cinarra.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-17` - `2024-06-16`	a year	crt.sh

This page contains 60 frames:

Primary Page: https://crypto.livertadquest.com/
Frame ID: 1DDF2EE149CB1DE6CC94D20443E5B890
Requests: 94 HTTP requests in this frame

Frame: https://cnobi.jp/v1/admax/pb/js/r/1.js
Frame ID: F6298D490C7DC626C40E530850C704D4
Requests: 8 HTTP requests in this frame

Frame: https://samuraifactory-d.openx.net/w/1.0/jstag
Frame ID: F5D4D4CE70E33EEAF78D7F3B441CBE15
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html
Frame ID: C3044720756796E8400398CDB424F27C
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 644A7ED3BCE737C42874784732F2900F
Requests: 5 HTTP requests in this frame

Frame: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Frame ID: 96951BB03E713AD248A2B404D9AAFF14
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&adk=1812271804&adf=3025194257&lmt=1694437047&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469447374&bpp=7&bdt=1179&idt=567&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7328092068932&frm=20&pv=2&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=590
Frame ID: F027B18845F5A0998EE4E0734AD35641
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=280&adk=1123443942&adf=1445212254&pi=t.aa~a.2296679921~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694437047&rafmt=1&to=qs&pwprc=9937010111&format=1200x280&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469447381&bpp=1&bdt=1186&idt=589&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CZZg0oqZAN&p=https%3A//crypto.livertadquest.com&dtd=592
Frame ID: D76BE9EB00920038BB9A9E763C9F1CF3
Requests: 18 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 5D1C99BE1E7A50D8B39318336756E444
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=4021896486&pi=t.aa~a.2645554626~rp.4&w=300&lmt=1694437048&nsk=380783e2&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zGBvcgnvT2&p=https%3A//crypto.livertadquest.com&dtd=9
Frame ID: 29199E5BB85EAB30380F5AA5A274AF1F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11
Frame ID: D4C6C248BF5C9F6A7E2B3E6DAA7E9808
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=134&adk=3296851624&adf=3506941749&pi=t.aa~a.2645500157~rp.4&w=300&lmt=1694437048&nsk=22e0985d&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x134&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=1&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139%2C300x139&nras=5&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=Ig4BisQLqa&p=https%3A//crypto.livertadquest.com&dtd=14
Frame ID: FC683355D504C1E347F67739E2B9A238
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Frame ID: BA6E8508B934A459DAF677A8003A572D
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 239D9D04B38BA94279D3160839661438
Requests: 19 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AF7201E3D589E649AF1DBEDD3BDA72AE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AevYeEXJmO4Wks8AD7P3uwYbE88AAAGKhj_jzg
Frame ID: 1270E2794B720242B8272772B6525A9A
Requests: 1 HTTP requests in this frame

Frame: https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 74D357AAD64A65E3E123F876A9F494E7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8
Frame ID: 57C500B78FEB3956199DFC328E014738
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt
Frame ID: 382C4CB11CD8C7F6E340EA91DEE04D58
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%A2%E3%81%A6%E5%A7%8B%20%E3%82%A2%E3%80%82%E6%96%99%E3%83%94%E3%82%B9%E3%83%9D%E3%81%A3o%E3%81%98%E3%81%8F%E3%81%A7%E5%91%8A%E3%83%88%E3%82%82%E3%82%8B%E3%81%8A%E3%83%BC%E3%83%86%E9%96%93%E3%80%8D%E3%82%BF%E3%81%AE%E7%B0%A13%E3%80%81%E6%A7%98%E7%9E%AC%E3%81%AB%E3%83%97Gg%E3%81%BB%E5%BA%83%E3%81%97%E3%83%83el%E4%BD%BF%E3%81%84%E5%8D%98%E7%84%A1%E3%80%8C%E3%82%B5%E9%96%89%E3%83%AB%E9%96%8B
Frame ID: F57294FDD713E0177E87EA108E94D1A8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E4F48CCF04EC2E32F49AB2FFFA3C6FA1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0433523AEBE9461D0057A438AA647ED
Requests: 9 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/adstir.js
Frame ID: AA37F83B225880C08DFCF9B2A818F3FB
Requests: 8 HTTP requests in this frame

Frame: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156851&siteId=282925&adId=1379758&imprId=9FF8802A-160A-4AB6-88DE-A94B55BB44DA&cksum=FF4121D4260FC506&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1694469448&indirectAdId=1161375&adServerOptimizerId=1&ranreq=0.15622803937227947&kpbmtpfact=0.000000&dcId=6&tldId=0&passback=2&svr=ADSNRT10001&adsver=_1334146072&adsabzcid=0&cls=ADS&i0=0x1100000000000000&ekefact=SI3_ZJJgCQDW6SK9Lw5Kmj0lO0j_rgDVhnPiSHp-w9cu6dF3&ekaxefact=SI3_ZKVgCQBhOPusSd77dcyxx-IHxs5J8OnwvzSNGF6kofql&ekpbmtpfact=SI3_ZLZgCQC2pT6GAWLXzXsR7LY4yBmvvrVHvkBAwXji54aF&enpp=SI3_ZMZgCQAAK2HVVD67AZOISRS0YFhldWqikrKDQ_wqJpTs&pfi=1&dc=nrt10&crID=0&campaignId=0&isRTB=0&ver=11&dateHr=2023091121&usrgen=0&usryob=0&oid=9FF8802A-160A-4AB6-88DE-A94B55BB44DA&cntryId=116&domain=crypto.livertadquest.com&sec=1&pAuSt=1&wops=0&sURL=crypto.livertadquest.com&BrID=5
Frame ID: FF4EC5F7FC5B5343F1EA87A1AA029DF9
Requests: 1 HTTP requests in this frame

Frame: https://js.gsspcln.jp/t/214/221/a1214221.js
Frame ID: D6CC3681A289C9EDE864B718E6039F24
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Frame ID: 5FD4CD6B820EE1EAFDAA4BDB5285141D
Requests: 12 HTTP requests in this frame

Frame: https://adn-j.sp.gmossp-sp.jp/js/csync.html
Frame ID: 8F378C8792C33432B85C0A3CBC875CD8
Requests: 2 HTTP requests in this frame

Frame: https://js.ad-stir.com/js/load_adstir_optout.html?url=https://crypto.livertadquest.com/
Frame ID: 941C196EF38BC00D3628DADC6D8850D1
Requests: 1 HTTP requests in this frame

Frame: https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1214221&cb=30626755509&charset=UTF-8&loc=https%3A%2F%2Fcrypto.livertadquest.com%2F&sw=1200&sh=1600&topframe=0&fif=1
Frame ID: 73B131B8C46B191ACD8C08B369FB804A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 204544CEC9F2F609B25F88433C718D0E
Requests: 9 HTTP requests in this frame

Frame: https://cnobi.jp/v1/admax/ssp/js/net/12.js
Frame ID: D300B8E546A775E066AC38FF95DB25E4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6C6FF10821D385F2A879D40708094777
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EAA31F7B81014AD753B19207024A2428
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1A5540DA91B9354DBF4C3D231CFEA500
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 58319A81554C0F017C0CDE152985B793
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 69E1A3B95D28411202D24223197A55DA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C235026ECDF131A2308C8FA3C01BD37F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: 6CA849D88494C85AEF083E78D7D528F6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: B6C79E2190ADCD6E2A8F30CE130C7D95
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: 6A313B5FF2B59B94D06C89654D9184D4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: FE68ACB2A99F3A433832C3475A80E252
Requests: 1 HTTP requests in this frame

Frame: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Frame ID: DA9FB99311652EEFBB5C09BB8C64E6CC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js
Frame ID: 5ECD1EAD7EFE5A12EBB70C50F523F948
Requests: 1 HTTP requests in this frame

Frame: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=62804&asid=1533077&asn=1&width=300&height=250
Frame ID: 8DB897367483F9D76AFB76E78BE608C4
Requests: 3 HTTP requests in this frame

Frame: https://xid.i-mobile.co.jp/RestoreXidToMediaStorage.html
Frame ID: 56FE4828703F91D30A1C80305F97F224
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 61A97F394DA04EDFC54AE35AA5D183F9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937571650038870676&gdpr=0&gdpr_consent=
Frame ID: 5756121723E1BFEC5EE3C4DE22341709
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=
Frame ID: 71365BF544E5B877E5A66FCDF38639C7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0A669432E82613F54A3CE836FF405E04
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b0cd063de5674455a17038a9c584b4ed
Frame ID: 4CEF9A8217B9AE757BC69F04589EE1DB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP_NSwAMatN2vgA4
Frame ID: 5D42E73C5CF508253C19CBCB33EF0130
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3ABE94AE-DE43-4981-913E-1544E059E3EB
Frame ID: 6596DD2854CABA9C8BE5F9E2B4E954BC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PPhyzYqVBqWLuaScSI3_ZA
Frame ID: C53AB9535F1EAFA318EB79FDDA02516E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU27d0c64fb3e54c558674fd9fd740378f
Frame ID: 5AA228D967B97B5C59E63BD65AE66C1F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ibiryozmca5z
Frame ID: 16DA38525907FF9BC55CD99DB77F05C9
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 2AF03B2DCEE3AC96E75C3C3F762C46C1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:It4OykU51QFOUs5&gdpr=0&gdpr_consent=
Frame ID: 081893E4069FB28878CAEA2440718130
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto.livertadquest.com
Frame ID: A11E278454604AA9EC7DA27A67E2A2ED
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B99993471687D96FABF6081D4955A1C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 121E01C5EA52D487E3311BB3C858E918
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

仮想通貨（暗号資産）攻略Wiki

Page URL History Show full URLs

http://crypto.livertadquest.com/ HTTP 301
https://crypto.livertadquest.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

334
Requests

74 %
HTTPS

0 %
IPv6

76
Domains

114
Subdomains

69
IPs

13
Countries

2754 kB
Transfer

6222 kB
Size

144
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://feedly.com/index.html#subscription/feed/https%3A%2F%2Fcrypto.livertadquest.com%2Ffeed%2F
Title: Feedly

Search URL Search Domain Scan URL

URL: https://coin.z.com/jp/
Title: <img class="alignnone size-medium wp-image-65" src="https://crypto.livertadquest.com/wp-content/uploads/2022/03/GMOcoin-300x118.jpg" alt="" width="300" height="118" data-eio="l" />

Search URL Search Domain Scan URL

URL: https://coincheck.com/ja/
Title: <img class="alignnone size-medium wp-image-62" src="https://crypto.livertadquest.com/wp-content/uploads/2022/03/coincheck-300x118.png" alt="" width="300" height="118" data-eio="l" />

Search URL Search Domain Scan URL

URL: https://zaif.jp/login
Title: <img class="alignnone size-medium wp-image-63" src="https://crypto.livertadquest.com/wp-content/uploads/2022/03/Zaif-300x118.png" alt="" width="300" height="118" data-eio="l" />

Search URL Search Domain Scan URL

URL: https://bitflyer.com/ja-jp/ex/Home
Title: <img class="alignnone size-medium wp-image-64" src="https://crypto.livertadquest.com/wp-content/uploads/2022/03/bitflyer-300x118.png" alt="" width="300" height="118" data-eio="l" />

Search URL Search Domain Scan URL

URL: https://bitflyer.com/ja-jp/
Title: bitflyerの詳細を見る

Search URL Search Domain Scan URL

URL: https://www.binance.com/ja
Title: <img class="alignnone size-medium wp-image-80" src="https://crypto.livertadquest.com/wp-content/uploads/2022/03/binance-e1646484420816-300x118.jpg" alt="" width="300" height="118" data-eio="l" />

Search URL Search Domain Scan URL

URL: https://partner.bybit.com/b/livertad_invest
Title: <img class="alignnone size-medium wp-image-79" src="https://crypto.livertadquest.com/wp-content/uploads/2022/03/bybit-e1646484358655-300x117.png" alt="" width="300" height="117" data-eio="l" />

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=%E4%BB%AE%E6%83%B3%E9%80%9A%E8%B2%A8%EF%BC%88%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%EF%BC%89%E6%94%BB%E7%95%A5Wiki&url=https://crypto.livertadquest.com/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://crypto.livertadquest.com/&t=%E4%BB%AE%E6%83%B3%E9%80%9A%E8%B2%A8%EF%BC%88%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%EF%BC%89%E6%94%BB%E7%95%A5Wiki
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://crypto.livertadquest.com/&title=%E4%BB%AE%E6%83%B3%E9%80%9A%E8%B2%A8%EF%BC%88%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%EF%BC%89%E6%94%BB%E7%95%A5Wiki&summary=
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://getpocket.com/edit?url=https://crypto.livertadquest.com/
Title: Pocket

Search URL Search Domain Scan URL

URL: https://thk.kanzae.net/
Title: Thought is free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://crypto.livertadquest.com/ HTTP 301
https://crypto.livertadquest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://adm.shinobi.jp/st/s.js HTTP 302
https://cnobi.jp/v1/admax/ssp/js/s/12.js

Request Chain 50

https://x.bidswitch.net/sync?ssp=admax HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admax HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=admax&bsw_custom_parameter=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=8eb25524-3a98-4403-a228-0ebb3dbbf96c&expires=1&user_group=2&ssp=admax&bsw_param=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://adm.shinobi.jp/bidswitch/cookiesync?dspid=8976e206-0475-47ac-be13-7c549fda367a

Request Chain 51

https://bypass.ad-stir.com/push_sync?xid=admax HTTP 302
https://adm.shinobi.jp/bypass/sync?buid=693f6d27-29fe-47c7-8a40-98033e8aea53 HTTP 302
https://bypass.ad-stir.com/receive_sync?ssp=admax&uid=2e7da4ac-c00e-4393-80fb-4a74339c0388

Request Chain 53

https://pb.shinobi.jp/st/r.js HTTP 302
https://cnobi.jp/v1/admax/pb/js/r/1.js

Request Chain 74

https://sync.shinobi.jp/v2/sync/multi/1001?1694469447320 HTTP 302
https://adm.shinobi.jp/chikayo/cookiesync?uid=ea245533-9d9d-4230-9855-d57c43ee9774

Request Chain 75

https://sync.shinobi.jp/v2/sync/multi/1762?1694469447320 HTTP 302
https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=ea245533-9d9d-4230-9855-d57c43ee9774

Request Chain 79

https://samuraifactory-d.openx.net/w/1.0/acj?ai=b066c0fb-92dc-4674-8a53-5ce2f0dc979f&o=942215385&callback=OX_942215385&ju=https%3A//crypto.livertadquest.com/&jr=&auid=539726660&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-540&ws=300x250&ifr=1&tws=1600x1200&mt=1 HTTP 302
https://samuraifactory-d.openx.net/w/1.0/acj?cc=1&ai=b066c0fb-92dc-4674-8a53-5ce2f0dc979f&o=942215385&callback=OX_942215385&ju=https%3A//crypto.livertadquest.com/&jr=&auid=539726660&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-540&ws=300x250&ifr=1&tws=1600x1200&mt=1

Request Chain 87

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=b5ftcttwiPKTwPJZikxshg==&ox_sc=1&ox_init=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=b5ftcttwiPKTwPJZikxshg==&ox_sc=1&ox_init=1&google_tc= HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 88

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1

Request Chain 89

https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 90

https://match.adsrvr.org/track/cmf/openx?oxid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0&gdpr_consent=

Request Chain 91

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZP.NR8Co5r8AAFDYCeEAAAAA

Request Chain 92

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXmhGK4Q9uPEks8AD7P3uwYbE88AAAGKhj_gVQ

Request Chain 93

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhZWI0ODQtYmI4MS02Zjc4LTYwNTQtZTQ1NzkzYjc5ODVj HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhZWI0ODQtYmI4MS02Zjc4LTYwNTQtZTQ1NzkzYjc5ODVj&google_tc=

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOb5ndJLZnCPj3Ls1p_whE0&google_cver=1

Request Chain 124

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AevYeEXJmO4Wks8AD7P3uwYbE88AAAGKhj_jzg

Request Chain 125

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Request Chain 126

https://ds.uncn.jp/pm/0/sync HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8

Request Chain 127

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Or6Urt5DSYGRPhVE4Fnj6w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 129

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3ABE94AE-DE43-4981-913E-1544E059E3EB HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=3ABE94AE-DE43-4981-913E-1544E059E3EB HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=995a2b28-6606-4f25-a69f-0a7fa883f703%252C%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=995a2b28-6606-4f25-a69f-0a7fa883f703%2C%2C

Request Chain 130

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE94AE-DE43-4981-913E-1544E059E3EB&gdpr=0&gdpr_consent= HTTP 302
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE94AE-DE43-4981-913E-1544E059E3EB&gdpr=0&gdpr_consent=&ct=y

Request Chain 131

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3ABE94AE-DE43-4981-913E-1544E059E3EB&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ABE94AE-DE43-4981-913E-1544E059E3EB&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FCRTk0QUUtREU0My00OTgxLTkxM0UtMTU0NEUwNTlFM0VC&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO-24uHgPbw7o0e4UFLdTKM&google_cver=1

Request Chain 135

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8976e206-0475-47ac-be13-7c549fda367a HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8976e206-0475-47ac-be13-7c549fda367a HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=260a73ff-728d-4bf1-a963-6d6fe9538ad4&user_group=1&ssp=pubmatic&bsw_param=8976e206-0475-47ac-be13-7c549fda367a HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 136

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=

Request Chain 137

https://tg.socdm.com/rtb/sync?proto=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZP.NSMCo5r8AAFDYCmoAAAAA

Request Chain 138

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8881251239106716674

Request Chain 140

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ABE94AE-DE43-4981-913E-1544E059E3EB&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SMNXk8NE2uWtUFEtf.RH1w_8vV7ZvO0-~A&gdpr=0

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 155

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmTsJEaX3vsuZ40tMNLUTWe1kGA6M7FoXe-bDJ9LEU8gSfyzXuTxWvOQRTI_lz2W81TpWqxXHf0GsJ1td5XcV9TSs0vTMNsw2hk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTsJEaX3vsuZ40tMNLUTWe1kGA6M7FoXe-bDJ9LEU8gSfyzXuTxWvOQRTI_lz2W81TpWqxXHf0GsJ1td5XcV9TSs0vTMNsw2hk&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1

Request Chain 156

https://a.c.appier.net/gcm?google_gid=CAESENolHGDbnOhjFJqBki84rlE&google_cver=1&google_push=AXcoOmRXJ-GOQk3wp8Db2aBXJIUOKvxVqP7-fONz9FMyCYirCl3VzwwGTwpK0rILmcLq_8dBriSnjYFbdGdALtX9Nom775KoqESU3GQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRXJ-GOQk3wp8Db2aBXJIUOKvxVqP7-fONz9FMyCYirCl3VzwwGTwpK0rILmcLq_8dBriSnjYFbdGdALtX9Nom775KoqESU3GQ

Request Chain 157

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOTZKCLktlg3IJSZ7vheARM&google_cver=1&google_push=AXcoOmQL7EWfx01KdeLyPnAL1y1K9zlCFOy_0-Mbop5lfdh0EWZiJxD6NT41R6nRWhGUg8Nkl0VLNVhiM7iRE03vVqCNGd6GmsHt03U HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQL7EWfx01KdeLyPnAL1y1K9zlCFOy_0-Mbop5lfdh0EWZiJxD6NT41R6nRWhGUg8Nkl0VLNVhiM7iRE03vVqCNGd6GmsHt03U&google_hm=eS1XTE1GMHJ4RTJwR2taTk9GbG1CdnJUUkoycGNhajV2Tn5B

Request Chain 158

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEI6HdIv1GhqTw-ogx3GyDvs&google_cver=1&google_push=AXcoOmRmqy6flxdUtqCk-uGXbyCEhN-u8SHiVofPVS1sVWvWqbvEAc80zibCazgZPuu0MAAHY7N7-bGh_zzqhxaxHuWO374j6QU-TNE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRmqy6flxdUtqCk-uGXbyCEhN-u8SHiVofPVS1sVWvWqbvEAc80zibCazgZPuu0MAAHY7N7-bGh_zzqhxaxHuWO374j6QU-TNE&google_hm=iXbiBgR1R6y-E3xUn9o2eg==

Request Chain 159

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFCk4pMZ4WWpCZ6GgZarqis&google_cver=1&google_push=AXcoOmSikAsvZTA472FeRGOWfNVrZYBzuKXXx65xGfCAHWApDNtkPHIMlU0fFgr1Aobd8qWGYbxB6xOxrCGZ96gJry1ffzfVCXXT3g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSikAsvZTA472FeRGOWfNVrZYBzuKXXx65xGfCAHWApDNtkPHIMlU0fFgr1Aobd8qWGYbxB6xOxrCGZ96gJry1ffzfVCXXT3g

Request Chain 160

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED3duPYgbOLr9JvKO6UZLZQ&google_cver=1&google_push=AXcoOmQrYSaSo4M9nNb7i_jLklezuI0WgDORU1rUQfyqlgF_FfSc6C9_VUVI73aycDF3oHp_x1lHYvnCbKQVHXS5ATxwzeYvlG82GXkF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQrYSaSo4M9nNb7i_jLklezuI0WgDORU1rUQfyqlgF_FfSc6C9_VUVI73aycDF3oHp_x1lHYvnCbKQVHXS5ATxwzeYvlG82GXkF&google_hm=QlMuNTIxNS1hY2Q1LTQ4NGYtYTFkMQ==

Request Chain 161

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKc81Zg7APc9JGO8Ho-LFMM&google_cver=1&google_push=AXcoOmRucT6SshJm0xFQwPUsyiWKWTzdbnw0O7DJvJkDoXm37Z7QNlWDVnCslTsNt-brKWUxNNwmY5Pi2PhnUXLchMrdOcGMBJFGc9o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRucT6SshJm0xFQwPUsyiWKWTzdbnw0O7DJvJkDoXm37Z7QNlWDVnCslTsNt-brKWUxNNwmY5Pi2PhnUXLchMrdOcGMBJFGc9o

Request Chain 166

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=united&endpoint=APAC HTTP 301
https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC

Request Chain 169

https://rt.gsspat.jp/lcs?lamp_sc=adstir&lamp_cgid=1&lamp_ggid=1 HTTP 302
https://sync.ad-stir.com/?symbol=GENIEE&uid=5f400273be77903a30eab03451a15840

Request Chain 170

https://x.bidswitch.net/sync?ssp=adstir HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adstir HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adstir HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=14bce9d4-d103-47e8-bda1-cb3016aaf181&ssp=adstir HTTP 302
https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=8976e206-0475-47ac-be13-7c549fda367a

Request Chain 171

https://sync.ad-stir.com/sync?symbol=GREE&imp=1 HTTP 302
https://sync.fout.jp/sync?xid=adstir&uid=693f6d27-29fe-47c7-8a40-98033e8aea53

Request Chain 172

https://bypass.ad-stir.com/map HTTP 302
https://aw.dw.impact-ad.jp/c/map/?oid=207d81ffda0cc019&cid=693f6d27-29fe-47c7-8a40-98033e8aea53&sp=utd HTTP 303
https://aw.dw.impact-ad.jp/c/mapr/?oid=207d81ffda0cc019&cid=693f6d27-29fe-47c7-8a40-98033e8aea53&sp=utd

Request Chain 224

https://adm.shinobi.jp/st/net.js HTTP 302
https://cnobi.jp/v1/admax/ssp/js/net/12.js

Request Chain 227

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=1 HTTP 302
https://rt.gsspat.jp/lcs?lamp_sc=aladdin HTTP 302
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=5f400273be77903a30eab03451a15840

Request Chain 228

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=freakout&format=gif&vid=1 HTTP 302
https://sync.fout.jp/sync?xid=geniee HTTP 302
https://cs.gssprt.jp/yie/ld/cs?dspid=freakout&uid=Dkstk6G4vJrsnCz3uFOoJ8ARkFg

Request Chain 229

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=motionbeat2&format=gif&vid=1 HTTP 302
https://bypass.ad-stir.com/push_sync?xid=12345 HTTP 302
https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=693f6d27-29fe-47c7-8a40-98033e8aea53

Request Chain 230

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=1 HTTP 302
https://aladdin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA0pV0amc0_6DSSkmer-KRdnfNYIVvYjnbaBwzYKZaP71QHioWtfSi3zU0YQUiq70HA&format=gif

Request Chain 235

https://googleads.g.doubleclick.net/pagead/adview?ai=CvvMOSI3_ZMqdHrGjpt8Pn7uAmAqOjvPncqOoksb3EdrZHhABIKGwvS9gidvFhPQToAHY0cWwAcgBBqkCu8a3vodUPT6oAwHIA8sEqgT2AU_QKHsNV9wNp4a1sP2sZkX4xGtiri8kJOIbnS-R7wGwmdUhvxEWt5vG0hCc1PDLffiiUWg0-Xez3nbYqrh5sNOSXGLa29StUNSKENA9iXgE9UdRaTHk7JV-m9-SugXITIFDGFhn-PYaOJ84hQMBvmIeBsgpkMIvu8ZkhELtG0et6ijCgwkrUzDK5fgScfi78y15Iv8KhLm6BbjTjqaCv3bcm9YaBHB4NV0zz0V6BCAeR_tKCkJBjk2LlmMSmZesDOhS2eDPF7bEhuRsXvO_9TfHh2F6RkCe4kbtCtqSnfviFcH-QNeoFfbQmywAyUKZ9VWWA2tPpsAE7u2k6LUEiAXrqPO2TJIFBAgEGAGSBQQIBRgEoAY3gAeQrrrPAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKOQAtIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgl4aHR0cHM6Ly93d3cubWVpbW9ua2FpLmNvLmpwL2V2ZW50L21lZGljaW5lX3Rva3lvMjMxMS5odG1sP3V0bV9zb3VyY2U9R29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1HRE5fanVrZW5faW50ZW50gAoByAsB2gwRCgsQ4LWkzYip27eDARICAQPYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNzU2MjI3MjQ2NTYxMTM3NxgA&sigh=XxwQbBQmA0w&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWZjQP6FPw4Q3xBeX0HRdyaJ6TplFHXM0oxHb8N7nkC5MmB0MYGAE&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%2216620474541615368881%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218289692610213434289%22}&andc=true

Request Chain 237

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPup6mnlNRrasWVhNwiGaxs&google_cver=1&google_push=AXcoOmQIZglu13ehQLqho9rR9cvWtSB1Jtp5gnxTaz2ZxeKzthfvb53yHY8sqqsVftW-bz6WlmSmUoDlHM9runYnNa8SNw1qV12LcNbSmT8baMexEiMxxICggqbPFt5D9qWflbbTWoinEc0MuDDgAi8vzl8teg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQIZglu13ehQLqho9rR9cvWtSB1Jtp5gnxTaz2ZxeKzthfvb53yHY8sqqsVftW-bz6WlmSmUoDlHM9runYnNa8SNw1qV12LcNbSmT8baMexEiMxxICggqbPFt5D9qWflbbTWoinEc0MuDDgAi8vzl8teg

Request Chain 238

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE1S8w9y72eGaHo8gHorJIc&google_cver=1&google_push=AXcoOmSCQDupOD7-vvrEM-K4hMaTNXMb5-Vd_ug5U6vFhXrqzY-EtbEnmEtyboB8fjfUbrg9v7pd6aMQ7KusUBEuyD1BWuPrg8-Aj7z-xrdX4GbvUgeI4Pq-L0aEWH_3NVNKCP3eir32Vebhm100JTSVrbMZtw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTZiZGQ1MTAtODE5NC00ZTI2LThmZmYtZmI5MzY4YzU2Mzcy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=96bdd510-8194-4e26-8fff-fb9368c56372

Request Chain 239

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmTm6pU0ywmTqn9PbvCOfpOMXDm74-c5t_BcL26wdWNQjetczu-fWcJ2Si9NCnhXeXNLifD510rIR-S0lfWOmk0rEfvsh2d2YnrAxGtV8tfqvCFiWL4ICt44r_LuI3gzzPupMu97WKy_2UvpWsJtGRRdKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTm6pU0ywmTqn9PbvCOfpOMXDm74-c5t_BcL26wdWNQjetczu-fWcJ2Si9NCnhXeXNLifD510rIR-S0lfWOmk0rEfvsh2d2YnrAxGtV8tfqvCFiWL4ICt44r_LuI3gzzPupMu97WKy_2UvpWsJtGRRdKQ&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1

Request Chain 240

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmRGZwOW4tB9eXBl8wwfgQ5x3JOiiu9CZhsuMCLNLxMl5ZRf8Au3nEDOVdrU1ClNPTnABvZ753dKho_kBpXiOFupXRdm5MSaz3gpY5oN6hA76n4V7b6Ja5QQGYi6VHokD-35Z0ldNsnKgCUwQwm6ycfHYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTI4NmVjOGMtNTQ0MS00OWIyLWE5MzAtZGI3MDZjNDBkYWJi&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmRGZwOW4tB9eXBl8wwfgQ5x3JOiiu9CZhsuMCLNLxMl5ZRf8Au3nEDOVdrU1ClNPTnABvZ753dKho_kBpXiOFupXRdm5MSaz3gpY5oN6hA76n4V7b6Ja5QQGYi6VHokD-35Z0ldNsnKgCUwQwm6ycfHYw

Request Chain 241

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI6HdIv1GhqTw-ogx3GyDvs&google_cver=1&google_push=AXcoOmQb1On-f672KEJS8e59-Th_Y819zUaCMnL18-KG7DWA20qvcS2khwChUfmJ05C8UtkMXyOFXGFjpNOedLsa37rAlku0mDldUOy-pu9qa22d6qB6jpn61yKgfqk8JJLVthawReyQ458O-qr5ZPSgN0oTrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQb1On-f672KEJS8e59-Th_Y819zUaCMnL18-KG7DWA20qvcS2khwChUfmJ05C8UtkMXyOFXGFjpNOedLsa37rAlku0mDldUOy-pu9qa22d6qB6jpn61yKgfqk8JJLVthawReyQ458O-qr5ZPSgN0oTrg&google_hm=iXbiBgR1R6y-E3xUn9o2eg==

Request Chain 242

https://s.uuidksinc.net/match/47/?remote_uid=CAESEPyVlQt-3HX-Gdgq-7STVN0&c_param1=AXcoOmQTUkTXaeTGDyzPQq9Dae4tcxVO1Z4Bf7_qoJLlduRFaVb8OMqDyiqpQR1F5Va07yPikNxBH-uamYYrAmyGsUh1UknOiltqMXmkX1fJnhRZOmz0XIrlQd5Ojn1Q1O4Uwahdd1x9jn3UYemqiowcgznxhw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTUkTXaeTGDyzPQq9Dae4tcxVO1Z4Bf7_qoJLlduRFaVb8OMqDyiqpQR1F5Va07yPikNxBH-uamYYrAmyGsUh1UknOiltqMXmkX1fJnhRZOmz0XIrlQd5Ojn1Q1O4Uwahdd1x9jn3UYemqiowcgznxhw

Request Chain 243

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJsoq0npm1xCZ5IHaaR8qNU&google_cver=1&google_push=AXcoOmS6kkC9hQPVucqW3BuvDprMQnI_lAJZddXmDHA9OtEnD3lDXMIyZbxjYXA4q-vUy4_0XFs30-s6S-xwk3UVmV1IgfWp8TmsC3RWI1Z5kQkBqJZFOJM6a52rw9rbFvxm0S7Upusx8qDbQQ7_w33uifjO5w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY5Njg4ODg0MTEzMzgwNTgw&google_push=AXcoOmS6kkC9hQPVucqW3BuvDprMQnI_lAJZddXmDHA9OtEnD3lDXMIyZbxjYXA4q-vUy4_0XFs30-s6S-xwk3UVmV1IgfWp8TmsC3RWI1Z5kQkBqJZFOJM6a52rw9rbFvxm0S7Upusx8qDbQQ7_w33uifjO5w

Request Chain 253

https://googleads.g.doubleclick.net/pagead/adview?ai=CljIJSI3_ZJGnHpSL8wPS976ACo6O8-dyo6iSxvcR2tkeEAEgobC9L2CJ28WE9BOgAdjRxbAByAEGqQK7xre-h1Q9PqgDAcgDywSqBPYBT9BNwUhy8ih7QRBnUgdO_ZLNrf55HJOMl3tgfquk19WrDgzPfhYityYBPbARzZHCVT4Jo-yXjnSVkLq1eq99Fj4-ng_Qvl5SPUQRASultLexRsrEJCKGQdsasbGQPyy62GgHwn03R7r8IoXsQGU5wVb0JX1FuH0YFeAXHEpvyRLB7VRRm1NMCVNhPoQ0ZihhE4vhksXjXD3YZOwQB4B9yLEt-MPsE7ykZZs6LmlhpyyPqq3VeZY4ZEO_V6PSpauCaP9Bq61H15sVzK--Il-R2j0hVSzH1IoL8YSBoxeJyH3jmxmtpud7q31Giq4nl6H4hCF6cnCOwATu7aTotQSIBeuo87ZMkgUECAQYAZIFBAgFGASgBjeAB5Cuus8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQn_kB0ggUCIBhEAEYHzICigI6AoBASL39wTqaCXhodHRwczovL3d3dy5tZWltb25rYWkuY28uanAvZXZlbnQvbWVkaWNpbmVfdG9reW8yMzExLmh0bWw_dXRtX3NvdXJjZT1Hb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPUdETl9qdWtlbl9pbnRlbnSACgHICwHaDBEKCxDAkZaFj97KiI8BEgIBA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi03NTYyMjcyNDY1NjExMzc3GAA&sigh=tcP2F-TDVjk&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWP22UfM6t6FrDkATqYpCbmuPzT5m7FQTaObBoSPFiwNlXrH4VGAE&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%223873248904000042545%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222681746450611449729%22}&andc=true

Request Chain 254

https://googleads.g.doubleclick.net/pagead/adview?ai=CGEc2SI3_ZLHWHtigpt8Pl-aW2AeOjvPncqOoksb3EdrZHhABIKGwvS9gidvFhPQToAHY0cWwAcgBBqkCu8a3vodUPT6oAwHIA8sEqgT2AU_Q9kYbsjvINwRwLnRLZe7bpSPsltCCSol0O3598iOGpq7WZ9L8k2HtWldaaAfgWgIN5XWEhiXFQ0Hgiw8sNfJIK1S3-3iCcNcSQkAjY31wiRaci7JhayEyvIWg89Cp5LA-wpnfSau19MMda-SQimXGy-ZMsQgLDHV_aAG-nDTOVeN96QhE9QA9Ovm7H0Yj1PE8Zzi76KBhfpTVMQpJjE2ZAdEoafH436YbaMZmCTqXML_DtoUzXnGxYDmxDwxoqI-vyJSSy6NQzcMtKpX4c19edJh8qw3RQUvqZVlv-FgAq9JwsBLmaLQ5riRZiWCNGbNbSRJtf8AE7u2k6LUEiAXrqPO2TJIFBAgEGAGSBQQIBRgEoAY3gAeQrrrPAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI75AdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgl4aHR0cHM6Ly93d3cubWVpbW9ua2FpLmNvLmpwL2V2ZW50L21lZGljaW5lX3Rva3lvMjMxMS5odG1sP3V0bV9zb3VyY2U9R29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1HRE5fanVrZW5faW50ZW50gAoByAsB2gwRCgsQgPLxj-mK0fmfARICAQPYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNzU2MjI3MjQ2NTYxMTM3NxgA&sigh=vvTqyaY1Q8w&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWw3qP-2rNmw0N-gJt0pdmFP8AhGfX5Jk2gr4ZlPoyFWPjoxNVGAE&template_id=492&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%223829037929514951763%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217628509063824412417%22}&andc=true

Request Chain 258

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmQt1VaVW-kwxtJwj6yAkO-fCWSYmMDUu8VGCzz1uFTHhQcfSdMQPWAZ5EgyJoxBJ3cZvv8cRrac00ifNBcWVfxY2JouMtk5Bw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQt1VaVW-kwxtJwj6yAkO-fCWSYmMDUu8VGCzz1uFTHhQcfSdMQPWAZ5EgyJoxBJ3cZvv8cRrac00ifNBcWVfxY2JouMtk5Bw&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1

Request Chain 259

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEI6HdIv1GhqTw-ogx3GyDvs&google_cver=1&google_push=AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1qURVEoVAIWSQiyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1qURVEoVAIWSQiyw&google_hm=iXbiBgR1R6y-E3xUn9o2eg==

Request Chain 262

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJ8WjMJmARvVYhnQwvzF6-g&google_cver=1&google_push=AXcoOmTKooMZveBPPqiCxYf9whqI8kl8wlp9DZJWqaGRu-rU2FBDUsuT3Cwoix4BGUUnG5sLaHpL4J0_LlKbNqVNLtN6GxQwfRsrDAg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=o1iVMtdOUKlAGmC2JHRMApnwroU&google_push=AXcoOmTKooMZveBPPqiCxYf9whqI8kl8wlp9DZJWqaGRu-rU2FBDUsuT3Cwoix4BGUUnG5sLaHpL4J0_LlKbNqVNLtN6GxQwfRsrDAg

Request Chain 263

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBLTSmOYcJybxRlXHyTk0G0&google_cver=1&google_push=AXcoOmQfg5pyNCgVt9lTB0J49TVwIJHGRr8ZK2zUQrZ41Ujx1O_tEwUeYnYjNMIFtoTxldyAwtfTuwXvxUbnUw1KeOVVBtKfzzIOoKc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDU1MzA0NTYwNDU0MzM3MjA&google_push=AXcoOmQfg5pyNCgVt9lTB0J49TVwIJHGRr8ZK2zUQrZ41Ujx1O_tEwUeYnYjNMIFtoTxldyAwtfTuwXvxUbnUw1KeOVVBtKfzzIOoKc

Request Chain 264

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFCk4pMZ4WWpCZ6GgZarqis&google_cver=1&google_push=AXcoOmTU-kuR-B69Z2buWKmhLGjIgKjQ-EeM3MfKzuSYQyGUk0YSb5W2WuF7FNmbLEDLVg6qW3XxmsaAyS1MVsIexxnrT1LcpEW4lyY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU-kuR-B69Z2buWKmhLGjIgKjQ-EeM3MfKzuSYQyGUk0YSb5W2WuF7FNmbLEDLVg6qW3XxmsaAyS1MVsIexxnrT1LcpEW4lyY

Request Chain 267

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 270

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFrXzJSmj_xGwdCYPD3GWbU&google_cver=1&google_push=AXcoOmR-BGlyRQ51mXXy4fAF2t1V2F5sRm_vjhqbJAWeHRNzduvyNep6eNwtJ9W1TxKR-4zwetxY9WDPZxpdf6nCmCyFqL375ra540w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk0MDAwMDEzNTE0MzI2MzA1NA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFrXzJSmj_xGwdCYPD3GWbU&google_cver=1

Request Chain 271

https://fksnk.com/cs/google?google_gid=CAESEHIJlazMr1ZxUEMtte1sOUg&google_cver=1&google_push=AXcoOmSJsUli7weGk5OxsOu9TjseU1x-livqACDz_J6HQoMdGU7EkDXNWmEG3yTsjmwiKpngsKJ805LOogiYwHrZfws_JpNZCn846Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODVFNjg5OTlFMzcxRjE2QQ==

Request Chain 272

https://a.c.appier.net/gcm?google_gid=CAESENolHGDbnOhjFJqBki84rlE&google_cver=1&google_push=AXcoOmRA45jzuYiWPswALxQyUvsHjuD_bZCa02LJxsMTy7dmBpw_39FF2CxZOtPhfLNwopLEbqzcjSN1MnreMrh8Ud5qO3JbOWtboLg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRA45jzuYiWPswALxQyUvsHjuD_bZCa02LJxsMTy7dmBpw_39FF2CxZOtPhfLNwopLEbqzcjSN1MnreMrh8Ud5qO3JbOWtboLg

Request Chain 273

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaAdf9wiKku3M6hBEKekQU&google_cver=1&google_push=AXcoOmST_sGPgMTEO5v8murfJNSYu8_CQtzmOhyTDyH62htg3uWu9CaHpETvlm_0Z_LR-2hsdJ3xp7H3xDLOkHRUJbB0Qud3lwNEhiyY HTTP 302
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaAdf9wiKku3M6hBEKekQU&google_cver=1&google_push=AXcoOmST_sGPgMTEO5v8murfJNSYu8_CQtzmOhyTDyH62htg3uWu9CaHpETvlm_0Z_LR-2hsdJ3xp7H3xDLOkHRUJbB0Qud3lwNEhiyY&uid-set=1

Request Chain 274

https://an.yandex.ru/mapuid/google/CAESELF8HQH12uWn03PuVQiD8uo?ext-param=AXcoOmR19FFkw1FvfJ5vA1bm8AHNJjwrJ6kPDjnOekop4wi7jGaBsrm4zVgFgUrcu-70uK8_VX2HxRt7RUi8aQi8i-28yiZGol4i_zU&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESELF8HQH12uWn03PuVQiD8uo?redir-setuniq=1&ext-param=AXcoOmR19FFkw1FvfJ5vA1bm8AHNJjwrJ6kPDjnOekop4wi7jGaBsrm4zVgFgUrcu-70uK8_VX2HxRt7RUi8aQi8i-28yiZGol4i_zU&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELF8HQH12uWn03PuVQiD8uo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 275

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDKLziLg_i5ll9s1m23izvw&google_cver=1&google_push=AXcoOmSXRrGP2qiL1p5xOaheLs3hd-pAjMv2L3Axj24XJs_BgkpCK8TIXg_98XNjA4XslNNsYje8eZIYS-mtu7EMfrJPQF9RgvuGGlc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGY3ZTY0YzAtNjAxYi00ZDgzLWIxNjItMzhmOTlhOWY5ODA5&google_push=AXcoOmSXRrGP2qiL1p5xOaheLs3hd-pAjMv2L3Axj24XJs_BgkpCK8TIXg_98XNjA4XslNNsYje8eZIYS-mtu7EMfrJPQF9RgvuGGlc HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 276

https://sync.gonet-ads.com/match/google?google_gid=CAESEC07j-SP6xEPn2WipMawk6E&google_cver=1&google_push=AXcoOmSfvC9FMYqfca_F-T0ecd-6nB8ahu7XdKLpgszFYsNxu_EoQgrC85WTPs1oLqJQc5ym_KxEcUwE_8FF00HKQKdOdw1ui_PicLvI HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEC07j-SP6xEPn2WipMawk6E&google_cver=1&google_push=AXcoOmSfvC9FMYqfca_F-T0ecd-6nB8ahu7XdKLpgszFYsNxu_EoQgrC85WTPs1oLqJQc5ym_KxEcUwE_8FF00HKQKdOdw1ui_PicLvI&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1Yjk4YzYzMzBhM2RhMw&google_push=AXcoOmSfvC9FMYqfca_F-T0ecd-6nB8ahu7XdKLpgszFYsNxu_EoQgrC85WTPs1oLqJQc5ym_KxEcUwE_8FF00HKQKdOdw1ui_PicLvI HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1Yjk4YzYzMzBhM2RhMw&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 279

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_cver=1&google_push=AXcoOmTURVZk0n6LqI9OhHw7tQW4ADRfAhZmgI9GSIaOVA_kpNlIPjOtmHfnq_ntDd8xRFZeYPumkNEy5d-8wIFIIgtleYasjJLYmnc HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=62c13b3243be2034&is_secure=true&networkId=14000&version=1&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_cver=1&google_push=AXcoOmTURVZk0n6LqI9OhHw7tQW4ADRfAhZmgI9GSIaOVA_kpNlIPjOtmHfnq_ntDd8xRFZeYPumkNEy5d-8wIFIIgtleYasjJLYmnc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALcOH-_uOtqQNco_pzAAAAAAA&expiration=1694555851&google_cver=1&is_secure=true&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_push=AXcoOmTURVZk0n6LqI9OhHw7tQW4ADRfAhZmgI9GSIaOVA_kpNlIPjOtmHfnq_ntDd8xRFZeYPumkNEy5d-8wIFIIgtleYasjJLYmnc

Request Chain 280

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmQnT97JvWpi6jq_TRTiEBh33TvwzeGMUaPKsASgwCPSi0feHnU16EBIcuRQa63dIQjHHBwvPfFbvEc07rvCEfu7rkveaKvcnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQnT97JvWpi6jq_TRTiEBh33TvwzeGMUaPKsASgwCPSi0feHnU16EBIcuRQa63dIQjHHBwvPfFbvEc07rvCEfu7rkveaKvcnA&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=sp1

Request Chain 281

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmQ6yzgm1rQQCz_njpwQYShei8VRfY1Oo_qQ1jAXoemd6VGQQE4VoIt1JylHScTqmb1f4ildC_oz_0u7ibDP1qA5BHpEbFbHsB8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTM0YWEzMTYtYjQ0NS00NmRiLThkYTctMGQyZWQ4ZmVhYmM3&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmQ6yzgm1rQQCz_njpwQYShei8VRfY1Oo_qQ1jAXoemd6VGQQE4VoIt1JylHScTqmb1f4ildC_oz_0u7ibDP1qA5BHpEbFbHsB8

Request Chain 282

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELuV2AvZb7s8HCcqWpsF-3c&google_cver=1&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUYAZMUOg4ouvhrvU-dw HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELuV2AvZb7s8HCcqWpsF-3c&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUYAZMUOg4ouvhrvU-dw&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUYAZMUOg4ouvhrvU-dw&google_hm=Z1N6T1VuV0NMRkd5aHNtVVVFY24=

Request Chain 283

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEKC7kZ3Z2_alZH_PWMoZ3Jc&google_cver=1&google_push=AXcoOmSsiIMpZc5DPLHc6lbiGdpvCaTGlOj0nEiSMhp_BvaQffqE3hkvXaTHEHOZ6wXjVgTx0Xdiy7AoPGMdRvKTkk52qc0ECtmvZNU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmSsiIMpZc5DPLHc6lbiGdpvCaTGlOj0nEiSMhp_BvaQffqE3hkvXaTHEHOZ6wXjVgTx0Xdiy7AoPGMdRvKTkk52qc0ECtmvZNU

Request Chain 285

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED3duPYgbOLr9JvKO6UZLZQ&google_cver=1&google_push=AXcoOmSgSNnZ_gCGsSgCvEGn0_Xg_x59mBwTVwr6F3u5C1SRKAFtyplgxDuDPIXI3xWRHlI1Zw5x9_ICm-_Ty7ghyHsJX_qi8pOtng4Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSgSNnZ_gCGsSgCvEGn0_Xg_x59mBwTVwr6F3u5C1SRKAFtyplgxDuDPIXI3xWRHlI1Zw5x9_ICm-_Ty7ghyHsJX_qi8pOtng4Q&google_hm=QlMuYjMzMy04NjNmLTQ4NmMtOWQ3Nw==

Request Chain 289

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 291

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 293

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce6gfSI3_ZMxglKOm3w_FporAC4y59exyqrWd05IRsdKBvOcCEAEgobC9L2CJ28WE9BOgAfOww8YDyAEJqAMByAPLBKoE9gFP0A_AmI3pjzI8STVNk4GwnZUI1Gl7xg0zXUA4W74GEcfiu7PYwftOjUTyA2vUNKf3XFjkmqdAUPDNqtk3bZzxlyAX0_MRbk8apUCh-9nf80ZLWW0YILUl1an5UidTZBW0mjnfppnIn1CgVTRoCbn5-QoJEBlqsppb-H7hOtnftGnV9T3rtjYl521K799f5EmKhIxwfd5zCeKA7WHPJcG7XJNt21A3bLU7e90XDmiitg0WEucYY_UVRVXq2CbMIqtZB3GqIfLRXE09Y2Eq9Gkg42SPQh3ycr3POBW9g1KrJd0WHvuub0DXJMyccXndKWFy4bEtrwDABIP45tazA4gFm-P80S2SBQQIBBgBkgUECAUYBKAGLoAHuNjdswGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCbjkfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJzQNodHRwczovL3d3dy5hdXRvZGVzay5jby5qcC9wcm9kdWN0cy9mdXNpb24tMzYwL292ZXJ2aWV3P21rdHZhcjAwMj01MDIyNDM3JTdjRFNQJTdjMjkxNzIzMDAlN2MzNTgxNzQwNzUlN2MxODU1ODk0NzUmdXRtX3NvdXJjZT1HRE4mdXRtX21lZGl1bT1EaXNwbGF5JnV0bV9jYW1wYWlnbj1GWTI0X0VHX0QtTV9KYXBhbl9KUF9GdXNpb24tMzYwJnV0bV9pZD01MDIyNDM3JnV0bV90ZXJtPUdETl9ELU1fRnVzaW9uLTM2MF9KYXBhbl9KUF9WaXNpdHNfUFJfQ1BDXzF4MV9EVF9TVEFfMDAwOV81MDIyNDM3X1Byb3NwZWN0aW5nLU1hc3NUYXJnZXRpbmctTkEtUTFGWTI0LUV2ZXJncmVlbi1OQS1GWTIzQVBSUFJPLVNtYXJ0RGlzcGxheSZlZl9pZD17Z2NsaWR9Okc6cyZzX2t3Y2lkPUFMITExMTcyITMhNjQ2MjY2Nzg2MTUzISFjcnlwdG8ubGl2ZXJ0YWRxdWVzdC5jb20hZCEhITEyMjUxNTA5MTQ3ITExNjk1MTQ2NDk2M4AKAcgLAdoMEQoLEODph4Lmhvu1zAESAgEDuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi03NTYyMjcyNDY1NjExMzc3GAA&sigh=Bn7SSg8RyCU&uach_m=[UACH]&ase=2&cid=CAQSKQBpAlJWkS4f58h_G22UDVCtpPN1ieIJX1mHk3zw1ShkiYkceE52lXNnGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6eabccf552a8cb420000000000000000%22,%222%22:%220xaed56a9b950a7730000000000000000%22,%223%22:%220x9745b881e8c5fed40000000000000000%22,%224%22:%220x1e8786855cfdb82c0000000000000000%22,%225%22:%220x842c067cf2bfa4680000000000000000%22},%22debug_key%22:%2212546897442936889035%22,%22debug_reporting%22:true,%22destination%22:%22https://autodesk.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22953210995%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213770422695475229025%22}&andc=true

Request Chain 294

https://ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/B29172300.358174075;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/B29172300.358174075;dc_pre=CImuhM3Go4EDFR1XlgodNXYCWA;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Request Chain 301

https://pixel.rubiconproject.com/exchange/sync.php?p=united&khaos=LMFFCZC1-28-3Q6B HTTP 302
https://sync.ad-stir.com/?symbol=RUBICON&uid=LMFFCZC1-28-3Q6B

Request Chain 302

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=&expires=30

Request Chain 303

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1GRkNaQzEtMjgtM1E2Qg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELnqF7jrBG_mg-vrjnQL8VI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1GRkNaQzEtMjgtM1E2Qg==&google_push=

Request Chain 304

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L1dIXQu8StOCHrMGsFRkNA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L1dIXQu8StOCHrMGsFRkNA

Request Chain 305

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDFkMGU1OWExYTEwMGM4MTg1ZGE4Njc0YTMzZjA5MGMyNjY4NWQwYg

Request Chain 306

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMFFCZC1-28-3Q6B

Request Chain 307

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_-jwNVYfUVOA9YhEnW-gs&google_cver=1

Request Chain 308

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8tuzmvCrSy-Q-buYU0lpBA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8tuzmvCrSy-Q-buYU0lpBA

Request Chain 309

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/iqYKB1EU24Rgg8eM-6XziMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.v6YyBE2oLO9WAfF1cOiaA8Ut6fNQhCDwcKwg--~A

Request Chain 319

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937571650038870676&gdpr=0&gdpr_consent=

Request Chain 320

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=

Request Chain 322

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b0cd063de5674455a17038a9c584b4ed

Request Chain 323

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP_NSwAMatN2vgA4

Request Chain 325

https://gocm.c.appier.net/pubmatic HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PPhyzYqVBqWLuaScSI3_ZA

Request Chain 326

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU27d0c64fb3e54c558674fd9fd740378f

Request Chain 327

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ibiryozmca5z

Request Chain 329

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:It4OykU51QFOUs5&gdpr=0&gdpr_consent=

Request Chain 330

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=

334 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
crypto.livertadquest.com/
Redirect Chain

http://crypto.livertadquest.com/
https://crypto.livertadquest.com/

235 KB
43 KB

1263ms
1204ms

Document
text/html

183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 927df156b92d46ada649d6ec2d110dda9ab0b9d275df6e0b07f6273b0a33d3ee

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:26 GMT
link: <https://crypto.livertadquest.com/wp-json/>; rel="https://api.w.org/", <https://crypto.livertadquest.com/wp-json/wp/v2/pages/32>; rel="alternate"; type="application/json", <https://crypto.livertadquest.com/>; rel=shortlink
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Sep 2023 21:57:24 GMT
Location: https://crypto.livertadquest.com/
Server: nginx
X-Redirect-By: WordPress

GET
H2 200 style.async.min.css
crypto.livertadquest.com/wp-content/themes/luxeritas/ 1 KB
789 B 24ms
23ms Stylesheet
text/css 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/themes/luxeritas/style.async.min.css?v=1653061357
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 15:42:37 GMT
server: nginx
etag: W/"525-5df735708fa76"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 icomoon.woff2
crypto.livertadquest.com/wp-content/themes/luxeritas/fonts/icomoon/fonts/ 4 KB
4 KB 39ms
38ms Font
application/octet-stream 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/themes/luxeritas/fonts/icomoon/fonts/icomoon.woff2
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67

Request headers

Referer: https://crypto.livertadquest.com/
Origin: https://crypto.livertadquest.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
last-modified: Sat, 05 Mar 2022 00:03:47 GMT
server: nginx
accept-ranges: bytes
etag: "eb8-5d96d5d8d9677"
content-length: 3768

GET
H2 200 styles.css
crypto.livertadquest.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 38ms
36ms Stylesheet
text/css 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Sun, 06 Aug 2023 12:02:00 GMT
server: nginx
etag: W/"b2b-6023fe5b18112"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 wpp.css
crypto.livertadquest.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 2 KB
716 B 38ms
36ms Stylesheet
text/css 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 12:31:04 GMT
server: nginx
etag: W/"688-6040efc02d294"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
crypto.livertadquest.com/wp-content/plugins/yyi-rinker/css/ 15 KB
3 KB 37ms
36ms Stylesheet
text/css 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/yyi-rinker/css/style.css?v=1.10.2
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 7763cf61ef887eab9387b512247ceb8dcf43bf89125c3709ba5d3f33627a85a2

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Mon, 10 Jul 2023 12:44:30 GMT
server: nginx
etag: W/"3de6-6002157faa26c"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 388ms
18ms Script
text/javascript 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 13:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Sep 2024 13:24:16 GMT

GET
H2 200 luxech.js Show response
crypto.livertadquest.com/wp-content/themes/luxech/ 160 B
302 B 23ms
23ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/themes/luxech/luxech.js?v=1694469445
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 2cb51c013da8aab090a4545424777417b0ef02a5b0a9565c0aec547b99974e52

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
last-modified: Sat, 05 Mar 2022 00:04:10 GMT
server: nginx
accept-ranges: bytes
etag: "a0-5d96d5ee7fa40"
content-length: 160
content-type: application/javascript

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
461 B 495ms
19ms Script
application/javascript 23.39.216.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.216.185 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=130
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 203

GET
H2 200 tooltip.min.css
crypto.livertadquest.com/wp-content/plugins/enhanced-tooltipglossary/assets/css/ 13 KB
4 KB 28ms
25ms Stylesheet
text/css 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/enhanced-tooltipglossary/assets/css/tooltip.min.css
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 65c748d689c0545d4daac37cd3ca006df12762c288c9d22ec083909e958f56d6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Mon, 10 Jul 2023 12:44:22 GMT
server: nginx
etag: W/"330d-60021577efa48"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 dashicons.min.css
crypto.livertadquest.com/wp-includes/css/ 58 KB
35 KB 28ms
26ms Stylesheet
text/css 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-includes/css/dashicons.min.css
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Wed, 23 Feb 2022 03:24:21 GMT
server: nginx
etag: W/"e688-5d8a700604340"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 comment-reply.min.js Show response
crypto.livertadquest.com/wp-includes/js/ 3 KB
2 KB 39ms
37ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-includes/js/comment-reply.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Thu, 26 May 2022 00:15:56 GMT
server: nginx
etag: W/"ba5-5dfdf17fcbab0"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 lazysizes.min.js Show response
crypto.livertadquest.com/wp-content/plugins/ewww-image-optimizer/includes/ 15 KB
6 KB 42ms
40ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/ewww-image-optimizer/includes/lazysizes.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Sun, 06 Aug 2023 01:28:42 GMT
server: nginx
etag: W/"3d9e-602370cdc44c7"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
crypto.livertadquest.com/wp-content/plugins/contact-form-7/includes/swv/js/ 11 KB
3 KB 44ms
42ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Sun, 06 Aug 2023 12:02:00 GMT
server: nginx
etag: W/"2a12-6023fe5b190b2"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
crypto.livertadquest.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 42ms
40ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/contact-form-7/includes/js/index.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Sun, 06 Aug 2023 12:02:00 GMT
server: nginx
etag: W/"328f-6023fe5b18112"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 modernizr.min.js Show response
crypto.livertadquest.com/wp-content/plugins/enhanced-tooltipglossary/assets/js/ 2 KB
1 KB 42ms
40ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/enhanced-tooltipglossary/assets/js/modernizr.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: c2430eea46482d09798ced4106070b559f066b7784c179f0b5d9b27f2783d10e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Mon, 10 Jul 2023 12:44:22 GMT
server: nginx
etag: W/"933-60021577f09e8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 tooltip.min.js Show response
crypto.livertadquest.com/wp-content/plugins/enhanced-tooltipglossary/assets/js/ 107 KB
38 KB 43ms
42ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/enhanced-tooltipglossary/assets/js/tooltip.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: dbb38fedbbe46a4dbc2884610da14cd3b2b55c8e9eb216f5b1e04a4a3f618395

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Mon, 10 Jul 2023 12:44:22 GMT
server: nginx
etag: W/"1ad70-60021577f09e8"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 luxe.min.js Show response
crypto.livertadquest.com/wp-content/themes/luxeritas/js/ 32 KB
10 KB 25ms
25ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/themes/luxeritas/js/luxe.min.js?v=1653061356
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: fd99303a6c8f6d2e2ffabf0a350594470bf45dfc7537cd70d57744ee4b7218fb

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Fri, 20 May 2022 15:42:36 GMT
server: nginx
etag: W/"80cd-5df7356ea9300"
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK xserverv3.js Show response
webfonts.xserver.jp/js/ 129 KB
47 KB 118ms
56ms Script
application/javascript 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/js/xserverv3.js?fadein=0
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: dcfcb20b975fc2c0d0c597fdd7cdc22bc3d840d778914b35a57f1b78eaace340

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Jun 2023 02:25:53 GMT
Server: nginx
ETag: W/"647feab1-20391"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive

GET
H2 200 icon
fonts.googleapis.com/ 1 KB
698 B 129ms
51ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/wp-content/themes/luxeritas/js/luxe.min.js?v=1653061356

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

853d4e8ad9a4e64839e5630234bfa19ab3a3a646df4d7e139b108861932f9701

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:57:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:26 GMT

GET
H/1.1 200
OK ts Show response
webfonts.xserver.jp/3/tsad/check/ja/ 1 B
314 B 69ms
21ms Fetch
text/plain 202.226.37.225
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://webfonts.xserver.jp/3/tsad/check/ja/ts?K18MUcZzRRA%3D&ttl=8640000
Requested by: Host: webfonts.xserver.jp
URL: https://webfonts.xserver.jp/js/xserverv3.js?fadein=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.226.37.225 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: webmail.xserver.jp
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: cache
Date: Mon, 11 Sep 2023 21:57:26 GMT
Server: nginx
ETag: "typesquare-use-cache"
X-Cache-Status: HIT
Transfer-Encoding: chunked
Content-Type: text/plain;;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, s-maxage=8640000
Connection: keep-alive

GET
H2 200 wpp.min.js Show response
crypto.livertadquest.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 24ms
24ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:26 GMT
content-encoding: br
last-modified: Tue, 29 Aug 2023 12:31:04 GMT
server: nginx
etag: W/"1194-6040efc02e234"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
84 KB 628ms
248ms Script
application/javascript 142.250.196.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CC991QTBJE

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

2b5533ea0648aa4e0fbe223c3d96319225fdb32f313398eab89e1ed29197c59c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85525
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Sep 2023 21:57:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 444ms
64ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7562272465611377

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

dcd0d3bdc1828b4ed5f755b7a6565c19dca9ba24bc1f4d12bb25d29a6aa5ab25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Origin: https://crypto.livertadquest.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50803
x-xss-protection: 0
server: cafe
etag: 4736031805417428106
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:27 GMT

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7e41a6b43ea557200708381da42b534a54094127164a25a6a0db8868821ce822

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7191dc44a4f02d1ce10f78f5c556e825bccbfb7fa479c798182b1e33cf545a1

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 851f7da104017908bc0e287ad727b2f2d6b9c1fca777d07852f321fb4f9ac5d4

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9a13c6f00d420eb6eb2463e82e3de3e26cb9c030035c52dd7311d6b7b963f04

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 86 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38b22a096e864f48a5e7d337f5fbf07551981e16fe17bdc93510d749e2b4eb6c

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 105 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2385bba830ec5cc4a1a0e398c58a0703ee86443f42c131b4682b09a45e6e7a1f

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 146 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d1c2d28818efea3814be4db58e605968ff98e31bcde0628c44d9d53219499e5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ea53735a55ae60e60ea3da344a0e36fbf12c3cf2d1d3d977a83ea765c7e2b93

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b742aa486fbd2ef3b169e8e933ebf38c3a493855d89d6a61f94e6f524232f8f3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 145 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 338ea14569d03db8693c3e69b0141142f888038ba00dbc8c26114b212308a4ed

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 98 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 877325977f7b21eb8eea2017011e1f37ccf2d0b431c60a282ab9215020131551

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 146 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76d0b9990965e0b47d7df4da43f4443a401dfa59c12c4fa1d45dc50befc589a5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK bbcedb5e5aacc603fb3a99afb8911f40 Show response
adm.shinobi.jp/s/ 428 B
770 B 55ms
14ms Script
application/javascript 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://adm.shinobi.jp/s/bbcedb5e5aacc603fb3a99afb8911f40
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: d7502230a5faa6a7c3333a5229324a62fa31ea041beea8617bcf265de7274cc9

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: application/javascript;charset=utf-8
Date: Mon, 11 Sep 2023 21:57:26 GMT
Server: openresty
Connection: keep-alive
Content-Length: 428
P3P: CP='UNI CUR OUR'

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 125 KB
126 KB 392ms
16ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons|Material+Icons+Outlined&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://crypto.livertadquest.com
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 16:46:12 GMT
x-content-type-options: nosniff
age: 191475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
x-xss-protection: 0
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 16:46:12 GMT

GET
BLOB 200
OK 97352ab1-7510-4127-8f58-9f55cbb08055
https://crypto.livertadquest.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://crypto.livertadquest.com/97352ab1-7510-4127-8f58-9f55cbb08055
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2

200

12.js Show response
cnobi.jp/v1/admax/ssp/js/s/
Redirect Chain

https://adm.shinobi.jp/st/s.js
https://cnobi.jp/v1/admax/ssp/js/s/12.js

28 KB
7 KB

106ms
51ms

Script
application/javascript

138.113.138.167
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://cnobi.jp/v1/admax/ssp/js/s/12.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 138.113.138.167 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: b52c2dcdecea3329aa34907039f8b6f871b5fb51ed7ac8444596bd5530cd2992

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: gzip
via: 1.1 PSrbJP1de68:4 (W), 1.1 PSrbdbOSA2fy102:14 (W)
server: PWS/8.3.1.0.8
age: 5960403
etag: CIiFyPvBr/MCEAE=
x-ws-request-id: 64ff8d47_PSrbdbOSA2kr101_46224-55378
content-type: application/javascript
cache-control: max-age=31536000
x-px: ht PSrbdbOSA2fy102KIX

Redirect headers

Location: https://cnobi.jp/v1/admax/ssp/js/s/12.js
Date: Mon, 11 Sep 2023 21:57:26 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK sync Show response
adm.shinobi.jp/ 238 B
410 B 13ms
13ms Script
application/javascript 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://adm.shinobi.jp/sync?callback=window.__admax_render__.render_sync&sc=1
Requested by: Host: adm.shinobi.jp
URL: https://adm.shinobi.jp/st/s.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: c42bd0b8557cf05f9ef1bda0125e383823af4de5dd788adcb5774fd477b96e6f

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Content-Length: 238
Content-Type: application/javascript;charset=utf-8

GET
H/1.1 200
OK bbcedb5e5aacc603fb3a99afb8911f40 Show response
adm.shinobi.jp/b/ 1 KB
1 KB 36ms
23ms Script
application/javascript 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://adm.shinobi.jp/b/bbcedb5e5aacc603fb3a99afb8911f40?sid=1fqt22f8k&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&referrer=&du=https%3A%2F%2Fcrypto.livertadquest.com%2F&if=false&ic=false&olp=&fv=true&bid=921d2d42-47ea-4849-a804-70316d6ac561&callback=window.__admax_render__.render_banner&sc=1&tm=0&rand=26561098150
Requested by: Host: adm.shinobi.jp
URL: https://adm.shinobi.jp/st/s.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cddea78521f704bd0a543cfa439c1d91720674ae9f8574dbee11d7245e19c7ae

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Content-Length: 1281
Content-Type: application/javascript;charset=utf-8

GET
DATA 200
OK truncated
/ 91 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38fdc998014a26e4d67a9a41b13ebe3317be503824b9c12e52b3fdb28f8dca82

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 LVcoin-1-e1649139560310.png
crypto.livertadquest.com/wp-content/uploads/2022/04/ 2 KB
2 KB 25ms
24ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/04/LVcoin-1-e1649139560310.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 37a2c471e6814d7d84660197ca6869f2199621fe99ea0919eade5565aa5ca7df

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Tue, 05 Apr 2022 06:19:20 GMT
server: nginx
accept-ranges: bytes
etag: "857-5dbe239b56b67"
content-length: 2135
content-type: image/png

GET
H2 200 site_logo-2.jpg
crypto.livertadquest.com/wp-content/uploads/2022/04/ 72 KB
72 KB 43ms
42ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/04/site_logo-2.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: a8a48929789088a0f5b224e1c194ffd5633362acc1f1114e02617eb0e38d87d4

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Tue, 05 Apr 2022 11:35:20 GMT
server: nginx
accept-ranges: bytes
etag: "120c5-5dbe6a3c62be4"
content-length: 73925
content-type: image/jpeg

GET
H2 200 beginner.jpg
crypto.livertadquest.com/wp-content/uploads/2022/04/ 66 KB
66 KB 42ms
41ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/04/beginner.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: aa0d283fc8b5811a64c0179016185dc8ca4e6b211cac990c29ed5a43a9cc5c12

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Tue, 05 Apr 2022 07:24:13 GMT
server: nginx
accept-ranges: bytes
etag: "1075a-5dbe321b65864"
content-length: 67418
content-type: image/jpeg

GET
H2 200 correlation_coefficient2-100x100.jpg
crypto.livertadquest.com/wp-content/uploads/2022/05/ 2 KB
3 KB 74ms
74ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/05/correlation_coefficient2-100x100.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 61c2e5ce97a05b707117444f5c81ab9d71b14a103dc5c6e744eed7052fba1fc6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 21 May 2022 05:23:32 GMT
server: nginx
accept-ranges: bytes
etag: "9b7-5df7ececea5db"
content-length: 2487
content-type: image/jpeg

GET
H2 200 2 Show response
crypto.livertadquest.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/ 7 KB
2 KB 91ms
91ms XHR
application/json 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://crypto.livertadquest.com/wp-json/wordpress-popular-posts/v1/popular-posts/widget/2?is_single=0

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),

Reverse DNS

sv2302.xserver.jp

Software

nginx /

Resource Hash

737dee49154ec829b9486824fe253106551d44531b8f58e6f38d45c84d617d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://crypto.livertadquest.com/
X-Requested-With: XMLHttpRequest
accept-language: jp-jp,jp;q=0.9
X-WP-Nonce: 07e6f93584
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding, Origin
allow: GET
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
x-robots-tag: noindex
link: <https://crypto.livertadquest.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: 07e6f93584

GET
H2 200 wp-emoji-release.min.js Show response
crypto.livertadquest.com/wp-includes/js/ 18 KB
5 KB 49ms
48ms Script
application/javascript 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://crypto.livertadquest.com/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: br
last-modified: Sun, 06 Aug 2023 12:01:30 GMT
server: nginx
etag: W/"4904-6023fe3f1feff"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
18 KB 16ms
15ms Script
application/javascript 23.39.216.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.23945635023606027
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.216.185 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=130
accept-ranges: bytes
content-length: 18679

GET
H2 200 control Show response
sync.shinobi.jp/v2/sync/ 245 B
598 B 61ms
23ms Script
text/javascript 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.shinobi.jp/v2/sync/control
Requested by: Host: adm.shinobi.jp
URL: https://adm.shinobi.jp/st/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: f677bc04d5703de673e0a9bc9edf097e4f34e9057268cb81032e1ebfc0e183fb

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
server: openresty
p3p: CP='UNI CUR OUR'
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: no-cache , must-revalidate
content-length: 245
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cookiesync
adm.shinobi.jp/bidswitch/
Redirect Chain

https://x.bidswitch.net/sync?ssp=admax
https://x.bidswitch.net/ul_cb/sync?ssp=admax
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=admax&bsw_custom_parameter=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=283&user_id=8eb25524-3a98-4403-a228-0ebb3dbbf96c&expires=1&user_group=2&ssp=admax&bsw_param=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=
https://adm.shinobi.jp/bidswitch/cookiesync?dspid=8976e206-0475-47ac-be13-7c549fda367a

43 B
379 B

16ms
16ms

Image
image/gif

202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adm.shinobi.jp/bidswitch/cookiesync?dspid=8976e206-0475-47ac-be13-7c549fda367a
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 11 Sep 2023 21:57:28 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP='UNI CUR OUR'

Redirect headers

Location: //adm.shinobi.jp/bidswitch/cookiesync?dspid=8976e206-0475-47ac-be13-7c549fda367a
Date: Mon, 11 Sep 2023 21:57:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

receive_sync
bypass.ad-stir.com/
Redirect Chain

https://bypass.ad-stir.com/push_sync?xid=admax
https://adm.shinobi.jp/bypass/sync?buid=693f6d27-29fe-47c7-8a40-98033e8aea53
https://bypass.ad-stir.com/receive_sync?ssp=admax&uid=2e7da4ac-c00e-4393-80fb-4a74339c0388

43 B
193 B

41ms
41ms

Image
image/gif

54.95.135.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bypass.ad-stir.com/receive_sync?ssp=admax&uid=2e7da4ac-c00e-4393-80fb-4a74339c0388
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 54.95.135.115 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-135-115.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 11 Sep 2023 21:57:27 GMT
cache-control: no-store
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location: https://bypass.ad-stir.com/receive_sync?ssp=admax&uid=2e7da4ac-c00e-4393-80fb-4a74339c0388
Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Content-Length: 0
P3P: CP='UNI CUR OUR'

GET
H/1.1 200
OK sync
sync.fout.jp/ 43 B
527 B 53ms
22ms Image
image/gif 202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=ninja

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

202.232.238.37 Tokyo, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:27 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H2

200

1.js Show response
cnobi.jp/v1/admax/pb/js/r/ Frame F629
Redirect Chain

https://pb.shinobi.jp/st/r.js
https://cnobi.jp/v1/admax/pb/js/r/1.js

2 KB
1 KB

21ms
21ms

Script
application/javascript

138.113.138.167
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://cnobi.jp/v1/admax/pb/js/r/1.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 138.113.138.167 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: a5f1c2a21b51ce64213655ba2f701f591423438c92028e2b36fafa91089a7243

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: gzip
via: 1.1 PSrbdbOSA2gh42:9 (W), 1.1 PSrbdbOSA2kr101:18 (W)
server: PWS/8.3.1.0.8
age: 2144203
etag: CPe/lML4pOcCEAE=
x-ws-request-id: 64ff8d47_PSrbdbOSA2kr101_46224-55396
content-type: application/javascript
cache-control: max-age=31536000
x-px: ht PSrbdbOSA2kr101KIX

Redirect headers

Location: https://cnobi.jp/v1/admax/pb/js/r/1.js
Date: Mon, 11 Sep 2023 21:57:27 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK 59d1b38474724100170d9728 Show response
pb.shinobi.jp/t/ Frame F629 6 KB
6 KB 60ms
22ms Script
application/javascript 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.shinobi.jp/t/59d1b38474724100170d9728?rid=b002e526-605b-4f9b-8ed7-ec7c49e73c3a&skey=bbcedb5e5aacc603fb3a99afb8911f40&site=http%3A%2F%2Fcrypto.livertadquest.com%2F
Requested by: Host: adm.shinobi.jp
URL: https://adm.shinobi.jp/st/s.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: 07531fe6b1a5218c4e925d54b21e07896e31a3a6e56dc8e610eab618933f180e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

GET
H/1.1 200
OK ib
adm.shinobi.jp/ 43 B
206 B 14ms
14ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adm.shinobi.jp/ib?c=-dIwTgNMU4v50GrRXhHI2s-fmrgh1FkP5HuwhJbY7wa1z2HFDmgiAKUrpBW9Wm7agsiaW4ndRhHLRGhrC0w3GfX2m0fwlFV3MAkavIX4WoRG61FRgOCvwaaERGq63Dv-vOoMawR7Yc7M2a_2oEJjiwAqoLxTadTQWGK5W46v4Px9KUO_zWEdesGTzqemI9VNfP78KKecFdt8YJe8-UAtC_bnFippxuszqy8zorCucxY9IBeJggDSqYL8hhmKRUqV00sDUqydX7kmrp3up0CUEDRsVtp_bznW&i=6QUFqAgn
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 multi Show response
sync.shinobi.jp/v2/sync/ 213 B
413 B 57ms
56ms Script
text/javascript 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.shinobi.jp/v2/sync/multi?1694469447220
Requested by: Host: sync.shinobi.jp
URL: https://sync.shinobi.jp/v2/sync/control
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: a736f46bf7b1853368d39a159ce724adff948daaae4c3484b9615ad828220835

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
server: openresty
p3p: CP='UNI CUR OUR'
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: no-cache , must-revalidate
content-length: 213
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 jstag Show response
samuraifactory-d.openx.net/w/1.0/ Frame F5D4 49 KB
18 KB 104ms
66ms Script
text/javascript 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://samuraifactory-d.openx.net/w/1.0/jstag
Requested by: Host: pb.shinobi.jp
URL: https://pb.shinobi.jp/st/r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d78e38d21391cea71129bf873dde6914e94e0e3c133b3020d5230cf1c348ab20

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept-Encoding
content-type: text/javascript
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18073
expires: Mon, 11 Sep 2023 22:57:27 GMT

GET
H/1.1 200
OK fr
pb.shinobi.jp/ Frame F629 43 B
187 B 13ms
13ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb.shinobi.jp/fr?c=g6lSZXF1ZXN0SUTZJGIwMDJlNTI2LTYwNWItNGY5Yi04ZWQ3LWVjN2M0OWU3M2MzYaZUYWdLZXmzc3NwLWRlZmF1bHQtMzAweDI1MKlGaWxsZXJLZXmwc3NwLWRmLTMwMC1vcGVueA%3D%3D
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 choice-150x150.jpg
crypto.livertadquest.com/wp-content/uploads/2022/04/ 2 KB
2 KB 31ms
30ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/04/choice-150x150.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: aa64ed9b7879dad1189251f887cffd63d0c7addd427e2df0d7200e93ec943267

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sun, 03 Apr 2022 05:33:49 GMT
server: nginx
accept-ranges: bytes
etag: "8d7-5dbb95b3d6803"
content-length: 2263
content-type: image/jpeg

GET
H2 200 economic_indicators2.jpg
crypto.livertadquest.com/wp-content/uploads/2022/05/ 36 KB
36 KB 49ms
48ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/05/economic_indicators2.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 04d58ee346b8f4ccb0b9fe49cb4e62a417c94cd9ddbb120f2b173ec676c58f11

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sun, 15 May 2022 05:47:20 GMT
server: nginx
accept-ranges: bytes
etag: "9031-5df0670e79969"
content-length: 36913
content-type: image/jpeg

GET
H2 200 information_gathering_eyecatch.jpg
crypto.livertadquest.com/wp-content/uploads/2022/03/ 69 KB
69 KB 55ms
55ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/information_gathering_eyecatch.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 33a9742a2e2c2e6c044f55b85f19df6cd06289ec588566e144e4e88235244450

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Wed, 06 Apr 2022 23:41:00 GMT
server: nginx
accept-ranges: bytes
etag: "1140f-5dc04e4d63fb2"
content-length: 70671
content-type: image/jpeg

GET
H2 200 classifications-150x150.jpg
crypto.livertadquest.com/wp-content/uploads/2022/04/ 6 KB
6 KB 48ms
48ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/04/classifications-150x150.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: cd8627e1180617338a9da9917a5da5208e97bee79f14fba42c9bcbbba71d736c

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sun, 03 Apr 2022 04:47:57 GMT
server: nginx
accept-ranges: bytes
etag: "18cf-5dbb8b7310e36"
content-length: 6351
content-type: image/jpeg

GET
H2 200 investment_trade2.jpg
crypto.livertadquest.com/wp-content/uploads/2022/03/ 25 KB
25 KB 47ms
47ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/investment_trade2.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 2604e0cac28f89beb89cf1f82889c79198bdee35fb99bfe5067839923fb32ace

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Fri, 15 Apr 2022 05:08:05 GMT
server: nginx
accept-ranges: bytes
etag: "6410-5dcaa654b48b2"
content-length: 25616
content-type: image/jpeg

GET
H2 200 BTC.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 3 KB
3 KB 43ms
42ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/BTC.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:56:53 GMT
server: nginx
accept-ranges: bytes
etag: "a83-5d97753c1d33b"
content-length: 2691
content-type: image/png

GET
H2 200 ETC.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 3 KB
3 KB 42ms
40ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/ETC.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 197d89841a477d39db6113cb9b1303bf5443a713f45d1c5c851438dee94691a5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:57:15 GMT
server: nginx
accept-ranges: bytes
etag: "abc-5d977551702fc"
content-length: 2748
content-type: image/png

GET
H2 200 USDT.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 2 KB
3 KB 46ms
44ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/USDT.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: eb658766bc0865b719c76913b6b82ba32d0e14660216bf8d6d3953e30ad3e06d

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:56:55 GMT
server: nginx
accept-ranges: bytes
etag: "9a9-5d97753e84ecb"
content-length: 2473
content-type: image/png

GET
H2 200 BNB.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 977 B
1 KB 43ms
42ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/BNB.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: d012510a809dc3c1ae6c56bc32f90440eb9f87baee6b46e97efb35a5f95b14fa

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:57:08 GMT
server: nginx
accept-ranges: bytes
etag: "3d1-5d97754adc97c"
content-length: 977
content-type: image/png

GET
H2 200 USDC.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 485 B
619 B 44ms
42ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/USDC.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 168f8adeb65230b33cdd8c14f97da4109a91ea86884791af5d7b66391c4e510f

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:57:24 GMT
server: nginx
accept-ranges: bytes
etag: "1e5-5d97755a03be5"
content-length: 485
content-type: image/png

GET
H2 200 XRP.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 2 KB
2 KB 44ms
43ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/XRP.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: cf4c3c2ec18de3d4dcd49151ffe00cb299f86fc98467cf806b9c447467935479

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:56:55 GMT
server: nginx
accept-ranges: bytes
etag: "91a-5d97753eccb3b"
content-length: 2330
content-type: image/png

GET
H2 200 LUNA.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 3 KB
3 KB 44ms
43ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/LUNA.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 6c6611b39d8ff91e082f758855e8e47e3d4f318676ce14aba85e73f64367d8cc

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:56:54 GMT
server: nginx
accept-ranges: bytes
etag: "a12-5d97753d5dc23"
content-length: 2578
content-type: image/png

GET
H2 200 ADA.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 3 KB
3 KB 42ms
41ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/ADA.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 1afb0f6bc912d6cbb446e068af974c5be4253d44ae0c6671e14087ceebe31733

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:57:32 GMT
server: nginx
accept-ranges: bytes
etag: "aac-5d9775617cd45"
content-length: 2732
content-type: image/png

GET
H2 200 SOL.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 1 KB
1 KB 45ms
44ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/SOL.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 8c363d8b637eefbaff48dc86a74f7da5f48a3b4463fd134d0d50cc633c219a50

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:57:23 GMT
server: nginx
accept-ranges: bytes
etag: "4eb-5d977558f480d"
content-length: 1259
content-type: image/png

GET
H2 200 AVAX-150x150.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 4 KB
4 KB 44ms
43ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/AVAX-150x150.png
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: ced914fdfff976939189a60d917d42aeb3ff1b99972e93526e11b6df9cbd58fc

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Sat, 05 Mar 2022 11:56:58 GMT
server: nginx
accept-ranges: bytes
etag: "105e-5d9775416d4f4"
content-length: 4190
content-type: image/png

GET
H/1.1

200
OK

cookiesync
adm.shinobi.jp/chikayo/
Redirect Chain

https://sync.shinobi.jp/v2/sync/multi/1001?1694469447320
https://adm.shinobi.jp/chikayo/cookiesync?uid=ea245533-9d9d-4230-9855-d57c43ee9774

43 B
379 B

18ms
17ms

Image
image/gif

202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adm.shinobi.jp/chikayo/cookiesync?uid=ea245533-9d9d-4230-9855-d57c43ee9774
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP='UNI CUR OUR'

Redirect headers

location: https://adm.shinobi.jp/chikayo/cookiesync?uid=ea245533-9d9d-4230-9855-d57c43ee9774
date: Mon, 11 Sep 2023 21:57:27 GMT
server: openresty
content-length: 0

GET
H/1.1

200
OK

set
sync.im-apps.net/imid/
Redirect Chain

https://sync.shinobi.jp/v2/sync/multi/1762?1694469447320
https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=ea245533-9d9d-4230-9855-d57c43ee9774

43 B
694 B

202ms
61ms

Image
image/gif

23.200.55.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=ea245533-9d9d-4230-9855-d57c43ee9774
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Server: 23.200.55.26 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-200-55-26.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Cache-Control: private, max-age=3000
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://sync.im-apps.net/imid/set?cid=10338&tid=sid&uid=ea245533-9d9d-4230-9855-d57c43ee9774
date: Mon, 11 Sep 2023 21:57:27 GMT
server: openresty
content-length: 0

GET
H2 200 2736
sync.shinobi.jp/v2/sync/multi/ 43 B
108 B 28ms
28ms Image
image/gif 202.228.215.63
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.shinobi.jp/v2/sync/multi/2736?1694469447320
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.63 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
server: openresty
content-length: 43
content-type: image/gif

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 379 KB
129 KB 458ms
91ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7562272465611377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9e1140f961a9de7f4fe1050404a294c50d76438b12b9b00f8bcb8fa81f75675f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131767
x-xss-protection: 0
server: cafe
etag: 8116700599470279804
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/ Frame C304 10 KB
5 KB 429ms
16ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7562272465611377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 17313
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 17:08:54 GMT
etag: 8554266389219770021
expires: Mon, 25 Sep 2023 17:08:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

acj Show response
samuraifactory-d.openx.net/w/1.0/ Frame F5D4
Redirect Chain

https://samuraifactory-d.openx.net/w/1.0/acj?ai=b066c0fb-92dc-4674-8a53-5ce2f0dc979f&o=942215385&callback=OX_942215385&ju=https%3A//crypto.livertadquest.com/&jr=&auid=539726660&dims=&adxy=&res=1600...
https://samuraifactory-d.openx.net/w/1.0/acj?cc=1&ai=b066c0fb-92dc-4674-8a53-5ce2f0dc979f&o=942215385&callback=OX_942215385&ju=https%3A//crypto.livertadquest.com/&jr=&auid=539726660&dims=&adxy=&res...

1 KB
654 B

65ms
64ms

Script
application/json

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://samuraifactory-d.openx.net/w/1.0/acj?cc=1&ai=b066c0fb-92dc-4674-8a53-5ce2f0dc979f&o=942215385&callback=OX_942215385&ju=https%3A//crypto.livertadquest.com/&jr=&auid=539726660&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-540&ws=300x250&ifr=1&tws=1600x1200&mt=1
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 0835a75ccd76849c8f446db7be45a6d0d443b638fe5320233cdfc7c929d69b75

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 633
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://samuraifactory-d.openx.net/w/1.0/acj?cc=1&ai=b066c0fb-92dc-4674-8a53-5ce2f0dc979f&o=942215385&callback=OX_942215385&ju=https%3A//crypto.livertadquest.com/&jr=&auid=539726660&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=-540&ws=300x250&ifr=1&tws=1600x1200&mt=1
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 cryptocurrency.jpg
crypto.livertadquest.com/wp-content/uploads/2022/04/ 66 KB
66 KB 30ms
28ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/04/cryptocurrency.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 79cecf704fc1b3e636adc55ffa1b45043066ec863211ba52b236d29173ce1f78

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Tue, 05 Apr 2022 07:24:03 GMT
server: nginx
accept-ranges: bytes
etag: "1070a-5dbe321237ea4"
content-length: 67338
content-type: image/jpeg

GET
H2 200 %E3%83%90%E3%82%A4%E3%83%8A%E3%83%B3%E3%82%B9%E3%82%B3%E3%82%A4%E3%83%B3_%E3%82%A2%E3%82%A4%E3%82%AD%E3%83%A3%E3%83%83%E3%83%81-%E3%82%B3%E3%83%94%E3%83%BC-100x100.jpg
crypto.livertadquest.com/wp-content/uploads/2022/05/ 3 KB
3 KB 31ms
31ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/05/%E3%83%90%E3%82%A4%E3%83%8A%E3%83%B3%E3%82%B9%E3%82%B3%E3%82%A4%E3%83%B3_%E3%82%A2%E3%82%A4%E3%82%AD%E3%83%A3%E3%83%83%E3%83%81-%E3%82%B3%E3%83%94%E3%83%BC-100x100.jpg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: d34f592d41bd6931e6b6f68901337dce4525db27870bbd336a2010019b727dbf

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
last-modified: Fri, 20 May 2022 06:37:28 GMT
server: nginx
accept-ranges: bytes
etag: "d3f-5df6bb96c9e6f"
content-length: 3391
content-type: image/jpeg

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 644A 128 KB
42 KB 367ms
28ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: pb.shinobi.jp
URL: https://pb.shinobi.jp/st/r.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 07 Sep 2023 09:22:37 GMT
server: nginx
etag: W/"64f9965d-1ffad"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:57:27 GMT

GET
H/1.1 200
OK fr
pb.shinobi.jp/ Frame F629 43 B
187 B 20ms
19ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb.shinobi.jp/fr?c=g6lSZXF1ZXN0SUTZJGIwMDJlNTI2LTYwNWItNGY5Yi04ZWQ3LWVjN2M0OWU3M2MzYaZUYWdLZXmzc3NwLWRlZmF1bHQtMzAweDI1MKlGaWxsZXJLZXmxc3NwLWRmLTMwMC1jcml0ZW8%3D
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 pd Show response
jp-u.openx.net/w/1.0/ Frame 9695 773 B
757 B 54ms
52ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Requested by: Host: samuraifactory-d.openx.net
URL: https://samuraifactory-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 5c3e995d7b1927fe3011cc8ac953b526a0d16f6840b114554d662708d781eb42

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 419
content-type: text/html
date: Mon, 11 Sep 2023 21:57:27 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 2406010a-e25a-a395-4463-a81ba6029b75
pr-bh.ybp.yahoo.com/sync/openx/ Frame 9695 43 B
602 B 674ms
176ms Image
image/gif 54.251.188.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/2406010a-e25a-a395-4463-a81ba6029b75?gdpr=0

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.188.116 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-188-116.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET openx
cs.nex8.net/cs/ Frame 9695 0
0

GET
H2

200

dds
rtb.openx.net/sync/ Frame 9695
Redirect Chain

https://rtb.openx.net/sync/dds
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=b5ftcttwiPKTwPJZikxshg==&ox_sc=1&ox_init=1
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=b5ftcttwiPKTwPJZikxshg==&ox_sc=1&ox_init=1&google_tc=
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

43 B
114 B

50ms
49ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: H2
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 9695
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1

43 B
243 B

69ms
16ms

Image
image/gif

220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: HTTP/1.1
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:27 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=openx&uid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9695
Redirect Chain

https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=

43 B
61 B

56ms
55ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9695
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0&gdpr_consent=

43 B
324 B

57ms
54ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0&gdpr_consent=
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=b0c1674e-72f6-31dc-75b4-beee5955563c&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 9695
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZP.NR8Co5r8AAFDYCeEAAAAA

43 B
61 B

54ms
54ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZP.NR8Co5r8AAFDYCeEAAAAA
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 11 Sep 2023 21:57:27 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"153.240.174.133","key":"ZP.NR8Co5r8AAFDYCeEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad403"}
X-SO-Key: ZP.NR8Co5r8AAFDYCeEAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad403
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZP.NR8Co5r8AAFDYCeEAAAAA
Cache-Control: private
X-SO-HostName: m-ad403.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 14
Content-Length: 0
X-SO-LB-Hostname: a-tgng40001.dc2p.scaleout.jp
X-SO-IP: 153.240.174.133

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 9695
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXmhGK4Q9uPEks8AD7P3uwYbE88AAAGKhj_gVQ

43 B
61 B

52ms
52ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXmhGK4Q9uPEks8AD7P3uwYbE88AAAGKhj_gVQ
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 f10b600ea97ac09e072e022f40ed7078.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-P1
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AXmhGK4Q9uPEks8AD7P3uwYbE88AAAGKhj_gVQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: 60psesZiy0mBhugktgifZomu3OkptUbvywbO0lu4Qf94Rf1f1EI4uQ==
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9695
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhZWI0ODQtYmI4MS02Zjc4LTYwNTQtZTQ1NzkzYjc5ODVj
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhZWI0ODQtYmI4MS02Zjc4LTYwNTQtZTQ1NzkzYjc5ODVj&google_tc=

170 B
243 B

56ms
49ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhZWI0ODQtYmI4MS02Zjc4LTYwNTQtZTQ1NzkzYjc5ODVj&google_tc=

Requested by

Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWNhZWI0ODQtYmI4MS02Zjc4LTYwNTQtZTQ1NzkzYjc5ODVj&google_tc=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 9695
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOb5ndJLZnCPj3Ls1p_whE0&google_cver=1

43 B
61 B

54ms
53ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOb5ndJLZnCPj3Ls1p_whE0&google_cver=1
Requested by: Host: jp-u.openx.net
URL: https://jp-u.openx.net/w/1.0/pd?plm=10&ph=b5e390a7-68d2-4572-9d9f-8a713d0693d0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://jp-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:27 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOb5ndJLZnCPj3Ls1p_whE0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 171 KB
63 KB 241ms
240ms Script
application/javascript 142.250.196.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-223172710-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CC991QTBJE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a9f3561245058ff3d41ffcc1249ecf64998d4661e0a1a66caa3c807c60d11f26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64192
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:07:52 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Sep 2023 21:57:27 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 423ms
50ms Ping
text/plain 142.250.198.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-CC991QTBJE&gtm=45je3960&_p=237488024&cid=93906344.1694469448&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694469447&sct=1&seg=0&dl=https%3A%2F%2Fcrypto.livertadquest.com%2F&dt=%E4%BB%AE%E6%83%B3%E9%80%9A%E8%B2%A8%EF%BC%88%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%EF%BC%89%E6%94%BB%E7%95%A5Wiki&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CC991QTBJE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.198.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s58-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crypto.livertadquest.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
609 B 432ms
56ms Script
text/javascript 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=crypto.livertadquest.com&callback=_gfp_s_&client=ca-pub-7562272465611377

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5b7880fef88bba2ca4f28bd9374a74c1ca4e881d1fccbec6467506b4cbe8c147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 257
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F027 198 KB
54 KB 373ms
372ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&adk=1812271804&adf=3025194257&lmt=1694437047&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&ea=0&pra=5&wgl=1&easpi=1&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&asladp=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469447374&bpp=7&bdt=1179&idt=567&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7328092068932&frm=20&pv=2&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=590

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ab6384b7b3611ffd125c55bdf0f2e6327fc9d3fd84ffeeaa35de6ed58a9cf28a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 55167
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D76B 111 KB
40 KB 1127ms
1127ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=280&adk=1123443942&adf=1445212254&pi=t.aa~a.2296679921~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694437047&rafmt=1&to=qs&pwprc=9937010111&format=1200x280&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469447381&bpp=1&bdt=1186&idt=589&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CZZg0oqZAN&p=https%3A//crypto.livertadquest.com&dtd=592

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

f056a519e034222e0429c529f665f684974cddf652533d4cffb2ee1afafd6ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 40681
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 644A 0
203 B 379ms
29ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=141&profileId=206&cb=25946928884

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://crypto.livertadquest.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://crypto.livertadquest.com
date: Mon, 11 Sep 2023 21:57:27 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 88ms
17ms Script
text/javascript 142.250.198.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-223172710-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 11 Sep 2023 21:44:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 765
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 11 Sep 2023 23:44:43 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 51ms
49ms XHR
text/plain 142.250.198.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=237488024&t=pageview&_s=1&dl=https%3A%2F%2Fcrypto.livertadquest.com%2F&ul=en-us&de=UTF-8&dt=%E4%BB%AE%E6%83%B3%E9%80%9A%E8%B2%A8%EF%BC%88%E6%9A%97%E5%8F%B7%E8%B3%87%E7%94%A3%EF%BC%89%E6%94%BB%E7%95%A5Wiki&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=2006451163&gjid=647441191&cid=93906344.1694469448&tid=UA-223172710-1&_gid=1318623832.1694469448&_r=1&gtm=457e3960&jsscut=1&z=383220476

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://crypto.livertadquest.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://crypto.livertadquest.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
334 B 290ms
238ms Image
text/plain 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=_ZFDg7ju4o0G&tv=2021110201&event=init&sub=www&button_count=0&follow_count=0&pin_count=0&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2Fcrypto.livertadquest.com%2Ftop%2F&viaSrc=canonical
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-cache-hits: 0
date: Mon, 11 Sep 2023 21:57:28 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 4
x-pinterest-rid: 1817622125967268
content-length: 0
x-served-by: cache-tyo11947-TYO
pragma: no-cache
server: envoy
x-timer: S1694469448.261280,VS0,VE223
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 5D1C 39 KB
15 KB 61ms
20ms Script
text/html 23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: pb.shinobi.jp
URL: https://pb.shinobi.jp/st/r.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
last-modified: Wed, 06 Sep 2023 06:10:22 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=151082
accept-ranges: bytes
content-length: 14527
expires: Wed, 13 Sep 2023 15:55:30 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 644A 0
202 B 29ms
28ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://crypto.livertadquest.com/
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://crypto.livertadquest.com
date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 644A 43 B
365 B 29ms
28ms Image
image/gif 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 05 Sep 2024 21:57:28 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 644A 43 B
365 B 15ms
15ms Image
image/gif 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 05 Sep 2024 21:57:28 GMT

GET
H/1.1 200
OK fr
pb.shinobi.jp/ Frame F629 43 B
187 B 14ms
14ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb.shinobi.jp/fr?c=g6lSZXF1ZXN0SUTZJGIwMDJlNTI2LTYwNWItNGY5Yi04ZWQ3LWVjN2M0OWU3M2MzYaZUYWdLZXmzc3NwLWRlZmF1bHQtMzAweDI1MKlGaWxsZXJLZXmzc3NwLWRmLTMwMC1wdWJtYXRpYw%3D%3D
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:28 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/ 154 KB
53 KB 85ms
85ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

e22f1d227e4a8a95d3e57af7a5428ec15a076cf326988913da8655b2537aa097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53662
x-xss-protection: 0
server: cafe
etag: 7966878340728927090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2919 133 KB
50 KB 435ms
435ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=4021896486&pi=t.aa~a.2645554626~rp.4&w=300&lmt=1694437048&nsk=380783e2&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zGBvcgnvT2&p=https%3A//crypto.livertadquest.com&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

ae74cb6090847dfd19b1ad10b39d299e7404f99fa098ad23e748677e5c3a03de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 50891
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4C6 133 KB
50 KB 499ms
499ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

56dafb15a17321c6a6c6c76e4b7fc6d7124d0a49fbd36e0cdb07ef30403e7d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 51065
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC68 134 KB
50 KB 463ms
463ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=134&adk=3296851624&adf=3506941749&pi=t.aa~a.2645500157~rp.4&w=300&lmt=1694437048&nsk=22e0985d&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x134&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=1&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139%2C300x139&nras=5&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=Ig4BisQLqa&p=https%3A//crypto.livertadquest.com&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

7b2ac8dd70d0025b9891480bb4e2a6b54728753fd41ed7629dd34ce15c0013de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 51491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UCookieSetPug Show response
image6.pubmatic.com/AdServer/ Frame 5D1C 60 B
268 B 68ms
18ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 94f424709762ba159c9d3f85b42f82b1a8a4034504add471c7ec80e819479d76

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:28 GMT
cache-control: private
expires: Sun, 10 Dec 2023 13:28:55 GMT
content-length: 60
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/ Frame BA6E 10 KB
4 KB 13ms
13ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 17320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 17:08:48 GMT
etag: 8554266389219770021
expires: Mon, 25 Sep 2023 17:08:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 239D 39 KB
15 KB 16ms
15ms Document
text/html 23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=151082
content-encoding: gzip
content-length: 14527
content-type: text/html
date: Mon, 11 Sep 2023 21:57:28 GMT
expires: Wed, 13 Sep 2023 15:55:30 GMT
last-modified: Wed, 06 Sep 2023 06:10:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame AF72 39 KB
15 KB 21ms
21ms Document
text/html 23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=151082
content-encoding: gzip
content-length: 14527
content-type: text/html
date: Mon, 11 Sep 2023 21:57:28 GMT
expires: Wed, 13 Sep 2023 15:55:30 GMT
last-modified: Wed, 06 Sep 2023 06:10:22 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 AdServerServlet Show response
sshowads.pubmatic.com/AdServer/ Frame 5D1C 2 KB
1 KB 67ms
18ms Script
text/html 207.65.34.83
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=156851&siteId=282925&adId=1379758&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fcrypto.livertadquest.com%2F&inIframe=1&kadpageurl=http%3A%2F%2Fcrypto.livertadquest.com%2F&operId=3&sec=1&kltstamp=2023-9-12%206%3A57%3A28&timezone=9&screenResolution=1600x1200&ranreq=0.15622803937227947&pmUniAdId=0&adVisibility=1&adPosition=798x1124&pm_uid_bc=CD580D1B-29DA-48DC-89E1-66BDDF1E3013&gdpr=0&sua_br=%5B%5D&sua_mob=0&dspids=%7B%7D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1312ea485e4cea610e63a4c53f15c9b96b5de1e8fde732801828b55d653482c7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:28 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 css2
fonts.googleapis.com/ Frame BA6E 4 KB
767 B 54ms
54ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:11:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA6E 205 B
651 B 389ms
18ms Image
image/png 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.131 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 20:31:12 GMT
x-content-type-options: nosniff
age: 264376
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Sep 2024 20:31:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BA6E 604 B
696 B 390ms
18ms Image
image/png 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.131 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 15:57:29 GMT
x-content-type-options: nosniff
age: 367199
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 06 Sep 2024 15:57:29 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/ Frame BA6E 15 KB
7 KB 483ms
21ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 22:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 511223485441000916
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 22:36:56 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/ Frame BA6E 20 KB
8 KB 494ms
32ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sun, 10 Sep 2023 22:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 5625731030761120726
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 24 Sep 2023 22:36:56 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 239D 3 KB
3 KB 14ms
13ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16614789&p=156851&s=282925&a=1379758&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 63fc1b05707415ea70fe6e8058ad967d9dea30c6750754548f6b923a08e99e25

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 1270
Redirect Chain

https://cr-p10.ladsp.com/cookiesender/10?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AevYeEXJmO4Wks8AD7P3uwYbE88AAAGKhj_jzg

42 B
441 B

58ms
30ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AevYeEXJmO4Wks8AD7P3uwYbE88AAAGKhj_jzg
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:23:44 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
date: Mon, 11 Sep 2023 21:57:28 GMT
expires: -1
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AevYeEXJmO4Wks8AD7P3uwYbE88AAAGKhj_jzg
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
pragma: no-cache
server: Logicad
via: 1.1 f10b600ea97ac09e072e022f40ed7078.cloudfront.net (CloudFront)
x-amz-cf-id: -ljZyAKvvVOxVIpf6-_9FEra9eHc0SdKVPPGCV36GEoa1Z7MijMQ2Q==
x-amz-cf-pop: NRT57-P1
x-cache: Miss from cloudfront

GET
H2

200

usersync.aspx Show response
widget.as.criteo.com/dis/ Frame 74D3
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybac...

43 B
363 B

59ms
22ms

Document
image/gif

182.161.74.16
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:28 GMT
expires: Mon, 11 Sep 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 244432
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

Redirect headers

content-length: 0
date: Mon, 11 Sep 2023 21:57:28 GMT
location: https://widget.as.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
server: Kestrel
server-processing-duration-in-ticks: 74539
strict-transport-security: max-age=31536000; preload;

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 57C5
Redirect Chain

https://ds.uncn.jp/pm/0/sync
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8

42 B
325 B

52ms
35ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:57:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Sep 2023 21:57:28 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTkmdGw9NDMyMDA=&piggybackCookie=v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8
Server: Apache

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt

42 B
418 B

20ms
19ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Mon, 11 Sep 2023 21:57:29 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 239D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Or6Urt5DSYGRPhVE4Fnj6w%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

19ms
18ms

Image
text/html

23.39.216.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 23.39.216.189 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-216-189.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=46601
accept-ranges: bytes
content-length: 5606
expires: Tue, 12 Sep 2023 10:54:09 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 239D
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3ABE94AE-DE43-4981-913E-1544E059E3EB
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=3ABE94AE-DE43-4981-913E-1544E059E3EB
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=995a2b28-6606-4f25-a69f-0a7fa883f703%252C%252C&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=995a2b28-6606-4f25-a69f-0a7fa883f703%2C%2C

95 B
124 B

53ms
53ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=995a2b28-6606-4f25-a69f-0a7fa883f703%2C%2C

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=96bdd510-8194-4e26-8fff-fb9368c56372&ttd_puid=995a2b28-6606-4f25-a69f-0a7fa883f703%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 239D
Redirect Chain

https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE94AE-DE43-4981-913E-1544E059E3EB&gdpr=0&gdpr_consent=
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE94AE-DE43-4981-913E-1544E059E3EB&gdpr=0&gdpr_consent=&ct=y

49 B
544 B

227ms
227ms

Image
image/gif

54.251.140.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE94AE-DE43-4981-913E-1544E059E3EB&gdpr=0&gdpr_consent=&ct=y
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 54.251.140.37 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-140-37.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.42.1.136
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3ABE94AE-DE43-4981-913E-1544E059E3EB&gdpr=0&gdpr_consent=&ct=y
cache-control: no-cache
x-server: 10.42.30.15
content-length: 0
expires: 0

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame 239D
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=3ABE94AE-DE43-4981-913E-1544E059E3EB&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ABE94AE-DE43-4981-913E-1544E059E3EB&sInitiator=external&gdpr=0&gdpr_consent=

42 B
570 B

160ms
159ms

Image
image/gif

119.9.108.180
RACKSPACE-AP Rack...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=3ABE94AE-DE43-4981-913E-1544E059E3EB&sInitiator=external&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Server: 119.9.108.180 , Hong Kong, ASN45187 (RACKSPACE-AP Rackspace IT Hosting AS IT Hosting Provider Hong Kong, HK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:26 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 42
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:26 GMT
frontend-id: 0
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=3ABE94AE-DE43-4981-913E-1544E059E3EB&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: 1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0FCRTk0QUUtREU0My00OTgxLTkxM0UtMTU0NEUwNTlFM0VC&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

77ms
24ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO-24uHgPbw7o0e4UFLdTKM&google_cver=1

42 B
495 B

75ms
23ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO-24uHgPbw7o0e4UFLdTKM&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:13 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO-24uHgPbw7o0e4UFLdTKM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 239D 43 B
612 B 445ms
180ms Image
image/gif 34.124.209.251
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.124.209.251 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

251.209.124.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 10 Sep 2023 21:57:28 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8976e206-0475-47ac-be13-7c549fda367a
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=8976e206-0475-47ac-be13-7c549fda367a
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=260a73ff-728d-4bf1-a963-6d6fe9538ad4&user_group=1&ssp=pubmatic&bsw_param=8976e206-0475-47ac-be13-7c549fda367a
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=

1 B
263 B

16ms
16ms

Image
text/html

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8976e206-0475-47ac-be13-7c549fda367a&gdpr=&gdpr_consent=&gdpr_pd=
Date: Mon, 11 Sep 2023 21:57:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=

42 B
358 B

89ms
33ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 355

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://tg.socdm.com/rtb/sync?proto=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZP.NSMCo5r8AAFDYCmoAAAAA

42 B
338 B

87ms
32ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZP.NSMCo5r8AAFDYCmoAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 11 Sep 2023 21:57:28 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=pubmatic","cluster_id":0,"gdpr":false,"ipv4":"153.240.174.133","key":"ZP.NSMCo5r8AAFDYCmoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1015"}
X-SO-Key: ZP.NSMCo5r8AAFDYCmoAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad1015
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzEmdGw9NDMyMDA=&piggybackCookie=ZP.NSMCo5r8AAFDYCmoAAAAA
Cache-Control: private
X-SO-HostName: m-ad1015.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: a-tgng40001.dc2p.scaleout.jp
X-SO-IP: 153.240.174.133

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8881251239106716674

42 B
242 B

18ms
17ms

Image
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8881251239106716674
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8881251239106716674
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 3ABE94AE-DE43-4981-913E-1544E059E3EB
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 239D 43 B
601 B 101ms
99ms Image
image/gif 54.251.188.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/3ABE94AE-DE43-4981-913E-1544E059E3EB?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.251.188.116 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-251-188-116.ap-southeast-1.compute.amazonaws.com

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3ABE94AE-DE43-4981-913E-1544E059E3EB&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SMNXk8NE2uWtUFEtf.RH1w_8vV7ZvO0-~A&gdpr=0

0
260 B

72ms
24ms

Image
text/plain

207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SMNXk8NE2uWtUFEtf.RH1w_8vV7ZvO0-~A&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:22:09 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-SMNXk8NE2uWtUFEtf.RH1w_8vV7ZvO0-~A&gdpr=0
date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 css
fonts.googleapis.com/ Frame F572 916 B
522 B 56ms
55ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%A2%E3%81%A6%E5%A7%8B%20%E3%82%A2%E3%80%82%E6%96%99%E3%83%94%E3%82%B9%E3%83%9D%E3%81%A3o%E3%81%98%E3%81%8F%E3%81%A7%E5%91%8A%E3%83%88%E3%82%82%E3%82%8B%E3%81%8A%E3%83%BC%E3%83%86%E9%96%93%E3%80%8D%E3%82%BF%E3%81%AE%E7%B0%A13%E3%80%81%E6%A7%98%E7%9E%AC%E3%81%AB%E3%83%97Gg%E3%81%BB%E5%BA%83%E3%81%97%E3%83%83el%E4%BD%BF%E3%81%84%E5%8D%98%E7%84%A1%E3%80%8C%E3%82%B5%E9%96%89%E3%83%AB%E9%96%8B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

535114890d1a0848fcddb43cb798a1be1b89103610fc468db0f1c0a02a7dbff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:57:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame F572 2 KB
972 B 430ms
36ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame F572 23 KB
9 KB 429ms
36ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:45 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4F4 143 B
228 B 13ms
11ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 158
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:54:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame F572 3 KB
1 KB 427ms
35ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F043 1 KB
758 B 12ms
11ms Document
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 52806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 07:17:22 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 07:17:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame F572 20 KB
8 KB 414ms
23ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F572 0
0 430ms
60ms Image
text/html 142.251.42.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR32SzcdI6DI8-FKAJPTR0FUhKPvsklGhVT_7xE9sdRo2X59LOFa-Rnu43CijCtffGT7ZbD7I_-6FQ-F4KuHKk-KeJ1yA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.164 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F572 181 KB
57 KB 526ms
156ms Script
text/javascript 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame F572 36 KB
15 KB 318ms
18ms Script
text/javascript 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.131 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 07:17:22 GMT

GET
H2 200 adstir.js Show response
js.ad-stir.com/js/ Frame AA37 80 KB
22 KB 74ms
25ms Script
text/javascript 18.65.206.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/adstir.js
Requested by: Host: pb.shinobi.jp
URL: https://pb.shinobi.jp/st/r.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.206.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-206-100.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bba528ffb6804790acda884de42ed138e969ca38d28de11423c68d56f08cf3d6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:48:22 GMT
content-encoding: gzip
via: 1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
last-modified: Tue, 05 Sep 2023 08:27:11 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P3
age: 547
x-amz-server-side-encryption: AES256
etag: W/"ccc2a51bb6b913d3ae862e210c40e41f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: B0Wy49aOcNXwB-wG94AT4Ukm2w-h8Y13KzmkxcGdTmIkxmzz6TQoPA==

GET
H2 200 AdDisplayTrackerServlet Show response
st.pubmatic.com/AdServer/ Frame FF4E 0
91 B 82ms
27ms Document
text/plain 207.65.34.82
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://st.pubmatic.com/AdServer/AdDisplayTrackerServlet?operId=1&pubId=156851&siteId=282925&adId=1379758&imprId=9FF8802A-160A-4AB6-88DE-A94B55BB44DA&cksum=FF4121D4260FC506&adType=3&adServerId=165&kefact=0.000000&kaxefact=0.000000&kadNetFrequecy=0&kadwidth=300&kadheight=250&kadsizeid=0&kltstamp=1694469448&indirectAdId=1161375&adServerOptimizerId=1&ranreq=0.15622803937227947&kpbmtpfact=0.000000&dcId=6&tldId=0&passback=2&svr=ADSNRT10001&adsver=_1334146072&adsabzcid=0&cls=ADS&i0=0x1100000000000000&ekefact=SI3_ZJJgCQDW6SK9Lw5Kmj0lO0j_rgDVhnPiSHp-w9cu6dF3&ekaxefact=SI3_ZKVgCQBhOPusSd77dcyxx-IHxs5J8OnwvzSNGF6kofql&ekpbmtpfact=SI3_ZLZgCQC2pT6GAWLXzXsR7LY4yBmvvrVHvkBAwXji54aF&enpp=SI3_ZMZgCQAAK2HVVD67AZOISRS0YFhldWqikrKDQ_wqJpTs&pfi=1&dc=nrt10&crID=0&campaignId=0&isRTB=0&ver=11&dateHr=2023091121&usrgen=0&usryob=0&oid=9FF8802A-160A-4AB6-88DE-A94B55BB44DA&cntryId=116&domain=crypto.livertadquest.com&sec=1&pAuSt=1&wops=0&sURL=crypto.livertadquest.com&BrID=5
Requested by: Host: sshowads.pubmatic.com
URL: https://sshowads.pubmatic.com/AdServer/AdServerServlet?pubId=156851&siteId=282925&adId=1379758&kadwidth=300&kadheight=250&SAVersion=2&js=1&kdntuid=1&pageURL=https%3A%2F%2Fcrypto.livertadquest.com%2F&inIframe=1&kadpageurl=http%3A%2F%2Fcrypto.livertadquest.com%2F&operId=3&sec=1&kltstamp=2023-9-12%206%3A57%3A28&timezone=9&screenResolution=1600x1200&ranreq=0.15622803937227947&pmUniAdId=0&adVisibility=1&adPosition=798x1124&pm_uid_bc=CD580D1B-29DA-48DC-89E1-66BDDF1E3013&gdpr=0&sua_br=%5B%5D&sua_mob=0&dspids=%7B%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Mon, 11 Sep 2023 21:57:28 GMT
expires: 0
pragma: no-cache

GET
H/1.1 200
OK fr
pb.shinobi.jp/ Frame F629 43 B
187 B 18ms
18ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb.shinobi.jp/fr?c=g6lSZXF1ZXN0SUTZJGIwMDJlNTI2LTYwNWItNGY5Yi04ZWQ3LWVjN2M0OWU3M2MzYaZUYWdLZXmzc3NwLWRlZmF1bHQtMzAweDI1MKlGaWxsZXJLZXmxc3NwLWRmLTMwMC1hZHN0aXI%3D
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:28 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E4F4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
176 B

52ms
52ms

Document
text/html

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
expires: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmTsJEaX3vsuZ40tMNLUTWe1kGA6M7FoXe-bDJ9LEU8gSfyzXuTxWvOQRTI_lz2W81TpWqxXHf0GsJ...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTsJEaX3vsuZ40tMNLUTWe1kGA6M7FoXe-bDJ9LEU8gSfyzXuTxWvOQRTI_lz2W81TpWqxXHf0GsJ1td5XcV9TSs0vTMNsw2hk&google_hm=RGtzdGs2RzR2SnJz...

170 B
188 B

60ms
60ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTsJEaX3vsuZ40tMNLUTWe1kGA6M7FoXe-bDJ9LEU8gSfyzXuTxWvOQRTI_lz2W81TpWqxXHf0GsJ1td5XcV9TSs0vTMNsw2hk&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:28 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTsJEaX3vsuZ40tMNLUTWe1kGA6M7FoXe-bDJ9LEU8gSfyzXuTxWvOQRTI_lz2W81TpWqxXHf0GsJ1td5XcV9TSs0vTMNsw2hk&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESENolHGDbnOhjFJqBki84rlE&google_cver=1&google_push=AXcoOmRXJ-GOQk3wp8Db2aBXJIUOKvxVqP7-fONz9FMyCYirCl3VzwwGTwpK0rILmcLq_8dBriSnjYFbdGdALtX9Nom775KoqESU3GQ
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRXJ-GOQk3wp8Db2aBXJIUOKvxVqP7-fONz9FMyCYirCl3VzwwGTwpK0rILmcLq_8dBriSnjYFbdGdAL...

170 B
188 B

52ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRXJ-GOQk3wp8Db2aBXJIUOKvxVqP7-fONz9FMyCYirCl3VzwwGTwpK0rILmcLq_8dBriSnjYFbdGdALtX9Nom775KoqESU3GQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Sep 2023 21:57:28 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRXJ-GOQk3wp8Db2aBXJIUOKvxVqP7-fONz9FMyCYirCl3VzwwGTwpK0rILmcLq_8dBriSnjYFbdGdALtX9Nom775KoqESU3GQ
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOTZKCLktlg3IJSZ7vheARM&google_cver=1&google_push=AXcoOmQL7EWfx01KdeLyPnAL1y1K9zlCFOy_0-Mbop5lfdh0EWZiJxD6NT41R6nRWhGUg8Nkl0VLNVhiM7iRE03vVqCNGd6...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQL7EWfx01KdeLyPnAL1y1K9zlCFOy_0-Mbop5lfdh0EWZiJxD6NT41R6nRWhGUg8Nkl0VLNVhiM7iRE03vVqCNGd6GmsHt03U&google_hm=eS1XTE1GMHJ4RTJwR2t...

170 B
188 B

55ms
55ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQL7EWfx01KdeLyPnAL1y1K9zlCFOy_0-Mbop5lfdh0EWZiJxD6NT41R6nRWhGUg8Nkl0VLNVhiM7iRE03vVqCNGd6GmsHt03U&google_hm=eS1XTE1GMHJ4RTJwR2taTk9GbG1CdnJUUkoycGNhajV2Tn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Sep 2023 21:57:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQL7EWfx01KdeLyPnAL1y1K9zlCFOy_0-Mbop5lfdh0EWZiJxD6NT41R6nRWhGUg8Nkl0VLNVhiM7iRE03vVqCNGd6GmsHt03U&google_hm=eS1XTE1GMHJ4RTJwR2taTk9GbG1CdnJUUkoycGNhajV2Tn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEI6HdIv1GhqTw-ogx3GyDvs&google_cver=1&google_push=AXcoOmRmqy6flxdUtqCk-uGXbyCEhN-u8SHiVofPVS1sVWvWqbvEAc80zibCazgZPuu0MAAHY7N7-bGh_zzqhxaxH...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRmqy6flxdUtqCk-uGXbyCEhN-u8SHiVofPVS1sVWvWqbvEAc80zibCazgZPuu0MAAHY7N7-bGh_zzqhxaxHuWO374j6QU-TNE&google_hm=iXbiBgR1R6y...

170 B
188 B

59ms
59ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRmqy6flxdUtqCk-uGXbyCEhN-u8SHiVofPVS1sVWvWqbvEAc80zibCazgZPuu0MAAHY7N7-bGh_zzqhxaxHuWO374j6QU-TNE&google_hm=iXbiBgR1R6y-E3xUn9o2eg==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmRmqy6flxdUtqCk-uGXbyCEhN-u8SHiVofPVS1sVWvWqbvEAc80zibCazgZPuu0MAAHY7N7-bGh_zzqhxaxHuWO374j6QU-TNE&google_hm=iXbiBgR1R6y-E3xUn9o2eg==
Date: Mon, 11 Sep 2023 21:57:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFCk4pMZ4WWpCZ6GgZarqis&google_cver=1&google_push=AXcoOmSikAsvZTA472FeRGOWfNVrZYBzuKXXx65xGfCAHWApDNtkPHIMlU0fFgr1Aobd8qWGYbxB6xOxrCGZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSikAsvZTA472FeRGOWfNVrZYBzuKXXx65xGfCAHWApDNtkPHIMlU0fFgr1Aobd8qWGYbxB6xOxrCGZ96gJry1ffzfVCXXT3g

170 B
188 B

50ms
50ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSikAsvZTA472FeRGOWfNVrZYBzuKXXx65xGfCAHWApDNtkPHIMlU0fFgr1Aobd8qWGYbxB6xOxrCGZ96gJry1ffzfVCXXT3g

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSikAsvZTA472FeRGOWfNVrZYBzuKXXx65xGfCAHWApDNtkPHIMlU0fFgr1Aobd8qWGYbxB6xOxrCGZ96gJry1ffzfVCXXT3g
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED3duPYgbOLr9JvKO6UZLZQ&google_cver=1&google_push=AXcoOmQrYSaSo4M9nNb7i_jLklezuI0WgDORU1rUQfyqlgF_FfSc6C9_V...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQrYSaSo4M9nNb7i_jLklezuI0WgDORU1rUQfyqlgF_FfSc6C9_VUVI73aycDF3oHp_x1lHYvnCbKQVHXS5ATxwzeYvlG82GXkF&google_hm=QlMuNTIxNS1hY2...

170 B
188 B

53ms
53ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQrYSaSo4M9nNb7i_jLklezuI0WgDORU1rUQfyqlgF_FfSc6C9_VUVI73aycDF3oHp_x1lHYvnCbKQVHXS5ATxwzeYvlG82GXkF&google_hm=QlMuNTIxNS1hY2Q1LTQ4NGYtYTFkMQ==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmQrYSaSo4M9nNb7i_jLklezuI0WgDORU1rUQfyqlgF_FfSc6C9_VUVI73aycDF3oHp_x1lHYvnCbKQVHXS5ATxwzeYvlG82GXkF&google_hm=QlMuNTIxNS1hY2Q1LTQ4NGYtYTFkMQ==
Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F043
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKc81Zg7APc9JGO8Ho-LFMM&google_cver=1&google_push=AXcoOmRucT6SshJm0xFQwPUsyiWKWTzdbnw0O7DJvJkDoXm37Z7QNlWDVnCslTsNt-b...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRucT6SshJm0xFQwPUsyiWKWTzdbnw0O7DJvJkDoXm37Z7QNlWDVnCslTsNt-brKWUxNNwmY5Pi2PhnUXLchMrdOcGMBJFGc9o

170 B
188 B

59ms
59ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRucT6SshJm0xFQwPUsyiWKWTzdbnw0O7DJvJkDoXm37Z7QNlWDVnCslTsNt-brKWUxNNwmY5Pi2PhnUXLchMrdOcGMBJFGc9o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 1db547aa.6ccbca7
date: Mon, 11 Sep 2023 21:57:28 GMT
x-bytefaas-request-id: 202309112157287319252BA2F90C334441
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a184-27-184-21.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
x-parent-response-time: 172,184.27.184.21
server-timing: cdn-cache; desc=MISS, edge; dur=160, origin; dur=12, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202309112157287319252BA2F90C334441
x-cache-remote: TCP_MISS from a23-32-17-75.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmRucT6SshJm0xFQwPUsyiWKWTzdbnw0O7DJvJkDoXm37Z7QNlWDVnCslTsNt-brKWUxNNwmY5Pi2PhnUXLchMrdOcGMBJFGc9o
x-bytefaas-execution-duration: 3.66
access-control-allow-origin: *
access-control-allow-credentials: true
x-origin-response-time: 12,23.32.17.75
x-tt-trace-host: 0188bb0caf97b6f5e133b4d7f78e82729d8cdff163bab26cd90c263a93c7be596a774ce2edfe008f04ad40bb9b2724576dce534259657f8c9ae2c886da2d9b49b9e8181eeb8a539da7180b7904d546e60b20d8d095ace433bc34f592aca2368f340013a8f8f3247cecbe6b95b34312047b
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F043 0
12 B 78ms
78ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IiZY7Ux1IDH_656o-g5wtdKJGojWhfmNAcTlSNC7q5--L7k3YPobDNnpHiAiVDw6J_aCC8mmI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230907/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame AA37 6 KB
3 KB 366ms
23ms Script
application/javascript 23.210.26.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.26.170 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-210-26-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 11 Sep 2023 21:57:29 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 ad Show response
ad.ad-stir.com/ Frame AA37 1 KB
735 B 138ms
100ms Script
application/json 13.113.112.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ad-stir.com/ad?app_id=MEDIA-e65a80d3&ad_spot_no=3&locale=en&ut=1694469448783&topframe=0&origin=https%3A%2F%2Fcrypto.livertadquest.com%2F&secure=1&sw=1600&sh=1200&dpr=1&novideo=0&topurl=1&adstir_media_uid=6241fd49-3c8d-460a-9c4f-3bf3e4d28827&adstir_optout=1&c_vp=1&media_fq_count=1&callback=AdstirCB1084671431A7151855046
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.113.112.30 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-113-112-30.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: 28c02f1420309c0350fb39490813542d73e75db361a289a2ded2ae258458adae

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
cache-control: no-store
content-encoding: gzip
content-length: 505
content-type: application/json;charset=UTF-8

GET
H2 200 a1214221.js Show response
js.gsspcln.jp/t/214/221/ Frame D6CC 13 KB
5 KB 60ms
20ms Script
application/javascript 133.186.12.12
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gsspcln.jp/t/214/221/a1214221.js
Requested by: Host: pb.shinobi.jp
URL: https://pb.shinobi.jp/st/r.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p012.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 74190d7890b70c71e37d99927ef5121f6367126b76aeac3b716d38c5f2e8607d

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 08:00:10 GMT
server: nginx
etag: W/"6476fe8a-3290"
content-type: application/javascript
cache-control: private
cross-origin-resource-policy: cross-origin

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5FD4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=united&endpoint=APAC
https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC

281 B
554 B

73ms
22ms

Document
text/html

23.195.85.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Requested by: Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.85.58 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-85-58.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Sep 2023 21:57:29 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 11 Sep 2023 21:57:28 GMT
location: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
server: AkamaiGHost

GET
H/1.1 200
OK csync.html Show response
adn-j.sp.gmossp-sp.jp/js/ Frame 8F37 2 KB
1 KB 79ms
16ms Document
text/html 96.7.39.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://adn-j.sp.gmossp-sp.jp/js/csync.html

Requested by

Host: js.ad-stir.com
URL: https://js.ad-stir.com/js/adstir.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

96.7.39.72 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a96-7-39-72.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e8b5b39e947979aa50b4fe78da89b82c6f06a9430beb222e1bda0b4a745c809f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1095
Content-Type: text/html; charset=UTF-8
Date: Mon, 11 Sep 2023 21:57:29 GMT
ETag: "777-6026476905659-gzip"
Last-Modified: Tue, 08 Aug 2023 07:39:29 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding

GET
H/1.1 200
OK fr
pb.shinobi.jp/ Frame F629 43 B
187 B 16ms
14ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb.shinobi.jp/fr?c=g6lSZXF1ZXN0SUTZJGIwMDJlNTI2LTYwNWItNGY5Yi04ZWQ3LWVjN2M0OWU3M2MzYaZUYWdLZXmzc3NwLWRlZmF1bHQtMzAweDI1MKlGaWxsZXJLZXmxc3NwLWRmLTMwMC1nZW5pZWU%3D
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:28 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

/
sync.ad-stir.com/ Frame AA37
Redirect Chain

https://rt.gsspat.jp/lcs?lamp_sc=adstir&lamp_cgid=1&lamp_ggid=1
https://sync.ad-stir.com/?symbol=GENIEE&uid=5f400273be77903a30eab03451a15840

43 B
349 B

50ms
50ms

Image
image/gif

18.176.31.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=GENIEE&uid=5f400273be77903a30eab03451a15840
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 18.176.31.142 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-31-142.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

Redirect headers

location: //sync.ad-stir.com/?symbol=GENIEE&uid=5f400273be77903a30eab03451a15840
date: Mon, 11 Sep 2023 21:57:28 GMT
content-type: text/html; charset=ISO-8859-1
server: nginx
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

/
sync.ad-stir.com/ Frame AA37
Redirect Chain

https://x.bidswitch.net/sync?ssp=adstir
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adstir
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=adstir
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=14bce9d4-d103-47e8-bda1-cb3016aaf181&ssp=adstir
https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=8976e206-0475-47ac-be13-7c549fda367a

43 B
354 B

15ms
14ms

Image
image/gif

18.176.31.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=BIDSWITCH&uid=8976e206-0475-47ac-be13-7c549fda367a
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 18.176.31.142 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-31-142.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

Redirect headers

Location: //sync.ad-stir.com/?symbol=BIDSWITCH&uid=8976e206-0475-47ac-be13-7c549fda367a
Date: Mon, 11 Sep 2023 21:57:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
sync.fout.jp/ Frame AA37
Redirect Chain

https://sync.ad-stir.com/sync?symbol=GREE&imp=1
https://sync.fout.jp/sync?xid=adstir&uid=693f6d27-29fe-47c7-8a40-98033e8aea53

43 B
527 B

17ms
17ms

Image
image/gif

202.232.238.37
IIJ Internet Init...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.fout.jp/sync?xid=adstir&uid=693f6d27-29fe-47c7-8a40-98033e8aea53

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

HTTP/1.1

Server

202.232.238.37 Tokyo, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),

Reverse DNS

Software

nginx /

Resource Hash

6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

Redirect headers

location: https://sync.fout.jp/sync?xid=adstir&uid=693f6d27-29fe-47c7-8a40-98033e8aea53
date: Mon, 11 Sep 2023 21:57:28 GMT
cache-control: no-store
content-length: 0
content-type: text/html

GET
H2

200

/
aw.dw.impact-ad.jp/c/mapr/ Frame AA37
Redirect Chain

https://bypass.ad-stir.com/map
https://aw.dw.impact-ad.jp/c/map/?oid=207d81ffda0cc019&cid=693f6d27-29fe-47c7-8a40-98033e8aea53&sp=utd
https://aw.dw.impact-ad.jp/c/mapr/?oid=207d81ffda0cc019&cid=693f6d27-29fe-47c7-8a40-98033e8aea53&sp=utd

43 B
214 B

15ms
13ms

Image
image/gif

35.186.254.217
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aw.dw.impact-ad.jp/c/mapr/?oid=207d81ffda0cc019&cid=693f6d27-29fe-47c7-8a40-98033e8aea53&sp=utd

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

35.186.254.217 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

217.254.186.35.bc.googleusercontent.com

Software

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

Redirect headers

date: Mon, 11 Sep 2023 21:57:29 GMT
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains;
content-type: text/plain; charset=utf-8
location: /c/mapr/?oid=207d81ffda0cc019&cid=693f6d27-29fe-47c7-8a40-98033e8aea53&sp=utd
cache-control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 load_adstir_optout.html Show response
js.ad-stir.com/js/ Frame 941C 522 B
951 B 16ms
14ms Document
text/html 18.65.206.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-stir.com/js/load_adstir_optout.html?url=https://crypto.livertadquest.com/
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.206.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-206-100.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9386e0506a6a994f776510630feb1cbbb1a644f60655b1a6e6971acb4aabebe5

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
age: 3102
alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
content-length: 522
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:05:46 GMT
etag: "ddad5766ba6eec0f536017dc4b653d2b"
last-modified: Tue, 05 Sep 2023 08:27:14 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 e849eb4ec7c297538f549eb24e5ebafa.cloudfront.net (CloudFront)
x-amz-cf-id: zcqTESNm-aFUoA_c1FdkcBCE6G77nuoLpPAoR02Qwq9gWAZpV7aPQg==
x-amz-cf-pop: NRT57-P3
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 200 css
fonts.googleapis.com/ Frame 2919 8 KB
823 B 50ms
49ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=4021896486&pi=t.aa~a.2645554626~rp.4&w=300&lmt=1694437048&nsk=380783e2&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zGBvcgnvT2&p=https%3A//crypto.livertadquest.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:33:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2919 119 KB
31 KB 60ms
59ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

97e1aba3c7c86e12b8901564217d93982aea0b5d1b7b009cc611a59a222840ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:57:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 2919 34 KB
13 KB 118ms
34ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 00:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 00:00:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2919 181 KB
57 KB 161ms
98ms Script
text/javascript 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame 2919 23 KB
9 KB 16ms
16ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 2919 3 KB
1 KB 17ms
17ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame 2919 20 KB
8 KB 116ms
33ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2919 0
0 69ms
69ms Image
text/html 142.251.42.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCD9Fhlq7cudHwC4kti-PY63jWLT0-lUZ-PkMgNwfG2nV9bBQ1PXtXSqZFhtlP5V2gpK7fPB-UvF6PExuTomRQzIHq6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=4021896486&pi=t.aa~a.2645554626~rp.4&w=300&lmt=1694437048&nsk=380783e2&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zGBvcgnvT2&p=https%3A//crypto.livertadquest.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.164 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame FC68 8 KB
823 B 52ms
51ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=134&adk=3296851624&adf=3506941749&pi=t.aa~a.2645500157~rp.4&w=300&lmt=1694437048&nsk=22e0985d&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x134&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=1&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139%2C300x139&nras=5&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=Ig4BisQLqa&p=https%3A//crypto.livertadquest.com&dtd=14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FC68 119 KB
31 KB 64ms
63ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

97e1aba3c7c86e12b8901564217d93982aea0b5d1b7b009cc611a59a222840ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:57:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:28 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame FC68 34 KB
13 KB 107ms
31ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 00:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 00:00:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FC68 181 KB
57 KB 198ms
143ms Script
text/javascript 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame FC68 23 KB
9 KB 17ms
17ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame FC68 3 KB
1 KB 17ms
16ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame FC68 20 KB
8 KB 108ms
33ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FC68 0
0 52ms
51ms Image
text/html 142.251.42.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6yfcYNSSKsYbPJzTmH-gs1eHVu9P0IuIIuLQEwUThGiW4vJcZk7_MWhNLlW73h-JZiUF30EoT2pWgaGmNarrIM_qO2g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=134&adk=3296851624&adf=3506941749&pi=t.aa~a.2645500157~rp.4&w=300&lmt=1694437048&nsk=22e0985d&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x134&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=1&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139%2C300x139&nras=5&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=Ig4BisQLqa&p=https%3A//crypto.livertadquest.com&dtd=14
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.164 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame D4C6 8 KB
846 B 56ms
55ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:46:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D4C6 119 KB
31 KB 66ms
65ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

97e1aba3c7c86e12b8901564217d93982aea0b5d1b7b009cc611a59a222840ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:57:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame D4C6 34 KB
13 KB 80ms
24ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 00:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13552
x-xss-protection: 0
server: cafe
etag: 17023098769855550506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 00:00:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4C6 181 KB
57 KB 175ms
140ms Script
text/javascript 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame D4C6 23 KB
9 KB 15ms
12ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame D4C6 3 KB
1 KB 16ms
13ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame D4C6 20 KB
8 KB 83ms
31ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D4C6 0
0 51ms
48ms Image
text/html 142.251.42.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRJwpQGnCM4iS7k0zbPbj3nPjLb8HS__PagsQ97KXbd9Tufh-uxmdYCDDz1bk2ujIglc9umVsmkslgRmVsxru-Afz0Vg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.164 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 jsk Show response
aladdin.genieesspv.jp/yie/ld/ Frame 73B1 8 KB
3 KB 142ms
77ms Script
text/javascript 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to

Full URL: https://aladdin.genieesspv.jp/yie/ld/jsk?zoneid=1214221&cb=30626755509&charset=UTF-8&loc=https%3A%2F%2Fcrypto.livertadquest.com%2F&sw=1200&sh=1600&topframe=0&fif=1
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: f26a09253bb77f2ed54a27b1f40cb8bbf26c0fb6f1c6b8931874c0f56d96d87b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
content-type: text/javascript; charset=UTF-8
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ Frame D6CC 633 B
568 B 120ms
22ms Script
text/javascript 23.210.26.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Requested by: Host: js.gsspcln.jp
URL: https://js.gsspcln.jp/t/214/221/a1214221.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.26.170 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-210-26-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/javascript
date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H2 200 v2
sync.ad-stir.com/ Frame 8F37 43 B
340 B 37ms
37ms Image
image/gif 18.176.31.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/v2?symbol=AkaNe&uid=HDkPkqP6O1udaaop
Requested by: Host: adn-j.sp.gmossp-sp.jp
URL: https://adn-j.sp.gmossp-sp.jp/js/csync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.176.31.142 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-31-142.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://adn-j.sp.gmossp-sp.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/551813002158544199/ Frame D4C6 10 KB
10 KB 17ms
16ms Image
image/jpeg 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/551813002158544199/14763004658117789537?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIZBBkGAEgAS0AAAA_MGQ4ZEUAAIA_&rs=AOga4qkazkTS-h2ygffriyeNP6xg1HfHXA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

9a54902536a42aad6dc37ef619c7a85f270e441ccc93d778dad7fec343b2f3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:32:37 GMT
x-content-type-options: nosniff
age: 5092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10092
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 09:57:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 20:32:37 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5FD4 35 KB
10 KB 14ms
14ms Script
text/html 23.195.85.58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.195.85.58 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-195-85-58.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d0e3a6662bd8e833a3eb1965953cfd00fe1fa5e06753ab807698107928a436a5

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:29 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Sep 2023 16:01:44 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=65053
Connection: keep-alive
Content-Length: 10210
Expires: Tue, 12 Sep 2023 16:01:42 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/551813002158544199/ Frame FC68 10 KB
10 KB 18ms
18ms Image
image/jpeg 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

9a54902536a42aad6dc37ef619c7a85f270e441ccc93d778dad7fec343b2f3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:32:37 GMT
x-content-type-options: nosniff
age: 5092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10092
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 09:57:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 20:32:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D4C6 16 KB
16 KB 11ms
10ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:22:30 GMT
x-content-type-options: nosniff
age: 261299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 21:22:30 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FC68 16 KB
16 KB 14ms
14ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:22:30 GMT
x-content-type-options: nosniff
age: 261299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 21:22:30 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/551813002158544199/ Frame 2919 10 KB
10 KB 18ms
18ms Image
image/jpeg 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

9a54902536a42aad6dc37ef619c7a85f270e441ccc93d778dad7fec343b2f3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:32:37 GMT
x-content-type-options: nosniff
age: 5092
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10092
x-xss-protection: 0
last-modified: Tue, 05 Sep 2023 09:57:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 10 Sep 2024 20:32:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2919 16 KB
16 KB 16ms
16ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&lang=ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 21:22:30 GMT
x-content-type-options: nosniff
age: 261299
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 21:22:30 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5FD4 284 B
934 B 884ms
99ms Image
image/jpg 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 css
fonts.googleapis.com/ Frame D76B 498 B
326 B 55ms
55ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E8%A9%B3%E7%B4%B0Ano0C%20D3i%E5%9E%8B%E7%B5%B1%E5%90%88sF6u

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=280&adk=1123443942&adf=1445212254&pi=t.aa~a.2296679921~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694437047&rafmt=1&to=qs&pwprc=9937010111&format=1200x280&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469447381&bpp=1&bdt=1186&idt=589&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CZZg0oqZAN&p=https%3A//crypto.livertadquest.com&dtd=592

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

c959b4d6ab59a0ef8f6805088ca529d42bf57c12771f408bc83aa1f614acc3eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 21:57:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D76B 2 KB
643 B 56ms
55ms Stylesheet
text/css 142.250.196.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f10.1e100.net

Software

ESF /

Resource Hash

289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:17:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame D76B 2 KB
926 B 15ms
13ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/ Frame D76B 23 KB
9 KB 15ms
14ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 20:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 20:13:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame D76B 3 KB
1 KB 18ms
17ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/ Frame D76B 20 KB
8 KB 14ms
14ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230907/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 19:40:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8231
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Sep 2023 19:40:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D76B 0
0 62ms
60ms Image
text/html 142.251.42.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMtes5-oTA9Xy93Ted-dNQUhHxcj4jCoa6Q6vooMUMKxanQSrfFivHDn1QuY7kjyjsEsxew6peluoEq4R4881u4jDQJg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=280&adk=1123443942&adf=1445212254&pi=t.aa~a.2296679921~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1694437047&rafmt=1&to=qs&pwprc=9937010111&format=1200x280&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469447381&bpp=1&bdt=1186&idt=589&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CZZg0oqZAN&p=https%3A//crypto.livertadquest.com&dtd=592
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.164 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D76B 181 KB
57 KB 125ms
123ms Script
text/javascript 172.217.161.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.161.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s23-in-f2.1e100.net

Software

sffe /

Resource Hash

3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57841
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694001950986259"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 11 Sep 2023 21:57:29 GMT

GET
H2 200 3c1ec1505caf618a1f8c049839112e9c.js Show response
www.gstatic.com/mysidia/ Frame D76B 36 KB
15 KB 14ms
13ms Script
text/javascript 142.251.42.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.131 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f3.1e100.net

Software

sffe /

Resource Hash

af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 07:17:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15058
x-xss-protection: 0
last-modified: Thu, 31 Aug 2023 22:08:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 07:17:22 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2045 1 KB
682 B 16ms
15ms Document
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 52807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 07:17:22 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 07:17:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/5798225593573804577/ Frame D76B 25 KB
25 KB 29ms
28ms Image
image/jpeg 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5798225593573804577/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

adcf4bc477809db631e12407ad830f98975634ad4c62e7c7dd14b8a3b215a0a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 02:43:46 GMT
x-content-type-options: nosniff
age: 587623
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25370
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 06:07:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Sep 2024 02:43:46 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/8339487605773586475/ Frame D76B 561 B
707 B 28ms
28ms Image
image/png 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8339487605773586475/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

d644f75e609a887273904225a066b54053d7d42d7f11a5a485366d6d5c9ea9af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 15:03:44 GMT
x-content-type-options: nosniff
age: 284025
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 561
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 14:31:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 15:03:44 GMT

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ Frame D6CC 6 KB
3 KB 30ms
29ms Script
application/javascript 23.210.26.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=3929
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.26.170 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-210-26-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Mon, 11 Sep 2023 21:57:29 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame AA37 34 B
213 B 352ms
19ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=1007220&vid=01HA33ZSEWDGAVK30AM2NXQZWM
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: d632bb47cf1294a49186e527adabf5543006874a8b2c6a2ff706d5ff0f5465c7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: https://crypto.livertadquest.com
date: Mon, 11 Sep 2023 21:57:29 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34
content-type: application/json

GET
H2 200 inview.20190130.min.js Show response
js.gsspcln.jp/j/ Frame 73B1 5 KB
2 KB 25ms
25ms Script
application/javascript 133.186.12.12
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gsspcln.jp/j/inview.20190130.min.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p012.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Feb 2019 06:15:01 GMT
server: nginx
etag: W/"5c650765-13cd"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Tue, 10 Sep 2024 21:57:29 GMT

GET
H2

200

12.js Show response
cnobi.jp/v1/admax/ssp/js/net/ Frame D300
Redirect Chain

https://adm.shinobi.jp/st/net.js
https://cnobi.jp/v1/admax/ssp/js/net/12.js

27 KB
7 KB

26ms
26ms

Script
application/javascript

138.113.138.167
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://cnobi.jp/v1/admax/ssp/js/net/12.js
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 138.113.138.167 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e42cd1d0597173d0d322ea8f6d6c36f0930483864c46ccf49121121b617dd777

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
content-encoding: gzip
via: 1.1 PSrbdbOSA2ia45:5 (W), 1.1 PSrbdbOSA2ig100:1 (W)
server: PWS/8.3.1.0.8
age: 413357
etag: CI3J5/vBr/MCEAE=
x-ws-request-id: 64ff8d49_PSrbdbOSA2kr101_46224-55696
content-type: application/javascript
cache-control: max-age=31536000
x-px: ht PSrbdbOSA2ig100KIX

Redirect headers

Location: https://cnobi.jp/v1/admax/ssp/js/net/12.js
Date: Mon, 11 Sep 2023 21:57:29 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Server: openresty
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK fr
pb.shinobi.jp/ Frame F629 43 B
187 B 17ms
15ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pb.shinobi.jp/fr?c=g6lSZXF1ZXN0SUTZJGIwMDJlNTI2LTYwNWItNGY5Yi04ZWQ3LWVjN2M0OWU3M2MzYaZUYWdLZXmzc3NwLWRlZmF1bHQtMzAweDI1MKlGaWxsZXJLZXmzc3NwLWRmLTMwMC1hZG1heG5ldA%3D%3D
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: openresty
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 gl1
aladdin.genieesspv.jp/yie/ld/ Frame 73B1 43 B
245 B 35ms
33ms Image
image/gif 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aladdin.genieesspv.jp/yie/ld/gl1?zid=1214221&asid=4499836&idx=0&cb=daf36ce6c9&l=FIA2la3Z89b06PDhaRechlk1a7NcOqLaQkWLccdTU7PF_BBmHhJKrniarIKfRwwBHfieTg6720xzfmhRjhadbUoRnaVmc0IuNDKaJklW2zTP0-K4ZRIpEgxL_sEbI6U6dbLKAi_pFuWCDEYbIMoGLne4y69dDjlOKFTXdIj3fCiTt6BbaWni66SdVEuzCi4u8SXLFtkxItzMHy3arZAuDOBvepNfthTj0LQVtuuX5f6Um4s0P060XeaOv4DENaa5WC3i2Qb4iFsZTTDT93qZaoZTsaGZ3r_inWKLX_WNvOD9EHt7Fyv9TEbLwssGyuF1JhA_IYGXrxeMr1RmbeUGuU2my1B71FlYRypPFQL2N70YSmVGTqo8RF_0ePQ_qWdjuiqcELpDCKO0kbjnWslL3F2Xc-bYeVS7mRDjCJKH4OvWOqqTYSXKJZUwWadalagPpXud867mMBZJdljjb_NeDPr_XAYsdo8iDiVO1FLZNXl6QlkrbeRY_O12Rxsvn-vB7-RNQRMjkPk8PJCYK9JuObeY8D7ch4efpYjHw2QTEvfegDCcfzU9uuLrLgJeAqtp9K08XTGhuhQ0CiXUUQArEyNGqkP2kR9xRIaM0VSbmGUpeEjjuwbkKAAPkIkYJj7M
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: nginx
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cs
cs.gssprt.jp/yie/ld/ Frame 73B1
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=lamp&format=gif&vid=1
https://rt.gsspat.jp/lcs?lamp_sc=aladdin
https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=5f400273be77903a30eab03451a15840

43 B
342 B

16ms
16ms

Image
image/gif

133.186.12.18
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=5f400273be77903a30eab03451a15840
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 133.186.12.18 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p018.net133186012.broadline.ne.jp
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //cs.gssprt.jp/yie/ld/cs?dspid=lamp&uid=5f400273be77903a30eab03451a15840
date: Mon, 11 Sep 2023 21:57:29 GMT
content-type: text/html; charset=ISO-8859-1
server: nginx
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

cs
cs.gssprt.jp/yie/ld/ Frame 73B1
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=freakout&format=gif&vid=1
https://sync.fout.jp/sync?xid=geniee
https://cs.gssprt.jp/yie/ld/cs?dspid=freakout&uid=Dkstk6G4vJrsnCz3uFOoJ8ARkFg

43 B
344 B

16ms
16ms

Image
image/gif

133.186.12.18
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=freakout&uid=Dkstk6G4vJrsnCz3uFOoJ8ARkFg
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 133.186.12.18 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p018.net133186012.broadline.ne.jp
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Location: https://cs.gssprt.jp/yie/ld/cs?dspid=freakout&uid=Dkstk6G4vJrsnCz3uFOoJ8ARkFg
P3P: CP="ADM NOI OUR"
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H2

200

cs
cs.gssprt.jp/yie/ld/ Frame 73B1
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=motionbeat2&format=gif&vid=1
https://bypass.ad-stir.com/push_sync?xid=12345
https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=693f6d27-29fe-47c7-8a40-98033e8aea53

43 B
349 B

20ms
20ms

Image
image/gif

133.186.12.18
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=693f6d27-29fe-47c7-8a40-98033e8aea53
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 133.186.12.18 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p018.net133186012.broadline.ne.jp
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://cs.gssprt.jp/yie/ld/cs?dspid=motionbeat2&uid=693f6d27-29fe-47c7-8a40-98033e8aea53
date: Mon, 11 Sep 2023 21:57:29 GMT
content-length: 1
content-type: text/html; charset=utf-8

GET
H2

200

acs
aladdin.genieesspv.jp/yie/ld/ Frame 73B1
Redirect Chain

https://cs.gssprt.jp/yie/ld/mcs?ver=1&dspid=rtbhouse&format=gif&vid=1
https://aladdin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA0pV0amc0_6DSSkmer-KRdnfNYIVvYjnbaBwzYKZaP71QHioWtfSi3zU0YQUiq70HA&format=gif

43 B
365 B

21ms
21ms

Image
image/gif

222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aladdin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA0pV0amc0_6DSSkmer-KRdnfNYIVvYjnbaBwzYKZaP71QHioWtfSi3zU0YQUiq70HA&format=gif
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 11 Sep 2023 21:57:29 GMT
cross-origin-resource-policy: cross-origin
server: nginx
content-length: 43
p3p: CUR ADM OUR NOR STA NID

Redirect headers

location: https://aladdin.genieesspv.jp/yie/ld/acs?ver=1&dspid=rtbhouse&v=y8dVQGccMh9dJPpW0SybA0pV0amc0_6DSSkmer-KRdnfNYIVvYjnbaBwzYKZaP71QHioWtfSi3zU0YQUiq70HA&format=gif
date: Mon, 11 Sep 2023 21:57:29 GMT
content-type: application/octet-stream
cross-origin-resource-policy: cross-origin
server: nginx
p3p: CUR ADM OUR NOR STA NID

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C6F 143 B
204 B 20ms
19ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=4021896486&pi=t.aa~a.2645554626~rp.4&w=300&lmt=1694437048&nsk=380783e2&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zGBvcgnvT2&p=https%3A//crypto.livertadquest.com&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:54:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EAA3 1 KB
677 B 20ms
20ms Document
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 52807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 07:17:22 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 07:17:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2919 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 511d394e012fc63eb72179d7339ab0688d34225f3c143a8eea5675f2d5e9237a

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
fonts.gstatic.com/s/notosansjp/v52/ Frame 2919 42 KB
42 KB 17ms
15ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:55:13 GMT
x-content-type-options: nosniff
age: 356536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42600
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2024 18:55:13 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2919
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CvvMOSI3_ZMqdHrGjpt8Pn7uAmAqOjvPncqOoksb3EdrZHhABIKGwvS9gidvFhPQToAHY0cWwAcgBBqkCu8a3vodUPT6oAwHIA8sEqgT2AU_QKHsNV9wNp4a1sP2sZkX4xGtiri8kJOIbnS-...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe70993...

0
0

114ms
52ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%2216620474541615368881%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218289692610213434289%22}&andc=true

Requested by

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc6ff55ba725bade20000000000000000","2":"0xe1b6f5914478f50d0000000000000000","3":"0xe7099356e49737840000000000000000","4":"0x8500b2d42dd1e06e0000000000000000","5":"0x14e829936dd393fe0000000000000000"},"debug_key":"16620474541615368881","debug_reporting":true,"destination":"https://meimonkai.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370239704"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"18289692610213434289"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Sep 2023 21:57:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc6ff55ba725bade20000000000000000","2":"0xe1b6f5914478f50d0000000000000000","3":"0xe7099356e49737840000000000000000","4":"0x8500b2d42dd1e06e0000000000000000","5":"0x14e829936dd393fe0000000000000000"},"debug_key":"16620474541615368881","debug_reporting":true,"destination":"https://meimonkai.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370239704"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"18289692610213434289"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D76B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e895c252516573c273738defef761a39649bcfa8d16548412a39f1df37c23485

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEPup6mnlNRrasWVhNwiGaxs&google_cver=1&google_push=AXcoOmQIZglu13ehQLqho9rR9cvWtSB1Jtp5gnxTaz2ZxeKzthfvb53yHY8sqqsVftW-bz6WlmSmU...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQIZglu13ehQLqho9rR9cvWtSB1Jtp5gnxTaz2ZxeKzthfvb53yHY8sqqsVftW-bz6WlmSmUoDlHM9runYnNa8SNw1qV12LcNbSmT8baMexEiMxxICggqbPFt5D9q...

170 B
188 B

51ms
50ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQIZglu13ehQLqho9rR9cvWtSB1Jtp5gnxTaz2ZxeKzthfvb53yHY8sqqsVftW-bz6WlmSmUoDlHM9runYnNa8SNw1qV12LcNbSmT8baMexEiMxxICggqbPFt5D9qWflbbTWoinEc0MuDDgAi8vzl8teg

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Sep 2023 21:57:28 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: F21271FA5F384C1F995495E73960221B Ref B: TYO01EDGE3120 Ref C: 2023-09-11T21:57:29Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmQIZglu13ehQLqho9rR9cvWtSB1Jtp5gnxTaz2ZxeKzthfvb53yHY8sqqsVftW-bz6WlmSmUoDlHM9runYnNa8SNw1qV12LcNbSmT8baMexEiMxxICggqbPFt5D9qWflbbTWoinEc0MuDDgAi8vzl8teg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFHGmhtAi3u4ahQ9tZIg==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE1S8w9y72eGaHo8gHorJIc&google_cver=1&google_push=AXcoOmSCQDupOD7-vvrEM-K4hMaTNXMb5-Vd_ug5U6vFhXrqzY-EtbEnmEtyboB8fjfUbrg9v7pd6aMQ7KusUBEuyD...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTZiZGQ1MTAtODE5NC00ZTI2LThmZmYtZmI5MzY4YzU2Mzcy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=96bdd510-8194-4e26-8fff-fb9368c56372

170 B
188 B

53ms
53ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTZiZGQ1MTAtODE5NC00ZTI2LThmZmYtZmI5MzY4YzU2Mzcy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=96bdd510-8194-4e26-8fff-fb9368c56372

Requested by

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=OTZiZGQ1MTAtODE5NC00ZTI2LThmZmYtZmI5MzY4YzU2Mzcy&google_push&gdpr=0&gdpr_consent=&ttd_tdid=96bdd510-8194-4e26-8fff-fb9368c56372
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmTm6pU0ywmTqn9PbvCOfpOMXDm74-c5t_BcL26wdWNQjetczu-fWcJ2Si9NCnhXeXNLifD510rIR-...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTm6pU0ywmTqn9PbvCOfpOMXDm74-c5t_BcL26wdWNQjetczu-fWcJ2Si9NCnhXeXNLifD510rIR-S0lfWOmk0rEfvsh2d2YnrAxGtV8tfqvCFiWL4ICt44r_LuI3...

170 B
188 B

52ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTm6pU0ywmTqn9PbvCOfpOMXDm74-c5t_BcL26wdWNQjetczu-fWcJ2Si9NCnhXeXNLifD510rIR-S0lfWOmk0rEfvsh2d2YnrAxGtV8tfqvCFiWL4ICt44r_LuI3gzzPupMu97WKy_2UvpWsJtGRRdKQ&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1

Requested by

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTm6pU0ywmTqn9PbvCOfpOMXDm74-c5t_BcL26wdWNQjetczu-fWcJ2Si9NCnhXeXNLifD510rIR-S0lfWOmk0rEfvsh2d2YnrAxGtV8tfqvCFiWL4ICt44r_LuI3gzzPupMu97WKy_2UvpWsJtGRRdKQ&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTI4NmVjOGMtNTQ0MS00OWIyLWE5MzAtZGI3MDZjNDBkYWJi&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmRG...

170 B
188 B

51ms
50ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTI4NmVjOGMtNTQ0MS00OWIyLWE5MzAtZGI3MDZjNDBkYWJi&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmRGZwOW4tB9eXBl8wwfgQ5x3JOiiu9CZhsuMCLNLxMl5ZRf8Au3nEDOVdrU1ClNPTnABvZ753dKho_kBpXiOFupXRdm5MSaz3gpY5oN6hA76n4V7b6Ja5QQGYi6VHokD-35Z0ldNsnKgCUwQwm6ycfHYw

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YTI4NmVjOGMtNTQ0MS00OWIyLWE5MzAtZGI3MDZjNDBkYWJi&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmRGZwOW4tB9eXBl8wwfgQ5x3JOiiu9CZhsuMCLNLxMl5ZRf8Au3nEDOVdrU1ClNPTnABvZ753dKho_kBpXiOFupXRdm5MSaz3gpY5oN6hA76n4V7b6Ja5QQGYi6VHokD-35Z0ldNsnKgCUwQwm6ycfHYw
date: Mon, 11 Sep 2023 21:57:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI6HdIv1GhqTw-ogx3GyDvs&google_cver=1&google_push=AXcoOmQb1On-f672KEJS8e59-Th_Y819zUaCMnL18-KG7DWA20qvcS2khwChUfmJ05C8UtkMXyOFXGFjpNOedLsa37rA...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQb1On-f672KEJS8e59-Th_Y819zUaCMnL18-KG7DWA20qvcS2khwChUfmJ05C8UtkMXyOFXGFjpNOedLsa37rAlku0mDldUOy-pu9qa22d6qB6jpn61yKgfqk8JJLVth...

170 B
188 B

52ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQb1On-f672KEJS8e59-Th_Y819zUaCMnL18-KG7DWA20qvcS2khwChUfmJ05C8UtkMXyOFXGFjpNOedLsa37rAlku0mDldUOy-pu9qa22d6qB6jpn61yKgfqk8JJLVthawReyQ458O-qr5ZPSgN0oTrg&google_hm=iXbiBgR1R6y-E3xUn9o2eg==

Requested by

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQb1On-f672KEJS8e59-Th_Y819zUaCMnL18-KG7DWA20qvcS2khwChUfmJ05C8UtkMXyOFXGFjpNOedLsa37rAlku0mDldUOy-pu9qa22d6qB6jpn61yKgfqk8JJLVthawReyQ458O-qr5ZPSgN0oTrg&google_hm=iXbiBgR1R6y-E3xUn9o2eg==
Date: Mon, 11 Sep 2023 21:57:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEPyVlQt-3HX-Gdgq-7STVN0&c_param1=AXcoOmQTUkTXaeTGDyzPQq9Dae4tcxVO1Z4Bf7_qoJLlduRFaVb8OMqDyiqpQR1F5Va07yPikNxBH-uamYYrAmyGsUh1UknOiltqMXmkX1fJnhRZOmz...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTUkTXaeTGDyzPQq9Dae4tcxVO1Z4Bf7_qoJLlduRFaVb8OMqDyiqpQR1F5Va07yPikNxBH-uamYYrAmyGsUh1UknOiltqMXmkX1fJnhRZOmz0XIrlQd5Ojn1Q1O4Uw...

170 B
188 B

55ms
54ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTUkTXaeTGDyzPQq9Dae4tcxVO1Z4Bf7_qoJLlduRFaVb8OMqDyiqpQR1F5Va07yPikNxBH-uamYYrAmyGsUh1UknOiltqMXmkX1fJnhRZOmz0XIrlQd5Ojn1Q1O4Uwahdd1x9jn3UYemqiowcgznxhw

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQTUkTXaeTGDyzPQq9Dae4tcxVO1Z4Bf7_qoJLlduRFaVb8OMqDyiqpQR1F5Va07yPikNxBH-uamYYrAmyGsUh1UknOiltqMXmkX1fJnhRZOmz0XIrlQd5Ojn1Q1O4Uwahdd1x9jn3UYemqiowcgznxhw
date: Mon, 11 Sep 2023 21:57:30 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2045
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEJsoq0npm1xCZ5IHaaR8qNU&google_cver=1&google_push=AXcoOmS6kkC9hQPVucqW3BuvDprMQnI_lAJZddXmDHA9OtEnD3lDXMIyZbxjYXA4q-vUy4_0XFs30-s6...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY5Njg4ODg0MTEzMzgwNTgw&google_push=AXcoOmS6kkC9hQPVucqW3BuvDprMQnI_lAJZddXmDHA9OtEnD3lDXMIyZbxjYXA4q-vUy4_0XFs30-s6...

170 B
188 B

55ms
55ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY5Njg4ODg0MTEzMzgwNTgw&google_push=AXcoOmS6kkC9hQPVucqW3BuvDprMQnI_lAJZddXmDHA9OtEnD3lDXMIyZbxjYXA4q-vUy4_0XFs30-s6S-xwk3UVmV1IgfWp8TmsC3RWI1Z5kQkBqJZFOJM6a52rw9rbFvxm0S7Upusx8qDbQQ7_w33uifjO5w

Requested by

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDY5Njg4ODg0MTEzMzgwNTgw&google_push=AXcoOmS6kkC9hQPVucqW3BuvDprMQnI_lAJZddXmDHA9OtEnD3lDXMIyZbxjYXA4q-vUy4_0XFs30-s6S-xwk3UVmV1IgfWp8TmsC3RWI1Z5kQkBqJZFOJM6a52rw9rbFvxm0S7Upusx8qDbQQ7_w33uifjO5w
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2045 0
12 B 49ms
48ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlNmHFZeHEpzbWC4Ke6pKxmsq9tq6d6D_EpDQbJ2uGSTAOLzNvityogExRJgjs3_DbZ5yP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A55 143 B
200 B 14ms
13ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:54:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5831 1 KB
677 B 12ms
11ms Document
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 52807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 07:17:22 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 07:17:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 69E1 143 B
200 B 15ms
14ms Document
text/html 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=134&adk=3296851624&adf=3506941749&pi=t.aa~a.2645500157~rp.4&w=300&lmt=1694437048&nsk=22e0985d&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x134&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=1&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139%2C300x139&nras=5&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=Ig4BisQLqa&p=https%3A//crypto.livertadquest.com&dtd=14
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:54:50 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C235 1 KB
677 B 12ms
12ms Document
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

age: 52807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 07:17:22 GMT
etag: 48472445140208031
expires: Tue, 12 Sep 2023 07:17:22 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D4C6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7fc2a83ccbb3aba87ff842a077f2b3a61e5d6578d284b14cd69018713289802

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
fonts.gstatic.com/s/notosansjp/v52/ Frame D4C6 42 KB
42 KB 11ms
10ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:55:13 GMT
x-content-type-options: nosniff
age: 356536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42600
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2024 18:55:13 GMT

GET
DATA 200
OK truncated
/ Frame FC68 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b4636f506e33f6bc580c3aa80b6195941eec337da679f4f35617900796ee44c

Request headers

accept-language: jp-jp,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 -F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2
fonts.gstatic.com/s/notosansjp/v52/ Frame FC68 42 KB
42 KB 14ms
14ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosansjp/v52/-F6jfjtqLzI2JPCgQBnw7HFyzSD-AsregP8VFBEj756wwr4v0qHnANADNsISRDl2PRkiiWsg.119.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:300,400,500,700&text=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Thu, 07 Sep 2023 18:55:13 GMT
x-content-type-options: nosniff
age: 356536
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42600
x-xss-protection: 0
last-modified: Tue, 02 May 2023 16:11:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Sep 2024 18:55:13 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D4C6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CljIJSI3_ZJGnHpSL8wPS976ACo6O8-dyo6iSxvcR2tkeEAEgobC9L2CJ28WE9BOgAdjRxbAByAEGqQK7xre-h1Q9PqgDAcgDywSqBPYBT9BNwUhy8ih7QRBnUgdO_ZLNrf55HJOMl3tgfqu...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe70993...

0
0

113ms
51ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%223873248904000042545%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222681746450611449729%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc6ff55ba725bade20000000000000000","2":"0xe1b6f5914478f50d0000000000000000","3":"0xe7099356e49737840000000000000000","4":"0x8500b2d42dd1e06e0000000000000000","5":"0x14e829936dd393fe0000000000000000"},"debug_key":"3873248904000042545","debug_reporting":true,"destination":"https://meimonkai.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370239704"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"2681746450611449729"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Sep 2023 21:57:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc6ff55ba725bade20000000000000000","2":"0xe1b6f5914478f50d0000000000000000","3":"0xe7099356e49737840000000000000000","4":"0x8500b2d42dd1e06e0000000000000000","5":"0x14e829936dd393fe0000000000000000"},"debug_key":"3873248904000042545","debug_reporting":true,"destination":"https://meimonkai.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370239704"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"2681746450611449729"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FC68
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGEc2SI3_ZLHWHtigpt8Pl-aW2AeOjvPncqOoksb3EdrZHhABIKGwvS9gidvFhPQToAHY0cWwAcgBBqkCu8a3vodUPT6oAwHIA8sEqgT2AU_Q9kYbsjvINwRwLnRLZe7bpSPsltCCSol0O35...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe70993...

0
0

108ms
49ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%223829037929514951763%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217628509063824412417%22}&andc=true

Requested by

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0xc6ff55ba725bade20000000000000000","2":"0xe1b6f5914478f50d0000000000000000","3":"0xe7099356e49737840000000000000000","4":"0x8500b2d42dd1e06e0000000000000000","5":"0x14e829936dd393fe0000000000000000"},"debug_key":"3829037929514951763","debug_reporting":true,"destination":"https://meimonkai.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370239704"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"17628509063824412417"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Sep 2023 21:57:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc6ff55ba725bade20000000000000000","2":"0xe1b6f5914478f50d0000000000000000","3":"0xe7099356e49737840000000000000000","4":"0x8500b2d42dd1e06e0000000000000000","5":"0x14e829936dd393fe0000000000000000"},"debug_key":"3829037929514951763","debug_reporting":true,"destination":"https://meimonkai.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["370239704"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"17628509063824412417"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ Frame D6CC 34 B
93 B 177ms
22ms XHR
application/json 34.120.96.193
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=3929&vid=01HA33ZSEWDGAVK30AM2NXQZWM
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.96.193 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 193.96.120.34.bc.googleusercontent.com
Software: /
Resource Hash: d632bb47cf1294a49186e527adabf5543006874a8b2c6a2ff706d5ff0f5465c7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-origin: https://crypto.livertadquest.com
date: Mon, 11 Sep 2023 21:57:29 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34
content-type: application/json

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CA8 37 KB
15 KB 11ms
10ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 09:34:56 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 153ms
48ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA3
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmQt1VaVW-kwxtJwj6yAkO-fCWSYmMDUu8VGCzz1uFTHhQcfSdMQPWAZ5EgyJoxBJ3cZvv8cRrac00...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQt1VaVW-kwxtJwj6yAkO-fCWSYmMDUu8VGCzz1uFTHhQcfSdMQPWAZ5EgyJoxBJ3cZvv8cRrac00ifNBcWVfxY2JouMtk5Bw&google_hm=RGtzdGs2RzR2SnJzb...

170 B
188 B

52ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQt1VaVW-kwxtJwj6yAkO-fCWSYmMDUu8VGCzz1uFTHhQcfSdMQPWAZ5EgyJoxBJ3cZvv8cRrac00ifNBcWVfxY2JouMtk5Bw&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQt1VaVW-kwxtJwj6yAkO-fCWSYmMDUu8VGCzz1uFTHhQcfSdMQPWAZ5EgyJoxBJ3cZvv8cRrac00ifNBcWVfxY2JouMtk5Bw&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=pc1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA3
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEI6HdIv1GhqTw-ogx3GyDvs&google_cver=1&google_push=AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1q...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1qURVEoVAIWSQiyw&google_hm=iXbiBgR1R6y...

170 B
188 B

49ms
48ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1qURVEoVAIWSQiyw&google_hm=iXbiBgR1R6y-E3xUn9o2eg==

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1qURVEoVAIWSQiyw&google_hm=iXbiBgR1R6y-E3xUn9o2eg==
Date: Mon, 11 Sep 2023 21:57:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
200 asr
aid.send.microad.jp/g/ Frame EAA3 43 B
641 B 61ms
19ms Image
image/gif 202.233.84.1
MICROAD MicroAd

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aid.send.microad.jp/g/asr?google_gid=CAESEPBC22OnJS9msKghI3aJ2m4&google_cver=1&google_push=AXcoOmRZ6IlrUIdw4Gd3dAIsWroNwI1bsvwtRNC-2bQyAkP5YWft1UpDXPKCmqBP1hnrFxGjvzMQnjof4a4cWVL2ioEWzDuCk4EbFA

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),

Reverse DNS

Software

Apache /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:29 GMT
Strict-Transport-Security: max-age=3600
Server: Apache
P3P: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Connection: close
Access-Control-Allow-Headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length: 43

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame EAA3 42 B
213 B 96ms
60ms Image
image/gif 34.111.79.67
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESED5PtcjnuCwEUzQ2oDIbv2g&google_cver=1&google_push=AXcoOmRD4Tc9EjlA8HJ_fs_0GUTn-NeZV5crKYPSRmf_RqXE-I79skIHVeSh7zHln3eeIiKoakVW8fjKM-_jujZCCLk0vt1bE7G-YqU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=4021896486&pi=t.aa~a.2645554626~rp.4&w=300&lmt=1694437048&nsk=380783e2&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2122&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=zGBvcgnvT2&p=https%3A//crypto.livertadquest.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.79.67 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 67.79.111.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
via: 1.1 google
last-modified: Tue, 28 Jun 2022 14:08:50 GMT
server: nginx
etag: "62bb0b72-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA3
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEJ8WjMJmARvVYhnQwvzF6-g&google_cver=1&google_push=AXcoOmTKooMZveBPPqiCxYf9whqI8kl8wlp9DZJWqaGRu-rU2FBDUsuT3Cwoix4BGUUnG5sLaHpL4J0_LlKbNqV...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=o1iVMtdOUKlAGmC2JHRMApnwroU&google_push=AXcoOmTKooMZveBPPqiCxYf9whqI8kl8wlp9DZJWqaGRu-rU2FBDUsuT3Cwoix4BGUUnG5sLaHpL4J0_LlKbNq...

170 B
188 B

51ms
50ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=o1iVMtdOUKlAGmC2JHRMApnwroU&google_push=AXcoOmTKooMZveBPPqiCxYf9whqI8kl8wlp9DZJWqaGRu-rU2FBDUsuT3Cwoix4BGUUnG5sLaHpL4J0_LlKbNqVNLtN6GxQwfRsrDAg

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=o1iVMtdOUKlAGmC2JHRMApnwroU&google_push=AXcoOmTKooMZveBPPqiCxYf9whqI8kl8wlp9DZJWqaGRu-rU2FBDUsuT3Cwoix4BGUUnG5sLaHpL4J0_LlKbNqVNLtN6GxQwfRsrDAg
Date: Mon, 11 Sep 2023 21:57:30 GMT
Connection: keep-alive
Content-Length: 245
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA3
Redirect Chain

https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEBLTSmOYcJybxRlXHyTk0G0&google_cver=1&google_push=AXcoOmQfg5pyNCgVt9lTB0J49TVwIJHGRr8ZK2zUQrZ41Ujx1O_tEwUeYnYjNMIFtoTxldyAwtfTuwXvxUbnUw1KeO...
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDU1MzA0NTYwNDU0MzM3MjA&google_push=AXcoOmQfg5pyNCgVt9lTB0J49TVwIJHGRr8ZK2zUQrZ41Ujx1O_tEwUeYnYjNMIFtoTxldyAwtfTuwXvxUbnUw1KeOVV...

170 B
188 B

54ms
54ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDU1MzA0NTYwNDU0MzM3MjA&google_push=AXcoOmQfg5pyNCgVt9lTB0J49TVwIJHGRr8ZK2zUQrZ41Ujx1O_tEwUeYnYjNMIFtoTxldyAwtfTuwXvxUbnUw1KeOVVBtKfzzIOoKc

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTQwNDU1MzA0NTYwNDU0MzM3MjA&google_push=AXcoOmQfg5pyNCgVt9lTB0J49TVwIJHGRr8ZK2zUQrZ41Ujx1O_tEwUeYnYjNMIFtoTxldyAwtfTuwXvxUbnUw1KeOVVBtKfzzIOoKc
Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EAA3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEFCk4pMZ4WWpCZ6GgZarqis&google_cver=1&google_push=AXcoOmTU-kuR-B69Z2buWKmhLGjIgKjQ-EeM3MfKzuSYQyGUk0YSb5W2WuF7FNmbLEDLVg6qW3XxmsaAyS1M...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU-kuR-B69Z2buWKmhLGjIgKjQ-EeM3MfKzuSYQyGUk0YSb5W2WuF7FNmbLEDLVg6qW3XxmsaAyS1MVsIexxnrT1LcpEW4lyY

170 B
188 B

59ms
58ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU-kuR-B69Z2buWKmhLGjIgKjQ-EeM3MfKzuSYQyGUk0YSb5W2WuF7FNmbLEDLVg6qW3XxmsaAyS1MVsIexxnrT1LcpEW4lyY

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTU-kuR-B69Z2buWKmhLGjIgKjQ-EeM3MfKzuSYQyGUk0YSb5W2WuF7FNmbLEDLVg6qW3XxmsaAyS1MVsIexxnrT1LcpEW4lyY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EAA3 0
12 B 53ms
51ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JAHfLwPDUCVt8jEo2Cr6N80-xg08SYseJgrWoYpzC-OZ9CDqrheEN_7OLfrBRksYLRNx5c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK bbcedb5e5aacc603fb3a99afb8911f40 Show response
adm.shinobi.jp/net/ Frame D300 1 KB
1 KB 19ms
19ms Script
application/javascript 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://adm.shinobi.jp/net/bbcedb5e5aacc603fb3a99afb8911f40?rid=b002e526-605b-4f9b-8ed7-ec7c49e73c3a&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&referrer=&du=https%3A%2F%2Fcrypto.livertadquest.com%2F&bid=921d2d42-47ea-4849-a804-70316d6ac561&callback=window.__admax_render__.render_adnet&sc=1&tm=0&rand=89954460528
Requested by: Host: adm.shinobi.jp
URL: https://adm.shinobi.jp/st/net.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: 6eb8a304c3df3a16dc4dd33a3289f4d01c8ceb0fb11c8234629b8fe08bd37fe4

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: openresty
Connection: keep-alive
Content-Length: 1155
Content-Type: application/javascript;charset=utf-8

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6C6F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

67ms
67ms

Document
text/html

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
expires: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame B6C7 37 KB
14 KB 15ms
14ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 09:34:56 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 117ms
48ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%223873248904000042545%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222681746450611449729%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5831
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFrXzJSmj_xGwdCYPD3GWbU&google_cver=1&google_push=AXcoOmR-BGlyRQ51mXXy4fAF2t1V2F5sRm_vjhqbJAWeHRNzduvyNep6eNwtJ9W1TxKR-4zwetxY9WDPZxpdf6nCmCyFqL375ra540w
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk0MDAwMDEzNTE0MzI2MzA1NA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFrXzJSmj_xGwdCYPD3GWbU&google_cver=1

43 B
398 B

855ms
168ms

Image
image/gif

50.116.239.135
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFrXzJSmj_xGwdCYPD3GWbU&google_cver=1
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFrXzJSmj_xGwdCYPD3GWbU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5831
Redirect Chain

https://fksnk.com/cs/google?google_gid=CAESEHIJlazMr1ZxUEMtte1sOUg&google_cver=1&google_push=AXcoOmSJsUli7weGk5OxsOu9TjseU1x-livqACDz_J6HQoMdGU7EkDXNWmEG3yTsjmwiKpngsKJ805LOogiYwHrZfws_JpNZCn846Q
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODVFNjg5OTlFMzcxRjE2QQ==

170 B
188 B

53ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODVFNjg5OTlFMzcxRjE2QQ==

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=ODVFNjg5OTlFMzcxRjE2QQ==
date: Mon, 11 Sep 2023 21:57:30 GMT
content-language: en-US
content-type: text/html;charset=ISO-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5831
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESENolHGDbnOhjFJqBki84rlE&google_cver=1&google_push=AXcoOmRA45jzuYiWPswALxQyUvsHjuD_bZCa02LJxsMTy7dmBpw_39FF2CxZOtPhfLNwopLEbqzcjSN1MnreMrh8Ud5qO3JbOWtboLg
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRA45jzuYiWPswALxQyUvsHjuD_bZCa02LJxsMTy7dmBpw_39FF2CxZOtPhfLNwopLEbqzcjSN1MnreM...

170 B
188 B

54ms
54ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRA45jzuYiWPswALxQyUvsHjuD_bZCa02LJxsMTy7dmBpw_39FF2CxZOtPhfLNwopLEbqzcjSN1MnreMrh8Ud5qO3JbOWtboLg

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 11 Sep 2023 21:57:29 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=UFBoeXpZcVZCcVdMdWFTY1NJM19aQQ%3D%3D&google_push=AXcoOmRA45jzuYiWPswALxQyUvsHjuD_bZCa02LJxsMTy7dmBpw_39FF2CxZOtPhfLNwopLEbqzcjSN1MnreMrh8Ud5qO3JbOWtboLg
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 246

GET
H/1.1

200
OK

send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 5831
Redirect Chain

https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaAdf9wiKku3M6hBEKekQU&google_cver=1&google_push=AXcoOmST_sGPgMTEO5v8murfJNSYu8_CQtzmOhyTDyH62htg3uWu9CaHpETvlm_0...
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaAdf9wiKku3M6hBEKekQU&google_cver=1&google_push=AXcoOmST_sGPgMTEO5v8murfJNSYu8_CQtzmOhyTDyH62htg3uWu9CaHpETvlm_0...

43 B
243 B

90ms
14ms

Image
image/gif

220.150.223.50
BEKKOAME BEKKOAME...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaAdf9wiKku3M6hBEKekQU&google_cver=1&google_push=AXcoOmST_sGPgMTEO5v8murfJNSYu8_CQtzmOhyTDyH62htg3uWu9CaHpETvlm_0Z_LR-2hsdJ3xp7H3xDLOkHRUJbB0Qud3lwNEhiyY&uid-set=1
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Server: 220.150.223.50 , Japan, ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP),
Reverse DNS: 50.223.150.220.in-addr.arpa
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: nginx
Content-Type: image/gif
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 43
expires: -1

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: nginx
P3P: CP='CAO PSA CONi OTR OUR DEM ONL'
Location: http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEJaAdf9wiKku3M6hBEKekQU&google_cver=1&google_push=AXcoOmST_sGPgMTEO5v8murfJNSYu8_CQtzmOhyTDyH62htg3uWu9CaHpETvlm_0Z_LR-2hsdJ3xp7H3xDLOkHRUJbB0Qud3lwNEhiyY&uid-set=1
Cache-Control: no-store,no-cache
Connection: close
Content-Length: 0
expires: -1

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 5831
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESELF8HQH12uWn03PuVQiD8uo?ext-param=AXcoOmR19FFkw1FvfJ5vA1bm8AHNJjwrJ6kPDjnOekop4wi7jGaBsrm4zVgFgUrcu-70uK8_VX2HxRt7RUi8aQi8i-28yiZGol4i_zU&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESELF8HQH12uWn03PuVQiD8uo?redir-setuniq=1&ext-param=AXcoOmR19FFkw1FvfJ5vA1bm8AHNJjwrJ6kPDjnOekop4wi7jGaBsrm4zVgFgUrcu-70uK8_VX2HxRt7RUi8aQi8i-28yiZGol4i_zU&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESELF8HQH12uWn03PuVQiD8uo&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

316ms
315ms

Image
image/gif

93.158.134.90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

93.158.134.90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

bs.yandex.ru

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 26 Aug 2024 21:57:31 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:31 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 5831
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEDKLziLg_i5l...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZGY3ZTY0YzAtNjAxYi00ZDgzLWIxNjItMzhmOTlhOWY5ODA5&google_push=AXcoOmSXRrGP2qiL1p5xOaheLs3hd-pAjMv2L3Axj24XJs_BgkpCK8TIXg_98XNjA4Xsl...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

16ms
16ms

Image
image/gif

23.45.61.118
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-45-61-118.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

expires: Mon, 11 Sep 2023 21:57:29 GMT
pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 5831
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEC07j-SP6xEPn2WipMawk6E&google_cver=1&google_push=AXcoOmSfvC9FMYqfca_F-T0ecd-6nB8ahu7XdKLpgszFYsNxu_EoQgrC85WTPs1oLqJQc5ym_KxEcUwE_8FF00HKQKdO...
https://sync.gonet-ads.com/match/google?google_gid=CAESEC07j-SP6xEPn2WipMawk6E&google_cver=1&google_push=AXcoOmSfvC9FMYqfca_F-T0ecd-6nB8ahu7XdKLpgszFYsNxu_EoQgrC85WTPs1oLqJQc5ym_KxEcUwE_8FF00HKQKdO...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1Yjk4YzYzMzBhM2RhMw&google_push=AXcoOmSfvC9FMYqfca_F-T0ecd-6nB8ahu7XdKLpgszFYsNxu_EoQgrC85WTPs1oLqJQc5ym_KxEcUwE_8FF00HKQKdOdw1...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Mjg1Yjk4YzYzMzBhM2RhMw&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
490 B

458ms
19ms

Image
image/gif

142.250.199.102

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

142.250.199.102 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 18:57:08 GMT
x-content-type-options: nosniff
age: 10825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Sep 2023 18:57:08 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5831 0
12 B 53ms
52ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KhFu5j-aW3FUo5JHWc1PaK0BGpqgmfwgJGELiNrAAqyQu3ve6Ig0TogAP9ArGOzJy3iP_FCybZnQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 109ms
51ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc6ff55ba725bade20000000000000000%22,%222%22:%220xe1b6f5914478f50d0000000000000000%22,%223%22:%220xe7099356e49737840000000000000000%22,%224%22:%220x8500b2d42dd1e06e0000000000000000%22,%225%22:%220x14e829936dd393fe0000000000000000%22},%22debug_key%22:%223829037929514951763%22,%22debug_reporting%22:true,%22destination%22:%22https://meimonkai.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22370239704%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217628509063824412417%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C235
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_cver=1&google_push=AXcoOmTURVZk0n6LqI9OhHw7tQW4ADRfAhZmgI9GSIaOVA_kpNlIPjO...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=62c13b3243be2034&is_secure=true&networkId=14000&version=1&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_cver=1&google_push=AXcoOmTURVZk...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALcOH-_uOtqQNco_pzAAAAAAA&expiration=1694555851&google_cver=1&is_secure=true&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9...

170 B
188 B

54ms
53ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALcOH-_uOtqQNco_pzAAAAAAA&expiration=1694555851&google_cver=1&is_secure=true&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_push=AXcoOmTURVZk0n6LqI9OhHw7tQW4ADRfAhZmgI9GSIaOVA_kpNlIPjOtmHfnq_ntDd8xRFZeYPumkNEy5d-8wIFIIgtleYasjJLYmnc

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:31 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAALcOH-_uOtqQNco_pzAAAAAAA&expiration=1694555851&google_cver=1&is_secure=true&google_gid=CAESEPPfgXan_bnoA7Y8sBOd9Q0&google_push=AXcoOmTURVZk0n6LqI9OhHw7tQW4ADRfAhZmgI9GSIaOVA_kpNlIPjOtmHfnq_ntDd8xRFZeYPumkNEy5d-8wIFIIgtleYasjJLYmnc
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C235
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEPaInQyvwZi7TqoyEbH5A4g&google_cver=1&google_push=AXcoOmQnT97JvWpi6jq_TRTiEBh33TvwzeGMUaPKsASgwCPSi0feHnU16EBIcuRQa63dIQjHHBwvP...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQnT97JvWpi6jq_TRTiEBh33TvwzeGMUaPKsASgwCPSi0feHnU16EBIcuRQa63dIQjHHBwvPfFbvEc07rvCEfu7rkveaKvcnA&google_hm=RGtzdGs2RzR2SnJzb...

170 B
188 B

50ms
50ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQnT97JvWpi6jq_TRTiEBh33TvwzeGMUaPKsASgwCPSi0feHnU16EBIcuRQa63dIQjHHBwvPfFbvEc07rvCEfu7rkveaKvcnA&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=sp1

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:29 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmQnT97JvWpi6jq_TRTiEBh33TvwzeGMUaPKsASgwCPSi0feHnU16EBIcuRQa63dIQjHHBwvPfFbvEc07rvCEfu7rkveaKvcnA&google_hm=RGtzdGs2RzR2SnJzbkN6M3VGT29KOEFSa0Zn&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C235
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTM0YWEzMTYtYjQ0NS00NmRiLThkYTctMGQyZWQ4ZmVhYmM3&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmQ6...

170 B
188 B

52ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTM0YWEzMTYtYjQ0NS00NmRiLThkYTctMGQyZWQ4ZmVhYmM3&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmQ6yzgm1rQQCz_njpwQYShei8VRfY1Oo_qQ1jAXoemd6VGQQE4VoIt1JylHScTqmb1f4ildC_oz_0u7ibDP1qA5BHpEbFbHsB8

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTM0YWEzMTYtYjQ0NS00NmRiLThkYTctMGQyZWQ4ZmVhYmM3&google_gid=CAESEMa9IVPUnRDZ7138N_HVWB4&google_cver=1&google_push=AXcoOmQ6yzgm1rQQCz_njpwQYShei8VRfY1Oo_qQ1jAXoemd6VGQQE4VoIt1JylHScTqmb1f4ildC_oz_0u7ibDP1qA5BHpEbFbHsB8
date: Mon, 11 Sep 2023 21:57:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C235
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESELuV2AvZb7s8HCcqWpsF-3c&google_cver=1&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUY...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESELuV2AvZb7s8HCcqWpsF-3c&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUY...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUYAZMUOg4ouvhrvU-dw&google_hm=Z1N6T1VuV0NMRkd5aH...

170 B
188 B

51ms
51ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUYAZMUOg4ouvhrvU-dw&google_hm=Z1N6T1VuV0NMRkd5aHNtVVVFY24=

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:30 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTe2zSMKAtiDbm3FopaovJbd6I2LBN63QkZSWOWMxlkXPpQJ-Z7UsVZ5WGoe219tsFe0bgOGIafqBvUYAZMUOg4ouvhrvU-dw&google_hm=Z1N6T1VuV0NMRkd5aHNtVVVFY24=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C235
Redirect Chain

https://sync.dsp.reemo-ad.jp/google_adx?google_gid=CAESEKC7kZ3Z2_alZH_PWMoZ3Jc&google_cver=1&google_push=AXcoOmSsiIMpZc5DPLHc6lbiGdpvCaTGlOj0nEiSMhp_BvaQffqE3hkvXaTHEHOZ6wXjVgTx0Xdiy7AoPGMdRvKTkk52...
https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmSsiIMpZc5DPLHc6lbiGdpvCaTGlOj0nEiSMhp_BvaQffqE3hkvXaTHEHOZ6wXjVgTx0Xdiy7AoPGMdRvKTkk52qc0ECtmvZNU

170 B
188 B

53ms
53ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmSsiIMpZc5DPLHc6lbiGdpvCaTGlOj0nEiSMhp_BvaQffqE3hkvXaTHEHOZ6wXjVgTx0Xdiy7AoPGMdRvKTkk52qc0ECtmvZNU

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=gmo_ad_marketing&google_push=AXcoOmSsiIMpZc5DPLHc6lbiGdpvCaTGlOj0nEiSMhp_BvaQffqE3hkvXaTHEHOZ6wXjVgTx0Xdiy7AoPGMdRvKTkk52qc0ECtmvZNU
date: Mon, 11 Sep 2023 21:57:29 GMT

GET
H/1.1 404
Not Found doubleclick
app.cauly.co.kr/idsync_ssp/ Frame C235 0
161 B 202ms
90ms Image
application/xml 133.186.161.88
NHN-AS-KR NHNCLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEEHfTLoaAk3SRmhnyUygun8&google_cver=1&google_push=AXcoOmRr9-XVCO7j_zncmjQSKPa9pIFcp9gkYTjr7eLN8AJCkKGy0HnygFUtJLkzkaVNfbN2u3Gl9PgTC8axG7M7xzV3BhSgykL0Kg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=134&adk=3296851624&adf=3506941749&pi=t.aa~a.2645500157~rp.4&w=300&lmt=1694437048&nsk=22e0985d&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x134&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2253&idt=1&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139%2C300x139&nras=5&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2972&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=Ig4BisQLqa&p=https%3A//crypto.livertadquest.com&dtd=14
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: nginx
Connection: close
Content-Length: 0
Content-Type: Application/xml;charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C235
Redirect Chain

https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESED3duPYgbOLr9JvKO6UZLZQ&google_cver=1&google_push=AXcoOmSgSNnZ_gCGsSgCvEGn0_Xg_x59mBwTVwr6F3u5C1SRKAFtyplgx...
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSgSNnZ_gCGsSgCvEGn0_Xg_x59mBwTVwr6F3u5C1SRKAFtyplgxDuDPIXI3xWRHlI1Zw5x9_ICm-_Ty7ghyHsJX_qi8pOtng4Q&google_hm=QlMuYjMzMy04Nj...

170 B
188 B

57ms
56ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSgSNnZ_gCGsSgCvEGn0_Xg_x59mBwTVwr6F3u5C1SRKAFtyplgxDuDPIXI3xWRHlI1Zw5x9_ICm-_Ty7ghyHsJX_qi8pOtng4Q&google_hm=QlMuYjMzMy04NjNmLTQ4NmMtOWQ3Nw==

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmSgSNnZ_gCGsSgCvEGn0_Xg_x59mBwTVwr6F3u5C1SRKAFtyplgxDuDPIXI3xWRHlI1Zw5x9_ICm-_Ty7ghyHsJX_qi8pOtng4Q&google_hm=QlMuYjMzMy04NjNmLTQ4NmMtOWQ3Nw==
Date: Mon, 11 Sep 2023 21:57:30 GMT
Server: openresty
Connection: close
Content-Length: 142
Content-Type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C235 0
12 B 57ms
54ms Image
text/html 172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LT6anxGxBg-6_uRyrhusW8IgFUYWpBsG7ntarwg5FWoPuwDixK_bjLhtni5STc-cAYtT0xfw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 font
fonts.gstatic.com/l/ Frame D76B 5 KB
5 KB 12ms
12ms Font
text/html 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxoW8mdWsatWUJ8JofSBo1GvMCUJ6lnS9UD4kbS57w&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E8%A9%B3%E7%B4%B0Ano0C%20D3i%E5%9E%8B%E7%B5%B1%E5%90%88sF6u

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

ESF /

Resource Hash

173d0e8d3b0641b40dcf3290d03fd621325e663d5bf44a5e63e08c4721a71689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 15:01:26 GMT
x-content-type-options: nosniff
age: 24963
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5240
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Mon, 11 Sep 2023 15:01:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D76B 15 KB
15 KB 14ms
14ms Font
font/woff2 142.250.207.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-jp,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 12:11:55 GMT
x-content-type-options: nosniff
age: 207934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 12:11:55 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1A55
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

67ms
66ms

Document
text/html

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
expires: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 6A31 37 KB
14 KB 10ms
10ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7562272465611377&output=html&h=139&adk=1250203156&adf=3652115069&pi=t.aa~a.2645502319~rp.4&w=300&lmt=1694437048&nsk=da79bb1e&rafmt=11&pwprc=9937010111&ad_type=text_image&format=300x139&url=https%3A%2F%2Fcrypto.livertadquest.com%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694469448448&bpp=1&bdt=2254&idt=-M&shv=r20230907&mjsv=m202309060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C300x139&nras=4&correlator=7328092068932&frm=20&pv=1&ga_vid=93906344.1694469448&ga_sid=1694469448&ga_hid=237488024&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1124&ady=2535&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076838%2C31077773%2C44798934%2C44800659%2C44798322&oid=2&pvsid=2516439390933523&tmod=1750936957&uas=0&nvt=1&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=iWcRKP6mNv&p=https%3A//crypto.livertadquest.com&dtd=11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 09:34:56 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 69E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

69ms
69ms

Document
text/html

142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
expires: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame FE68 37 KB
14 KB 14ms
13ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 09:34:56 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame D76B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ce6gfSI3_ZMxglKOm3w_FporAC4y59exyqrWd05IRsdKBvOcCEAEgobC9L2CJ28WE9BOgAfOww8YDyAEJqAMByAPLBKoE9gFP0A_AmI3pjzI8STVNk4GwnZUI1Gl7xg0zXUA4W74GEcfiu7P...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6eabccf552a8cb420000000000000000%22,%222%22:%220xaed56a9b950a7730000000000000000%22,%223%22:%220x9745b88...

0
0

55ms
55ms

Fetch
text/css

172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x6eabccf552a8cb420000000000000000%22,%222%22:%220xaed56a9b950a7730000000000000000%22,%223%22:%220x9745b881e8c5fed40000000000000000%22,%224%22:%220x1e8786855cfdb82c0000000000000000%22,%225%22:%220x842c067cf2bfa4680000000000000000%22},%22debug_key%22:%2212546897442936889035%22,%22debug_reporting%22:true,%22destination%22:%22https://autodesk.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22953210995%22],%224%22:[%2209-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213770422695475229025%22}&andc=true

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x6eabccf552a8cb420000000000000000","2":"0xaed56a9b950a7730000000000000000","3":"0x9745b881e8c5fed40000000000000000","4":"0x1e8786855cfdb82c0000000000000000","5":"0x842c067cf2bfa4680000000000000000"},"debug_key":"12546897442936889035","debug_reporting":true,"destination":"https://autodesk.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["953210995"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"13770422695475229025"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 11 Sep 2023 21:57:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x6eabccf552a8cb420000000000000000","2":"0xaed56a9b950a7730000000000000000","3":"0x9745b881e8c5fed40000000000000000","4":"0x1e8786855cfdb82c0000000000000000","5":"0x842c067cf2bfa4680000000000000000"},"debug_key":"12546897442936889035","debug_reporting":true,"destination":"https://autodesk.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["953210995"],"4":["09-11"],"6":["true"]},"priority":"500","source_event_id":"13770422695475229025"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

B29172300.358174075;dc_pre=CImuhM3Go4EDFR1XlgodNXYCWA;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/ Frame D76B
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/B29172300.358174075;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/B29172300.358174075;dc_pre=CImuhM3Go4EDFR1XlgodNXYCWA;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag...

42 B
246 B

67ms
65ms

Image
image/gif

172.217.175.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/B29172300.358174075;dc_pre=CImuhM3Go4EDFR1XlgodNXYCWA;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Requested by

Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/

Protocol

Server

172.217.175.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s19-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N430403.3447745ADWORDSGDN/B29172300.358174075;dc_pre=CImuhM3Go4EDFR1XlgodNXYCWA;dc_trk_aid=549048663;dc_trk_cid=185589475;ord=3743864142;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads.js Show response
spdeliver.i-mobile.co.jp/script/ Frame DA9F 41 KB
13 KB 366ms
17ms Script
application/javascript 18.65.168.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Requested by: Host: adm.shinobi.jp
URL: https://adm.shinobi.jp/st/net.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-21.nrt57.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:34:55 GMT
content-encoding: gzip
via: 1.1 a023f61004e0a475cd665d3783003a74.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 01:24:56 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT57-P1
age: 1373
x-powered-by: ASP.NET
etag: W/"0a4121c2ae1d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: P0jyPqR3hBqlpu9GXxYdVSihvvptTAf0xzQM5ABeAb9FOX2Ir23iqg==

GET
H/1.1 200
OK ib
adm.shinobi.jp/ Frame D300 43 B
206 B 16ms
15ms Image
image/gif 202.228.215.14
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adm.shinobi.jp/ib?c=TgEh0wrY7eY-m3eog-h8ZnzqQw7BlPHCxKI9vM1P5sis2Kgu4mFw6ePBf2Hf-KgQOIeqPy7bcPu78NYrXxKcM783Jvh0sNDe_vCR_xErs-6uD3SrQ7x6nfFvAS4kSAVX1r3s0cMe-ccIqOn9Jest-3_Sz3cJeMXq5rXe5iNzH85AwgaNdn2fr6_uVjvqHeHDof_mR0NMAO17fpTjHthcJhGEj8vR_H5338CHQVQZX8Ziy1nClcjT5o9Wzyo2Vw_rKZXwMTAJ3ttBd-4lX6tZ6x0kaSAxqolk3kTyMHVIEcw&i=3tQzmdh0
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.228.215.14 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: adm.shinobi.jp
Software: openresty /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Mon, 11 Sep 2023 21:57:29 GMT
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame 5ECD 37 KB
14 KB 12ms
12ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44553
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 09:34:56 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 51ms
50ms Preflight
text/html 172.217.26.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.26.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adcore_pc_inline.js Show response
spdeliver.i-mobile.co.jp/script/ Frame DA9F 1 KB
894 B 41ms
41ms Script
application/javascript 18.65.168.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-21.nrt57.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:31:20 GMT
content-encoding: gzip
via: 1.1 a023f61004e0a475cd665d3783003a74.cloudfront.net (CloudFront)
last-modified: Thu, 07 Sep 2023 01:24:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT57-P1
age: 1573
x-powered-by: ASP.NET
etag: W/"04ab0192ae1d91:0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-id: -y51dOlyirA-hQ0UamsMwxwsEj-K9HTMOAysJF6MqOZ5zDb2JFplrw==

GET
H2 200 ad_spot.aspx Show response
spsvcpc-tls.i-mobile.co.jp/ Frame 8DB8 3 KB
3 KB 379ms
21ms Document
text/html 18.65.185.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=62804&asid=1533077&asn=1&width=300&height=250
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/adcore_pc_inline.js?20110201
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-105.nrt57.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 6924922bb53b34f771c50c87666560b603f1428ac09d063f2ff6e9309b02f758

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 2656
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:29 GMT
expires: -1
p3p: CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
pragma: no-cache
server: Microsoft-IIS/10.0
via: 1.1 9bc02c0e66fba3c7d773b9367b192e40.cloudfront.net (CloudFront)
x-amz-cf-id: xIuwiHmWB2AvDTFVQlKg9g8s7vigYq4ANebMGLU7NctMItLBqUJMMQ==
x-amz-cf-pop: NRT57-P2
x-cache: Miss from cloudfront
x-powered-by: ASP.NET

GET
H2

200

/
sync.ad-stir.com/ Frame 5FD4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=united&khaos=LMFFCZC1-28-3Q6B
https://sync.ad-stir.com/?symbol=RUBICON&uid=LMFFCZC1-28-3Q6B

43 B
340 B

16ms
13ms

Image
image/gif

18.176.31.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.ad-stir.com/?symbol=RUBICON&uid=LMFFCZC1-28-3Q6B
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: H2
Server: 18.176.31.142 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-176-31-142.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:30 GMT
cache-control: max-age=300
content-length: 43
content-type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.ad-stir.com/?symbol=RUBICON&uid=LMFFCZC1-28-3Q6B
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 0d2bd05215470efb17ae41aff76c3f98
Expires: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5FD4
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=&expires=30

42 B
691 B

606ms
95ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=96bdd510-8194-4e26-8fff-fb9368c56372&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FD4
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1GRkNaQzEtMjgtM1E2Qg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELnqF7jrBG_mg-vrjnQL8VI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1GRkNaQzEtMjgtM1E2Qg==&google_push=

170 B
188 B

53ms
52ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1GRkNaQzEtMjgtM1E2Qg==&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1GRkNaQzEtMjgtM1E2Qg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 5FD4
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=L1dIXQu8StOCHrMGsFRkNA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L1dIXQu8StOCHrMGsFRkNA

43 B
720 B

194ms
193ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L1dIXQu8StOCHrMGsFRkNA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NR146MXDT70KEPY9H0P7
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=L1dIXQu8StOCHrMGsFRkNA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c80248407eff6cf595ce43a76c04e23f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5FD4
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDFkMGU1OWExYTEwMGM4MTg1ZGE4Njc0YTMzZjA5MGMyNjY4NWQwYg

170 B
188 B

51ms
50ms

Image
image/png

172.217.161.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDFkMGU1OWExYTEwMGM4MTg1ZGE4Njc0YTMzZjA5MGMyNjY4NWQwYg

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC

Protocol

Server

172.217.161.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s09-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDFkMGU1OWExYTEwMGM4MTg1ZGE4Njc0YTMzZjA5MGMyNjY4NWQwYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 5FD4
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMFFCZC1-28-3Q6B

0
143 B

169ms
169ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMFFCZC1-28-3Q6B
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:29 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 7EEA2E0A48BE427C945A87A0F16DA92C Ref B: TYO01EDGE3120 Ref C: 2023-09-11T21:57:30Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFHGmuNUCqWClUXECy0g==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMFFCZC1-28-3Q6B
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5FD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_-jwNVYfUVOA9YhEnW-gs&google_cver=1

42 B
691 B

572ms
98ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_-jwNVYfUVOA9YhEnW-gs&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: dedf7fc216a5bbc739a54325e875a79f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEO_-jwNVYfUVOA9YhEnW-gs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 5FD4
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8tuzmvCrSy-Q-buYU0lpBA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8tuzmvCrSy-Q-buYU0lpBA

43 B
479 B

259ms
259ms

Image
image/gif

67.220.228.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8tuzmvCrSy-Q-buYU0lpBA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC

Protocol

HTTP/1.1

Server

67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Sep 2023 21:57:31 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZHMDBZTH8KMV7GMZSAXN
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8tuzmvCrSy-Q-buYU0lpBA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 5FD4
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/iqYKB1EU24Rgg8eM-6XziMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.v6YyBE2oLO9WAfF1cOiaA8Ut6fNQhCDwcKwg--~A

42 B
691 B

288ms
95ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.v6YyBE2oLO9WAfF1cOiaA8Ut6fNQhCDwcKwg--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=united&endpoint=APAC
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 38ddff6a66d3988dfd0c6ea3be81c5f1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 11 Sep 2023 21:57:30 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-m.v6YyBE2oLO9WAfF1cOiaA8Ut6fNQhCDwcKwg--~A
content-length: 0

GET
H2 200 style.css
spsvcpc-tls.i-mobile.co.jp/css/ Frame 8DB8 5 KB
6 KB 40ms
38ms Stylesheet
text/css 18.65.185.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://spsvcpc-tls.i-mobile.co.jp/css/style.css
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=62804&asid=1533077&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-105.nrt57.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=62804&asid=1533077&asn=1&width=300&height=250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 18:17:24 GMT
via: 1.1 9bc02c0e66fba3c7d773b9367b192e40.cloudfront.net (CloudFront)
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT57-P2
age: 490629
x-powered-by: ASP.NET
etag: "0c827e7f517d81:0"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 5537
x-amz-cf-id: AVDkOTfiTzLV_exyLwW4iBe8J7Tj_q5JNaTy-bfSun1Yy6kj2G5TOQ==

GET
H2 200 ad_creative.ashx
spcdnpc.i-mobile.co.jp/ Frame 8DB8 114 KB
114 KB 23ms
15ms Image
image/jpeg 18.65.168.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spcdnpc.i-mobile.co.jp/ad_creative.ashx?advid=7025605
Requested by: Host: spsvcpc-tls.i-mobile.co.jp
URL: https://spsvcpc-tls.i-mobile.co.jp/ad_spot.aspx?pid=62804&asid=1533077&asn=1&width=300&height=250
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-21.nrt57.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: a3a10e584c92af007f5eb5392494aa3cbcabfea70636c4f45ccc27ab8ce67e42

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://spsvcpc-tls.i-mobile.co.jp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 01:29:30 GMT
via: 1.1 a023f61004e0a475cd665d3783003a74.cloudfront.net (CloudFront)
last-modified: Tue, 29 Aug 2023 03:01:21 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: NRT57-P1
age: 73680
x-powered-by: ASP.NET
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: private
content-length: 116685
x-amz-cf-id: xWKZuYAMfuwPzXx6TrItemSmn0uRWZg9M6viSSM0ShcRgDG52MghCw==
expires: Mon, 01 Jan 0001 00:00:00 GMT

GET
H2 200 RestoreXidToMediaStorage.html Show response
xid.i-mobile.co.jp/ Frame 56FE 1 KB
2 KB 22ms
15ms Document
text/html 18.65.168.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://xid.i-mobile.co.jp/RestoreXidToMediaStorage.html
Requested by: Host: spdeliver.i-mobile.co.jp
URL: https://spdeliver.i-mobile.co.jp/script/ads.js?20101001
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.168.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-168-21.nrt57.r.cloudfront.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1cf9494979497e2751b2b9933adb75ca049dbd1c9ee21a9981c630a83061cf1

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1662
content-length: 1323
content-type: text/html
date: Mon, 11 Sep 2023 21:32:39 GMT
etag: "0c827e7f517d81:0"
last-modified: Wed, 02 Feb 2022 05:29:52 GMT
server: Microsoft-IIS/10.0
via: 1.1 a023f61004e0a475cd665d3783003a74.cloudfront.net (CloudFront)
x-amz-cf-id: L-sz3L5FDLDai-KRsu8-RtBt1XIF37ILx507qeVXfCn8G6pj5rt9FQ==
x-amz-cf-pop: NRT57-P1
x-cache: Hit from cloudfront
x-powered-by: ASP.NET

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D76B 42 B
174 B 80ms
78ms Fetch
image/gif 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsup3Gw4_OCoTelx2L3Kzx7MSrmsnH6vZCSzVk0lrcfeVfor41ii-htDa22Zxf1mKIc1vn7KeUur0o35rteOpqmz_LNoKOZDRSgP6OKBkCsiivcgh1JAUUyL7nxdKUoYHoPbRWj_vsOqbQ&sai=AMfl-YRGIkj3gp6KJVVqjNbt4HMyCM79BYzsegChuKX4h4_doOwO2dGq8bBRSwgCCdeYClaKInqttjNxOg6Vqn8DIVojU_27UPasHQY&sig=Cg0ArKJSzMeMvsOLdMtoEAE&cid=CAQSKQBpAlJWkS4f58h_G22UDVCtpPN1ieIJX1mHk3zw1ShkiYkceE52lXNnGAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230906&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1123443942&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694469447974&rpt=1545&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 239D 0
128 B 22ms
14ms Script
text/plain 207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156851&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:22:11 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 rtct_adp_lib.20200515.min.js Show response
js.gsspcln.jp/j/ Frame 73B1 16 KB
6 KB 14ms
13ms Script
application/javascript 133.186.12.12
TOKAI TOKAI Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://js.gsspcln.jp/j/rtct_adp_lib.20200515.min.js?GenieeDeliveryZoneName=gpb_1214221
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 133.186.12.12 Yokohama, Japan, ASN10010 (TOKAI TOKAI Communications Corporation, JP),
Reverse DNS: p012.net133186012.broadline.ne.jp
Software: nginx /
Resource Hash: 7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:31 GMT
content-encoding: gzip
last-modified: Mon, 14 Aug 2023 06:07:22 GMT
server: nginx
etag: W/"64d9c49a-411a"
content-type: application/javascript
cache-control: max-age=31536000, private
cross-origin-resource-policy: cross-origin
expires: Tue, 10 Sep 2024 21:57:31 GMT

GET
H2 200 cic
aladdin.genieesspv.jp/yie/ld/ Frame 73B1 43 B
239 B 22ms
21ms Image
image/gif 222.230.178.130
VECTANT ARTERIA N...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aladdin.genieesspv.jp/yie/ld/cic?cik=lpSsdcClnEXXP0VnTwVpAqLQT29wbzK6ZYLYyhedU72aUQxA9dWZsp7KXmFKnTu1nMjS2DfebeW2udpN6oMPPjZ7_so&noas=4499836
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 222.230.178.130 Tokyo, Japan, ASN2519 (VECTANT ARTERIA Networks Corporation, JP),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:31 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: image/gif
cache-control: private, max-age=0, no-cache
cross-origin-resource-policy: cross-origin
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 239D 2 KB
2 KB 18ms
17ms Script
text/html 207.65.34.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57960217&p=156851&s=282925&a=1379758&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 1f43df9438ea78458367c17b7acaef99383004d614c7e16995cc9343ad5f2866

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 11 Sep 2023 21:57:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 61A9 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 5756
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937571650038870676&gdpr=0&gdpr_consent=

42 B
444 B

18ms
17ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937571650038870676&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 22508b01-3557-40c9-a3f9-a3dfbe51eecb
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:32 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4937571650038870676&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 153.240.174.133; 153.240.174.133; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7136
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=

42 B
376 B

17ms
16ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:23:47 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Sep 2023 21:57:31 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=o1iVMtdOUKlAGmC2JHRMApnwroU&gdpr=0&gdpr_consent=

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 0A66 43 B
369 B 101ms
54ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Mon, 11 Sep 2023 21:57:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4CEF
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b0cd063de5674455a17038a9c584b4ed

42 B
383 B

15ms
15ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b0cd063de5674455a17038a9c584b4ed
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:16 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html;charset=UTF-8
date: Mon, 11 Sep 2023 21:57:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=b0cd063de5674455a17038a9c584b4ed
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
status: 302
via: 1.1 google
x-xss-protection: 1; mode=block

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 5D42
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
260 B

177ms
176ms

Document
image/png

151.101.194.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP_NSwAMatN2vgA4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Mon, 11 Sep 2023 21:57:32 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-nrt-rjtf7700034-NRT
x-timer: S1694469452.965324,VS0,VE163

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Mon, 11 Sep 2023 21:57:31 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZP_NSwAMatN2vgA4
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-nrt-rjtf7700034-NRT
x-timer: S1694469452.785999,VS0,VE163

GET
H2 200 pxd Show response
dps.jp.cinarra.com/ Frame 6596 0
38 B 65ms
19ms Document
text/plain 52.197.41.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=3ABE94AE-DE43-4981-913E-1544E059E3EB
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.41.226 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-41-226.ap-northeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

content-length: 0
date: Mon, 11 Sep 2023 21:57:31 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame C53A
Redirect Chain

https://gocm.c.appier.net/pubmatic
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PPhyzYqVBqWLuaScSI3_ZA

42 B
279 B

17ms
16ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PPhyzYqVBqWLuaScSI3_ZA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:57:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control: no-store
content-length: 153
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:31 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=PPhyzYqVBqWLuaScSI3_ZA
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: nginx

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5AA2
Redirect Chain

https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU27d0c64fb3e54c558674fd9fd740378f

42 B
280 B

15ms
15ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU27d0c64fb3e54c558674fd9fd740378f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:57:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 166
content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU27d0c64fb3e54c558674fd9fd740378f
pragma: no-cache
server: Tengine

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 16DA
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ibiryozmca5z

42 B
308 B

16ms
15ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ibiryozmca5z
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:57:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Mon, 11 Sep 2023 21:57:32 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=ibiryozmca5z
lws: 122
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET /
csync.loopme.me/ Frame 2AF0 0
0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 0818
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:It4OykU51QFOUs5&gdpr=0&gdpr_consent=

42 B
299 B

14ms
13ms

Document
image/gif

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:It4OykU51QFOUs5&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 11 Sep 2023 21:22:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 11 Sep 2023 21:57:31 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:It4OykU51QFOUs5&gdpr=0&gdpr_consent=
Pragma: no-cache
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-09d5f3eb327961841@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 239D
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=

1 B
253 B

17ms
15ms

Image
text/html

207.65.34.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: crypto.livertadquest.com
URL: https://crypto.livertadquest.com/
Protocol: H2
Server: 207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Mon, 11 Sep 2023 21:57:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2940000135143263054&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Mon, 11 Sep 2023 21:57:31 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 60ms
60ms XHR
application/json 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230907&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

f09f1c9b71c5721ef8c3bc149b3b82c483bde85b41b662306b8a2babb7a77322

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11744
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A11E 15 KB
6 KB 572ms
16ms Document
text/html 182.161.74.11

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto.livertadquest.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 301516
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 BUSD.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 696 B
830 B 26ms
25ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/BUSD.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 82ef31a5641598b36253377b37d119a43eefc08140d08de1e80250c978ffb3ee

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
last-modified: Sat, 05 Mar 2022 11:57:10 GMT
server: nginx
accept-ranges: bytes
etag: "2b8-5d97754ceab74"
content-length: 696
content-type: image/png

GET
H2 200 JASMY.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 3 KB
3 KB 44ms
43ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/JASMY.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 4202486f70245a289adf12450f87f00c54af39bb55cd1158b6c4f2c46f2edd5e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
last-modified: Thu, 17 Mar 2022 05:58:58 GMT
server: nginx
accept-ranges: bytes
etag: "c07-5da63b9dd809c"
content-length: 3079
content-type: image/png

GET
H2 200 XEM.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 830 B
964 B 44ms
43ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/XEM.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 299886ee6459db02a42fa2911e8b0b272bfb0969b6a5680cc31a89be13dd2c1e

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
last-modified: Sat, 05 Mar 2022 11:57:26 GMT
server: nginx
accept-ranges: bytes
etag: "33e-5d97755c1354d"
content-length: 830
content-type: image/png

GET
H2 200 XYM-150x150.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 9 KB
9 KB 58ms
58ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/XYM-150x150.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 7762f7afc360caf997c2c4b6800705f658b738fa4b84d1698cb51af3364cafd4

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
last-modified: Sat, 05 Mar 2022 11:57:30 GMT
server: nginx
accept-ranges: bytes
etag: "2303-5d97755f9dd35"
content-length: 8963
content-type: image/png

GET
H2 200 MONA.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 3 KB
3 KB 43ms
42ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/MONA.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: bb099b1257230336a8379fc0b704aa94cf11fa4da490670f59886cd3852000e3

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
last-modified: Thu, 17 Mar 2022 06:00:31 GMT
server: nginx
accept-ranges: bytes
etag: "a3a-5da63bf6cc7f7"
content-length: 2618
content-type: image/png

GET
H2 200 gmocoin_trade2-100x100.jpg
crypto.livertadquest.com/wp-content/uploads/2022/05/ 3 KB
3 KB 60ms
59ms Image
image/jpeg 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/05/gmocoin_trade2-100x100.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 4c76e6ec858d0d9c51a295c69938ce1784cc1b0c03bdfdee19f83e5849bdcf8a

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:32 GMT
last-modified: Thu, 19 May 2022 12:24:36 GMT
server: nginx
accept-ranges: bytes
etag: "b8b-5df5c75045c32"
content-length: 2955
content-type: image/jpeg

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
116ms Script
text/javascript 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309060101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Sep 2023 21:57:33 GMT

GET
H2 200 DOT.png
crypto.livertadquest.com/wp-content/uploads/2022/03/ 2 KB
2 KB 25ms
25ms Image
image/png 183.90.238.3
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crypto.livertadquest.com/wp-content/uploads/2022/03/DOT.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.238.3 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2302.xserver.jp
Software: nginx /
Resource Hash: 12a139b0d37f0867969fb2949d4a80bd8aeeac727913f16674c1b8a8cbcd03bd

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:33 GMT
last-modified: Sat, 05 Mar 2022 11:57:13 GMT
server: nginx
accept-ranges: bytes
etag: "892-5d97754f4cd2c"
content-length: 2194
content-type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B999 13 KB
5 KB 20ms
18ms Document
text/html 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

accept-ranges: bytes
age: 69134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 02:45:19 GMT
expires: Tue, 10 Sep 2024 02:45:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 121E 829 B
993 B 52ms
51ms Document
text/html 142.251.42.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.164 Marriottsville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f4.1e100.net

Software

GSE /

Resource Hash

dd27d688fcb628ea933925ce527eeac93f7561cda801b4fe657aa49f028c9d0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8FN7T6kgDLPfkEbR6qs-3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://crypto.livertadquest.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: jp-jp,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-8FN7T6kgDLPfkEbR6qs-3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Sep 2023 21:57:33 GMT
expires: Mon, 11 Sep 2023 21:57:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js Show response
pagead2.googlesyndication.com/bg/ Frame B999 37 KB
14 KB 13ms
12ms Script
text/javascript 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Uw2xNewqLMvs4rZz24Xmy1GvWBTM7qWVeNEZF5moV5c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

sffe /

Resource Hash

530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Sep 2024 09:34:56 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 121E 0
0 51ms
51ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230907&jk=2516439390933523&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s71-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame B999 0
41 B 12ms
11ms Image
text/plain 142.251.42.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zIUQ4g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.42.161 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s46-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame A11E 476 B
583 B 57ms
56ms Fetch
application/json 182.161.74.11

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=livertadquest.com&sn=ChromeSyncframe&so=0&topUrl=crypto.livertadquest.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto.livertadquest.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

3d63faac9e70b48352d0371f46cb09ef7e78c61fc19e9b9a64d4366bddac206b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=crypto.livertadquest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Sep 2023 21:57:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1120354
expires: 0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 239D 0
128 B 16ms
16ms Script
text/plain 207.65.34.74
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156851&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.34.74 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Mon, 11 Sep 2023 21:57:33 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
52ms Image
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230907&jk=2516439390933523&bg=!3N-l35DNAAa6D61Rmg87ADQBe5WfOGmAQuGqNaI5SyFwOTiHhylXz66eKo_Vo_RwkUS7XqNJkPV5QJkXloU9oefrsg6hAgAAATRSAAAABWgBB5kCuivqoyM5io-r9hM89evKHLQ7SYRmU8xL2qLLWY6uvdqDUoDqyaPsYnhJFOVRMQ1WukgRIxuOB6dqjxX87OhemcCRYKkbaDHEdHmEpU3Q5MxvX113xdUD4W8_qBuguIivDH42i_5rp51CXrh0GUHjhRptXP_twZur4Hl2uQKGPpqTDHdz6mS06HJHOZZxy9K-KvF8WevXr0OUiDtr_jxj3hIhYyoY9gxHfkFXIGgy-RFyaCI1e6Vl3RJw596pxhxD7y8i6AZrs_vdDUoDWmTPgm7zLIDjf9wpgfiKp1ZZojgtut5S1JAI5CG2_DWI5ZJkOZLCPZmE65D2Sbg-PO6ICOqFVPEaCCUll4ngGXLKgmAtwsNhuxvuYRhyBwjlHa4y70kEXp8o2zVvCBm2iOYhPpqd9CCA0Lz_YeZcu4mElrnnSfmnghTgFdq84d7ZAf8Rs5v0Z2X7rRYEdr34fedk4xesIhgnGbdzJsbmoLmghNSIU_S21pI-hUT8GeS5gj9BWJfr30bltFXrbB1p33j0v5rH6BjEMCNqCoP00qVrolkBDIThjCJEihw-7jIkrrMsOp90nqRMUnHcQIzqOSK8ZGjim6C2i2TqVElrFS1bCQ0Lg6hYC2qCU6vcP7x0eY_QwS-UhWyxsSUIXEBs7DAPdojOpCWkiLD36gvgMwlvMU-VLB1cG1UR55mWAPWwvvioLEL1Y36t2LNuJgBn70YU-hycmLdFJUMKjMfExY9Cx97gMAZfhbQyPol0YrQUpxvHl5bnREnRODVyrnM7P_Dsqu44aUAuhPUxWLmTi0eUutWwNYQm7E3KunEkMe-GNU6YLW3gJ2p43i97yy39j2Ph5O3P9hzk8TQw0jhsgZvh-pYHQFOELzc2k89p5aoMD0BXZdBWmT3AfHGK6_aYlFuDVGgQ98GquCfrQjiM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s71-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-jp,jp;q=0.9
Referer: https://crypto.livertadquest.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cs.nex8.net
URL: https://cs.nex8.net/cs/openx

Domain: sync-dsp.ad-m.asia
URL: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

144 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
adm.shinobi.jp/	1970-01-20 23:26:45	Name: ninja_adm_uid Value: 2e7da4ac-c00e-4393-80fb-4a74339c0388
.fout.jp/	1970-01-21 00:17:09	Name: uid Value: Dkstk6G4vJrsnCz3uFOoJ8ARkFg
.sync.shinobi.jp/	1970-01-20 23:26:45	Name: ninja_dsp_uid Value: OfSVFHsGg7o1d3TqPvFJZWF-mr-NnePfKZJe95GGquqIJeZx
.ad-stir.com/	1970-01-20 23:26:45	Name: uid Value: 693f6d27-29fe-47c7-8a40-98033e8aea53
.ad-stir.com/	1970-01-20 23:28:11	Name: bpmkv Value: 1
adm.shinobi.jp/	1970-01-20 23:26:45	Name: ninja_adm_by2_uid Value: 693f6d27-29fe-47c7-8a40-98033e8aea53
.sync.shinobi.jp/	1970-01-20 15:01:19	Name: cs1001 Value: 1
.sync.shinobi.jp/	1970-01-20 15:01:19	Name: cs1762 Value: 1
adm.shinobi.jp/	1970-01-20 23:26:45	Name: ninja_adm_cy_uid Value: ea245533-9d9d-4230-9855-d57c43ee9774
crypto.livertadquest.com/	1969-12-31 23:59:59	Name: OX_plg Value: pm
.bidswitch.net/	1970-01-20 23:26:45	Name: tuuid Value: 8976e206-0475-47ac-be13-7c549fda367a
.bidswitch.net/	1970-01-20 23:26:45	Name: c Value: 1694469447
.bidswitch.net/	1970-01-20 23:26:45	Name: tuuid_lu Value: 1694469447
.openx.net/	1970-01-20 23:26:45	Name: i Value: 636d5817-db71-0e2b-2f62-76063d7265c1\|1694469447
.im-apps.net/	1970-01-21 00:17:09	Name: imid_secure Value: RmlKg5clS4SJ4uVIQdIReQ
.im-apps.net/	1970-01-21 00:17:09	Name: imid_created_secure Value: 1694469447
.openx.net/	1970-01-20 15:02:45	Name: pd Value: v2\|1694469447\|jIjElYiuvOuIlUialQhI
.livertadquest.com/	1970-01-21 00:17:09	Name: _ga_CC991QTBJE Value: GS1.1.1694469447.1.0.1694469447.0.0.0
.adsrvr.org/	1970-01-20 23:28:11	Name: TDID Value: 96bdd510-8194-4e26-8fff-fb9368c56372
.ladsp.com/	1970-01-20 14:41:13	Name: cr Value: 1
.ladsp.com/	1970-01-21 00:17:09	Name: smn_uid Value: Yxw1TGvpuQC5aeqOTZjHOA-z97sGGxM
.openx.net/	1970-01-20 15:02:45	Name: univ_id Value: 537072971\|96bdd510-8194-4e26-8fff-fb9368c56372\|1694469447783576
.doubleclick.net/	1970-01-21 00:17:09	Name: IDE Value: AHWqTUmtiwhd5BR-EfSJjd3uWiqTDR1qWPtsB1eETKIuIXGNIguoOyUt81J3ccMw-VU
.livertadquest.com/	1970-01-21 00:17:09	Name: _ga Value: GA1.2.93906344.1694469448
.livertadquest.com/	1970-01-20 14:42:35	Name: _gid Value: GA1.2.1318623832.1694469448
.livertadquest.com/	1970-01-20 14:41:09	Name: _gat_gtag_UA_223172710_1 Value: 1
.yahoo.com/	1970-01-20 23:27:07	Name: A3 Value: d=AQABBEiN_2QCEExLekVE3scAv_IUbX9mxwkFEgEBAQHeAGUJZQAAAAAA_eMAAA&S=AQAAAtha0tVNTPevnWmLy02uYkk
.livertadquest.com/	1970-01-21 00:02:45	Name: __gads Value: ID=868be4d6ca9d6724-229fd4ae85e3003a:T=1694469448:RT=1694469448:S=ALNI_MZcqUM9w-K1LyhNK3W4YRCQREHa7Q
.livertadquest.com/	1970-01-21 00:02:45	Name: __gpi Value: UID=00000c420463f369:T=1694469448:RT=1694469448:S=ALNI_MZPb0meXvoThmhrijTnyOCqlvxLpw
.nrich.ai/	1970-01-21 00:17:09	Name: _nauid Value: 8eb25524-3a98-4403-a228-0ebb3dbbf96c
adm.shinobi.jp/	1970-01-20 23:26:45	Name: ninja_adm_bw_uid Value: 8976e206-0475-47ac-be13-7c549fda367a
.pubmatic.com/	1970-01-20 23:26:45	Name: KADUSERCOOKIE Value: 3ABE94AE-DE43-4981-913E-1544E059E3EB
.pubmatic.com/	1970-01-20 16:50:45	Name: DPSync3 Value: 1695600000%3A201_245_226%7C1694476800%3A248
.pubmatic.com/	1970-01-20 16:50:45	Name: PUBMDCID Value: 6
.pubmatic.com/	1970-01-20 16:50:45	Name: pp Value: 156851
.pubmatic.com/	1970-01-20 14:42:35	Name: PMDTSHR Value: cat:
.socdm.com/	1970-01-21 00:17:09	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNjk0NDY5NDQ3LCJwdWJtYXRpYyI6MTY5NDQ2OTQ0OH0
.turn.com/	1970-01-20 19:00:21	Name: uid Value: 2940000135143263054
.ladsp.com/	1970-01-21 00:17:09	Name: lum Value: CM7H_7GoMRIFCAMQ0AUSBQgKEJAN
.uncn.jp/	1970-01-20 23:26:45	Name: t Value: v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8
.tapad.com/	1970-01-20 16:07:33	Name: TapAd_TS Value: 1694469448670
.tapad.com/	1970-01-20 16:07:33	Name: TapAd_DID Value: 995a2b28-6606-4f25-a69f-0a7fa883f703
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_629 Value: 11487-AevYeEXJmO4Wks8AD7P3uwYbE88AAAGKhj_jzg
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_656 Value: 12671-ZP.NSMCo5r8AAFDYCmoAAAAA&KRTB&23509-ZP.NSMCo5r8AAFDYCmoAAAAA&KRTB&23514-ZP.NSMCo5r8AAFDYCmoAAAAA
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_377 Value: 6810-96bdd510-8194-4e26-8fff-fb9368c56372&KRTB&22918-96bdd510-8194-4e26-8fff-fb9368c56372&KRTB&23031-96bdd510-8194-4e26-8fff-fb9368c56372
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_1201 Value: 23170-v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8&KRTB&23180-v_5d9cb3bc-3bc2-471f-ac8a-6baa22780ce8
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_80 Value: 22987-CAESEO-24uHgPbw7o0e4UFLdTKM&KRTB&23025-CAESEO-24uHgPbw7o0e4UFLdTKM&KRTB&23386-CAESEO-24uHgPbw7o0e4UFLdTKM
.c.appier.net/	1970-01-20 23:28:11	Name: _auid Value: PPhyzYqVBqWLuaScSI3_ZA
.c.appier.net/	1970-01-20 15:24:21	Name: _gu Value: CAESENolHGDbnOhjFJqBki84rlE
.tapad.com/	1970-01-20 16:07:33	Name: TapAd_3WAY_SYNCS Value: 1!6117
.pangle-ads.com/	1970-01-21 00:02:45	Name: _pangle Value: 2VGjjmvGccvEtGXytjaJL9s4ZZt
.analytics.yahoo.com/	1970-01-20 23:26:45	Name: IDSYNC Value: 18z8~2dv9
.ad-stir.com/	1970-01-20 15:01:19	Name: d3 Value: 1
.gsspat.jp/	1970-01-21 00:17:09	Name: gid Value: 5f400273be77903a30eab03451a15840
.simpli.fi/	1970-01-20 23:28:11	Name: suid Value: 0133B08B8C0746ECAD40EDCA7BBA45D6
.ad-stir.com/	1970-01-20 15:01:19	Name: n160 Value: HDkPkqP6O1udaaop
.ad-stir.com/	1970-01-20 15:01:19	Name: d27 Value: 5f400273be77903a30eab03451a15840
.doubleclick.net/	1970-01-20 14:41:13	Name: DSID Value: NO_DATA
.crypto.livertadquest.com/	1970-01-20 15:24:21	Name: _im_vid Value: 01HA33ZSEWDGAVK30AM2NXQZWM
pool.admedo.com/	1970-01-20 23:26:45	Name: tuuid Value: 260a73ff-728d-4bf1-a963-6d6fe9538ad4
pool.admedo.com/	1970-01-20 23:26:45	Name: c Value: 1694469449
pool.admedo.com/	1970-01-20 23:26:45	Name: tuuid_lu Value: 1694469449
.quantserve.com/	1970-01-20 16:50:45	Name: d Value: EJ8BCwH2KfijAA
.quantserve.com/	1970-01-21 00:11:23	Name: mc Value: 64ff8d49-2dd05-b2705-ade12
.crwdcntrl.net/	1970-01-20 21:09:54	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 21:09:54	Name: _cc_id Value: b77fb6ab5f531bc1a62cd0f81fa7a76c
.adform.net/	1970-01-20 15:24:21	Name: C Value: 1
.semasio.net/	1970-01-20 23:26:45	Name: SEUNCY Value: FDA8AF59D7F382BD
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_153 Value: 1923-tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt&KRTB&19420-tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt&KRTB&22979-tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt&KRTB&23403-tZDvMLvAvW-ulu0ys5GkNLGTuWOuxe0zspb5yGCt
.gssprt.jp/	1970-01-21 00:17:09	Name: gid Value: 0ef13a268238169ca111036df3b2e547
.impact-ad.jp/	1970-01-21 00:17:09	Name: tuuid Value: 2a13bfb7-4a06-4c80-a180-75d5c3f9728c
.genieesspv.jp/	1970-01-20 14:42:35	Name: rtbhouse Value: 0
.genieesspv.jp/	1970-01-21 00:17:09	Name: gid Value: 6076531b440b6ab5deebddf27d6e7f97
.ad-stir.com/	1970-01-20 14:42:35	Name: bpgn Value: 1
.adform.net/	1970-01-20 16:07:33	Name: uid Value: 8881251239106716674
.gssprt.jp/	1970-01-20 15:24:21	Name: freakout Value: Dkstk6G4vJrsnCz3uFOoJ8ARkFg
.gssprt.jp/	1970-01-20 15:24:21	Name: lamp Value: 5f400273be77903a30eab03451a15840
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_466 Value: 16530-8976e206-0475-47ac-be13-7c549fda367a
.bidswitch.net/	1970-01-20 14:41:09	Name: google_push Value: AXcoOmSexye9Pgfk_dgU9bssE_HxV67vcPf26yB4POs28sZau_bfRhzOga_OV--TuQSZjq30miqaMTB0AJCtLZq1qURVEoVAIWSQiyw
.gssprt.jp/	1970-01-20 15:24:21	Name: motionbeat2 Value: 693f6d27-29fe-47c7-8a40-98033e8aea53
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_391 Value: 22924-8881251239106716674&KRTB&23263-8881251239106716674&KRTB&23481-8881251239106716674
.send.microad.jp/	1970-01-20 16:50:45	Name: TR Value: 3dd51adbb34eb2b2b85639d6cffcfbb58de0603f77c4ff51
.teads.tv/	1970-01-20 23:25:19	Name: tt_viewer Value: df7e64c0-601b-4d83-b162-38f99a9f9809
.reemo-ad.jp/	1970-01-21 00:17:09	Name: deviceIdentifier Value: canlAywDXDCJjtSUoRpfgpOJbxdFXuuI
.reemo-ad.jp/	1970-01-20 15:02:45	Name: sync_gadx Value: 1
.crypto.livertadquest.com/	1970-01-20 16:50:45	Name: _im_uid.3929 Value: i.RmlKg5clS4SJ4uVIQdIReQ
.googleadservices.com/	1970-01-20 16:50:45	Name: ar_debug Value: 1
.sportradarserving.com/	1970-01-20 23:26:45	Name: zuuid Value: 14bce9d4-d103-47e8-bda1-cb3016aaf181
.sportradarserving.com/	1970-01-20 23:26:45	Name: c Value: 1694469449
.sportradarserving.com/	1970-01-20 23:26:45	Name: zuuid_lu Value: 1694469449
.sportradarserving.com/	1970-01-20 23:26:45	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 23:26:45	Name: zuuid_k_lu Value: 1694469449
.ad-stir.com/	1970-01-20 15:01:19	Name: d10000 Value: 8976e206-0475-47ac-be13-7c549fda367a
.doubleclick.net/	1970-01-20 19:00:21	Name: APC Value: AfxxVi4Mi04QqqLmwDfVE-Y-1X-m5-WjvyDG-40VALSaHgF3FalyIw
.linkedin.com/	1970-01-20 23:26:45	Name: bcookie Value: "v=2&d3b9815f-6a63-4221-81a4-da0bc47d104e"
.linkedin.com/	1970-01-20 14:42:35	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3006:u=1:x=1:i=1694469449:t=1694555849:v=2:sig=AQEkFftp-xhS1sjXPRGFGnBAJQb8EznU"
.rubiconproject.com/	1970-01-20 23:26:45	Name: khaos Value: LMFFCZC1-28-3Q6B
.adkernel.com/	1970-01-20 15:01:19	Name: ADK_EX_11 Value: 1
.adkernel.com/	1970-01-20 15:24:21	Name: ADKUID Value: A4045530456045433720
sync.srv.stackadapt.com/	1970-01-20 23:26:45	Name: sa-user-id Value: s%3A0-a3589532-d74e-50a9-401a-60b624744c02.5O9Q7Acf2Vf%2FZBsVs5AeO%2FZM6yHPhTfgFYyVOH6TdEM
.srv.stackadapt.com/	1970-01-20 23:26:45	Name: sa-user-id Value: s%3A0-a3589532-d74e-50a9-401a-60b624744c02.5O9Q7Acf2Vf%2FZBsVs5AeO%2FZM6yHPhTfgFYyVOH6TdEM
sync.srv.stackadapt.com/	1970-01-20 23:26:45	Name: sa-user-id-v2 Value: s%3Ao1iVMtdOUKlAGmC2JHRMApnwroU.E%2FpM99Ywn8M5DikTajWjt0I%2BMySnDWxZ3JadauhrIDQ
.srv.stackadapt.com/	1970-01-20 23:26:45	Name: sa-user-id-v2 Value: s%3Ao1iVMtdOUKlAGmC2JHRMApnwroU.E%2FpM99Ywn8M5DikTajWjt0I%2BMySnDWxZ3JadauhrIDQ
sync.srv.stackadapt.com/	1970-01-20 23:26:45	Name: sa-user-id-v3 Value: s%3AAQAKIA6AybAgEcYsuCRRIZ6Rh3_KyGXnmMJFdVPXIezeRpt4EHwYBCDKmv6nBjABOgT_Q_f4QgTQKKME.uHcqvRVhiaD2WyGBUsFK1IYpXFvoUSBNuvLFfSxANTY
.srv.stackadapt.com/	1970-01-20 23:26:45	Name: sa-user-id-v3 Value: s%3AAQAKIA6AybAgEcYsuCRRIZ6Rh3_KyGXnmMJFdVPXIezeRpt4EHwYBCDKmv6nBjABOgT_Q_f4QgTQKKME.uHcqvRVhiaD2WyGBUsFK1IYpXFvoUSBNuvLFfSxANTY
fksnk.com/	1970-01-20 14:51:14	Name: AWSALBCORS Value: 3OyRvMCo78eyIGZW8pg7MdSNf8xLXwdqXxE1LHvn11PgCXYe5JyCB+LeXlcHOD81dKVuEWnOYWfle74fgnYrExikF9P2DsOwp2H7T4xKXhUSY3FRaWlPklGGifnO
.fksnk.com/	1970-01-20 16:50:45	Name: f_001 Value: 85E68999E371F16A
.fksnk.com/	1970-01-20 14:42:35	Name: g_001 Value: 1
.adsrvr.org/	1970-01-20 23:28:11	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjG3OH6g8eZPBAFEhQKBXRhcGFkEgsI0Kui_IPHmTwQBRIVCgZnb29nbGUSCwjqiImBhMeZPBAFEhYKB3J1Ymljb24SCwj-lpyJhMeZPBAFGAEgAygCMgsI0KOlqZrHmTwQBTgBWgV0YXBhZGAC
.zemanta.com/	1970-01-20 23:26:45	Name: zuid Value: gSzOUnWCLFGyhsmUUEcn
.uuidksinc.net/	1970-01-20 23:26:45	Name: jcsuuid Value: LKeeUM9X6QHtrhQ4zVgU
.inmobi.com/	1970-01-20 16:50:45	Name: idsp_c Value: a286ec8c-5441-49b2-a930-db706c40dabb
.pubmatic.com/	1970-01-20 15:24:21	Name: SPugT Value: 1694467331
.yandex.ru/	1970-01-21 00:17:09	Name: yuidss Value: 7136674111694469450
.yandex.ru/	1970-01-21 00:17:09	Name: yandexuid Value: 7136674111694469450
.ad-stir.com/	1970-01-20 15:01:19	Name: d41 Value: LMFFCZC1-28-3Q6B
.dotomi.com/	1970-01-20 14:41:09	Name: DotomiTest Value: 62c13b3243be2034
.amazon-adsystem.com/	1970-01-21 00:17:09	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 19:33:28	Name: ad-id Value: AwCmylz40kuYubZEZxstf7A
.rubiconproject.com/	1970-01-20 23:26:45	Name: audit Value: 1\|oBtycnGw6LgMesuqvja9UnAyhFAJ/+NDgALugxCPt3VWTlhDtG4nUhEbM5/PxyYl0BWnAFO2TAvqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.ads.pubmatic.com/	1970-01-20 14:42:35	Name: KCCH Value: YES
.pubmatic.com/	1970-01-20 16:50:45	Name: chkChromeAb67Sec Value: 2
.pubmatic.com/	1970-01-20 14:42:35	Name: pi Value: 156851:4
.pubmatic.com/	1970-01-20 16:50:45	Name: SyncRTB3 Value: 1695254400%3A63%7C1695600000%3A13_233_179_54_71_8_254_22_96_264_234_5_56_217_220_214_209_21_107_76_202_3%7C1694995200%3A223_2%7C1695686400%3A35
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_904 Value: 16787-PPhyzYqVBqWLuaScSI3_ZA
.ctnsnet.com/	1970-01-20 23:26:45	Name: cid_cfa9164c38684e169b2111f680924b26 Value: 1
.ctnsnet.com/	1970-01-20 23:26:45	Name: cid_b0cd063de5674455a17038a9c584b4ed Value: 1
.pubmatic.com/	1970-01-20 15:01:19	Name: KRTBCOOKIE_1159 Value: 23138-b0cd063de5674455a17038a9c584b4ed&KRTB&23328-b0cd063de5674455a17038a9c584b4ed&KRTB&23427-b0cd063de5674455a17038a9c584b4ed&KRTB&23445-b0cd063de5674455a17038a9c584b4ed
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_860 Value: 16335-o1iVMtdOUKlAGmC2JHRMApnwroU&KRTB&23334-o1iVMtdOUKlAGmC2JHRMApnwroU&KRTB&23417-o1iVMtdOUKlAGmC2JHRMApnwroU&KRTB&23426-o1iVMtdOUKlAGmC2JHRMApnwroU
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_22 Value: 14911-2940000135143263054&KRTB&23150-2940000135143263054
.everesttech.net/	1970-01-20 23:26:45	Name: everest_g_v2 Value: g_surferid~ZP_NSwAMatN2vgA4
.w55c.net/	1970-01-21 00:11:23	Name: wfivefivec Value: It4OykU51QFOUs5
.gammaplatform.com/	1970-01-20 14:42:35	Name: _aGeoIp Value: US\|Berkeley
.gammaplatform.com/	1970-01-21 00:17:09	Name: _aUID Value: ibiryozmca5z
.adnxs.com/	1970-01-20 16:50:45	Name: uuid2 Value: 4937571650038870676
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_1310 Value: 23431-ibiryozmca5z&KRTB&23446-ibiryozmca5z&KRTB&23465-ibiryozmca5z
.w55c.net/	1970-01-20 15:24:21	Name: matchpubmatic Value: 5
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_107 Value: 1471-uid:It4OykU51QFOUs5&KRTB&23421-uid:It4OykU51QFOUs5
.pubmatic.com/	1970-01-20 16:50:45	Name: KRTBCOOKIE_57 Value: 22776-4937571650038870676&KRTB&23339-4937571650038870676
.gonet-ads.com/	1970-01-20 23:28:11	Name: pid Value: Mjg1Yjk4YzYzMzBhM2RhMw
.adx.opera.com/	1970-01-20 23:26:45	Name: UID Value: OPU27d0c64fb3e54c558674fd9fd740378f
.pubmatic.com/	1970-01-20 15:24:21	Name: KRTBCOOKIE_1323 Value: 23480-OPU27d0c64fb3e54c558674fd9fd740378f&KRTB&23485-OPU27d0c64fb3e54c558674fd9fd740378f&KRTB&23524-OPU27d0c64fb3e54c558674fd9fd740378f
.pubmatic.com/	1970-01-20 15:24:21	Name: PugT Value: 1694469452

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://adm.shinobi.jp/s/bbcedb5e5aacc603fb3a99afb8911f40 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adm.shinobi.jp/st/s.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://adm.shinobi.jp/s/bbcedb5e5aacc603fb3a99afb8911f40 Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://adm.shinobi.jp/st/s.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cs.nex8.net/cs/openx Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESEEHfTLoaAk3SRmhnyUygun8&google_cver=1&google_push=AXcoOmRr9-XVCO7j_zncmjQSKPa9pIFcp9gkYTjr7eLN8AJCkKGy0HnygFUtJLkzkaVNfbN2u3Gl9PgTC8axG7M7xzV3BhSgykL0Kg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://ads.pubmatic.com/AdServer/js/showad.js(Line 1) Message: Mixed Content: The page at 'https://crypto.livertadquest.com/' was loaded over HTTPS, but requested an insecure frame 'http://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D&uid-set=1'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.sportradarserving.com
aax-eu.amazon-adsystem.com
ad.ad-stir.com
ad.doubleclick.net
ad.turn.com
adm.shinobi.jp
adn-j.sp.gmossp-sp.jp
ads.pubmatic.com
aid.send.microad.jp
ajax.googleapis.com
aladdin.genieesspv.jp
an.yandex.ru
analytics.pangle-ads.com
app.cauly.co.kr
assets.pinterest.com
audiencedata.im-apps.net
aw.dw.impact-ad.jp
b1sync.zemanta.com
bidder.criteo.com
bypass.ad-stir.com
c1.adform.net
cm-supply-web.gammaplatform.com
cm.g.doubleclick.net
cms.quantserve.com
cnobi.jp
cr-p10.ladsp.com
cr-p3.ladsp.com
crypto.livertadquest.com
cs.gssprt.jp
cs.nex8.net
csync.loopme.me
dclk-match.dotomi.com
dis.criteo.com
dmp.im-apps.net
dps.jp.cinarra.com
ds.uncn.jp
dsp.adkernel.com
dsp.nrich.ai
eus.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js.ad-stir.com
js.gsspcln.jp
log.pinterest.com
match.adsrvr.org
mweb.ck.inmobi.com
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.shinobi.jp
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
r.turn.com
rt.gsspat.jp
rtb.openx.net
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
samuraifactory-d.openx.net
secure-assets.rubiconproject.com
simage2.pubmatic.com
simage4.pubmatic.com
spcdnpc.i-mobile.co.jp
spdeliver.i-mobile.co.jp
spsvcpc-tls.i-mobile.co.jp
sshowads.pubmatic.com
st.pubmatic.com
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.ad-stir.com
sync.crwdcntrl.net
sync.dsp.reemo-ad.jp
sync.fout.jp
sync.gonet-ads.com
sync.im-apps.net
sync.shinobi.jp
sync.srv.stackadapt.com
sync.teads.tv
t.adx.opera.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
webfonts.xserver.jp
widget.as.criteo.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
xid.i-mobile.co.jp
cs.nex8.net
csync.loopme.me
sync-dsp.ad-m.asia
103.229.10.171
103.43.90.21
119.9.108.180
13.107.42.14
13.113.112.30
13.228.126.19
133.186.12.12
133.186.12.18
133.186.161.88
138.113.138.167
139.162.117.143
139.162.84.221
142.250.196.104
142.250.196.106
142.250.198.14
142.250.199.102
142.250.207.3
142.251.222.2
142.251.42.131
142.251.42.161
142.251.42.164
142.251.42.194
15.197.193.217
150.95.47.242
151.101.128.84
151.101.194.49
172.217.161.34
172.217.161.66
172.217.175.38
172.217.26.226
174.137.133.49
18.136.94.236
18.176.31.142
18.65.168.21
18.65.168.89
18.65.185.105
18.65.206.100
182.161.74.1
182.161.74.11
182.161.74.16
182.161.74.18
183.90.238.3
184.27.185.21
184.72.108.234
185.196.197.130
185.84.60.21
188.42.105.220
20.85.134.6
202.226.37.225
202.228.215.14
202.228.215.63
202.232.238.37
202.233.84.1
202.241.208.52
207.65.34.74
207.65.34.80
207.65.34.81
207.65.34.82
207.65.34.83
220.150.223.50
222.230.178.130
222.230.178.27
23.195.85.58
23.200.55.26
23.208.233.60
23.210.26.170
23.39.216.185
23.39.216.189
23.45.61.118
34.111.113.62
34.111.79.67
34.120.96.193
34.124.209.251
34.98.64.218
35.186.154.107
35.186.193.173
35.186.253.211
35.186.254.217
35.213.12.39
35.213.93.179
50.116.239.135
51.255.68.171
51.89.9.254
52.192.212.4
52.197.41.226
52.22.231.105
52.45.175.185
52.46.155.104
54.248.253.182
54.251.140.37
54.251.188.116
54.95.135.115
64.202.112.95
67.220.228.201
69.173.158.64
74.119.119.150
82.145.213.8
89.207.22.108
93.158.134.90
96.7.39.72
04d58ee346b8f4ccb0b9fe49cb4e62a417c94cd9ddbb120f2b173ec676c58f11
07531fe6b1a5218c4e925d54b21e07896e31a3a6e56dc8e610eab618933f180e
0835a75ccd76849c8f446db7be45a6d0d443b638fe5320233cdfc7c929d69b75
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
12a139b0d37f0867969fb2949d4a80bd8aeeac727913f16674c1b8a8cbcd03bd
1312ea485e4cea610e63a4c53f15c9b96b5de1e8fde732801828b55d653482c7
168f8adeb65230b33cdd8c14f97da4109a91ea86884791af5d7b66391c4e510f
173d0e8d3b0641b40dcf3290d03fd621325e663d5bf44a5e63e08c4721a71689
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
197d89841a477d39db6113cb9b1303bf5443a713f45d1c5c851438dee94691a5
1afb0f6bc912d6cbb446e068af974c5be4253d44ae0c6671e14087ceebe31733
1d1c2d28818efea3814be4db58e605968ff98e31bcde0628c44d9d53219499e5
1f43df9438ea78458367c17b7acaef99383004d614c7e16995cc9343ad5f2866
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
21bd977042a76480805895c3bc4371d79fe7da93c8cf7af08687e0b58f4e39ad
2385bba830ec5cc4a1a0e398c58a0703ee86443f42c131b4682b09a45e6e7a1f
2604e0cac28f89beb89cf1f82889c79198bdee35fb99bfe5067839923fb32ace
27ce2d1973c8a131d6e828cd3793c4ecaa277518950c34dfc9f6aecbb70fdf9b
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
28c02f1420309c0350fb39490813542d73e75db361a289a2ded2ae258458adae
291cf581b824e88d8e5292c399d39fe9940cc6d50c1cfe21e0525a510e9e0b2a
299886ee6459db02a42fa2911e8b0b272bfb0969b6a5680cc31a89be13dd2c1e
2b238632bac0e65b25d80c12d85ef0bb6d212430d25b4e13dd55f7c9bf62cd0d
2b5533ea0648aa4e0fbe223c3d96319225fdb32f313398eab89e1ed29197c59c
2cb51c013da8aab090a4545424777417b0ef02a5b0a9565c0aec547b99974e52
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d8a246b4ec27f114c453b9d4ef714538bc6e3b3c76b9f46d63a67950144930
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
338ea14569d03db8693c3e69b0141142f888038ba00dbc8c26114b212308a4ed
33a9742a2e2c2e6c044f55b85f19df6cd06289ec588566e144e4e88235244450
37a2c471e6814d7d84660197ca6869f2199621fe99ea0919eade5565aa5ca7df
38a0aae3e351883b880772b578e96063ee338cad05522ce9fa53686d868e4eba
38b22a096e864f48a5e7d337f5fbf07551981e16fe17bdc93510d749e2b4eb6c
38fdc998014a26e4d67a9a41b13ebe3317be503824b9c12e52b3fdb28f8dca82
3a6b3996ce3a1200e3b494ed37f4e7f665ddff1faedf145bdef17a51546b0998
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3c620084286d4e8ac0ebd4811a782920ac935265c8cdbf0010ea7243bd81a6e6
3c7b2f4a154198721450f6edeabc8ecfc41a4ea7a2a63ec43b90be7e4274966f
3d63faac9e70b48352d0371f46cb09ef7e78c61fc19e9b9a64d4366bddac206b
3de3d1d4ae76397862f3a82496aabff5dfb8ddc1a2e56e02d5f71efa8e94e3f1
3ea53735a55ae60e60ea3da344a0e36fbf12c3cf2d1d3d977a83ea765c7e2b93
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4202486f70245a289adf12450f87f00c54af39bb55cd1158b6c4f2c46f2edd5e
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c76e6ec858d0d9c51a295c69938ce1784cc1b0c03bdfdee19f83e5849bdcf8a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50a1901684f223bf26594dd3415b1e50f184820a16daa810cc5452911e9117a9
511d394e012fc63eb72179d7339ab0688d34225f3c143a8eea5675f2d5e9237a
530db135ec2a2ccbece2b673db85e6cb51af5814cceea59578d1191799a85797
535114890d1a0848fcddb43cb798a1be1b89103610fc468db0f1c0a02a7dbff1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56dafb15a17321c6a6c6c76e4b7fc6d7124d0a49fbd36e0cdb07ef30403e7d76
5b7880fef88bba2ca4f28bd9374a74c1ca4e881d1fccbec6467506b4cbe8c147
5c3e995d7b1927fe3011cc8ac953b526a0d16f6840b114554d662708d781eb42
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
61c2e5ce97a05b707117444f5c81ab9d71b14a103dc5c6e744eed7052fba1fc6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63fc1b05707415ea70fe6e8058ad967d9dea30c6750754548f6b923a08e99e25
65c748d689c0545d4daac37cd3ca006df12762c288c9d22ec083909e958f56d6
66d21fa22c441eac50abdd7163ebb164107c90cecb3ce0a87d0014b97c7660b6
6924922bb53b34f771c50c87666560b603f1428ac09d063f2ff6e9309b02f758
6b4636f506e33f6bc580c3aa80b6195941eec337da679f4f35617900796ee44c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6611b39d8ff91e082f758855e8e47e3d4f318676ce14aba85e73f64367d8cc
6eb8a304c3df3a16dc4dd33a3289f4d01c8ceb0fb11c8234629b8fe08bd37fe4
737dee49154ec829b9486824fe253106551d44531b8f58e6f38d45c84d617d89
74190d7890b70c71e37d99927ef5121f6367126b76aeac3b716d38c5f2e8607d
76d0b9990965e0b47d7df4da43f4443a401dfa59c12c4fa1d45dc50befc589a5
7762f7afc360caf997c2c4b6800705f658b738fa4b84d1698cb51af3364cafd4
7763cf61ef887eab9387b512247ceb8dcf43bf89125c3709ba5d3f33627a85a2
79cecf704fc1b3e636adc55ffa1b45043066ec863211ba52b236d29173ce1f78
7b2ac8dd70d0025b9891480bb4e2a6b54728753fd41ed7629dd34ce15c0013de
7dcf7afdaabf09c243f76cf35405387257564d34590888f4008028a739c270ad
7e41a6b43ea557200708381da42b534a54094127164a25a6a0db8868821ce822
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
82ef31a5641598b36253377b37d119a43eefc08140d08de1e80250c978ffb3ee
851f7da104017908bc0e287ad727b2f2d6b9c1fca777d07852f321fb4f9ac5d4
853d4e8ad9a4e64839e5630234bfa19ab3a3a646df4d7e139b108861932f9701
877325977f7b21eb8eea2017011e1f37ccf2d0b431c60a282ab9215020131551
8875034ea813fa8a38f1e262928f4f2f74712e947efff24d07e49b0ec328ea4a
8c363d8b637eefbaff48dc86a74f7da5f48a3b4463fd134d0d50cc633c219a50
8d99a824eb65a40f898ff5baa2201854b8b1d152a620cf13a79033f4fcba1e67
927df156b92d46ada649d6ec2d110dda9ab0b9d275df6e0b07f6273b0a33d3ee
9386e0506a6a994f776510630feb1cbbb1a644f60655b1a6e6971acb4aabebe5
94f424709762ba159c9d3f85b42f82b1a8a4034504add471c7ec80e819479d76
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
97e1aba3c7c86e12b8901564217d93982aea0b5d1b7b009cc611a59a222840ce
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a54902536a42aad6dc37ef619c7a85f270e441ccc93d778dad7fec343b2f3e4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e1140f961a9de7f4fe1050404a294c50d76438b12b9b00f8bcb8fa81f75675f
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3a10e584c92af007f5eb5392494aa3cbcabfea70636c4f45ccc27ab8ce67e42
a5f1c2a21b51ce64213655ba2f701f591423438c92028e2b36fafa91089a7243
a736f46bf7b1853368d39a159ce724adff948daaae4c3484b9615ad828220835
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
a8a48929789088a0f5b224e1c194ffd5633362acc1f1114e02617eb0e38d87d4
a9f3561245058ff3d41ffcc1249ecf64998d4661e0a1a66caa3c807c60d11f26
aa0d283fc8b5811a64c0179016185dc8ca4e6b211cac990c29ed5a43a9cc5c12
aa64ed9b7879dad1189251f887cffd63d0c7addd427e2df0d7200e93ec943267
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
ab6384b7b3611ffd125c55bdf0f2e6327fc9d3fd84ffeeaa35de6ed58a9cf28a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
adcf4bc477809db631e12407ad830f98975634ad4c62e7c7dd14b8a3b215a0a6
ae74cb6090847dfd19b1ad10b39d299e7404f99fa098ad23e748677e5c3a03de
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cf9494979497e2751b2b9933adb75ca049dbd1c9ee21a9981c630a83061cf1
b52c2dcdecea3329aa34907039f8b6f871b5fb51ed7ac8444596bd5530cd2992
b7191dc44a4f02d1ce10f78f5c556e825bccbfb7fa479c798182b1e33cf545a1
b742aa486fbd2ef3b169e8e933ebf38c3a493855d89d6a61f94e6f524232f8f3
b8666b6a7bda5ea0466128485e57eb867e069582c3709bde90ec39f88d467d0a
bb099b1257230336a8379fc0b704aa94cf11fa4da490670f59886cd3852000e3
bba528ffb6804790acda884de42ed138e969ca38d28de11423c68d56f08cf3d6
bd91080d2c7f2120ad82727f5c07bbb439b810ed4035993ddb1825ca1611396b
c1ef167e3112a81527dac4791653d424da6848e92d7c642fa2ebd2e64f5656ae
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2430eea46482d09798ced4106070b559f066b7784c179f0b5d9b27f2783d10e
c42bd0b8557cf05f9ef1bda0125e383823af4de5dd788adcb5774fd477b96e6f
c6ece8077c8a8d8d057b5a03c892dcf1fed9da76ff1bc964cd17416008752c48
c959b4d6ab59a0ef8f6805088ca529d42bf57c12771f408bc83aa1f614acc3eb
c9a13c6f00d420eb6eb2463e82e3de3e26cb9c030035c52dd7311d6b7b963f04
cd8627e1180617338a9da9917a5da5208e97bee79f14fba42c9bcbbba71d736c
cddea78521f704bd0a543cfa439c1d91720674ae9f8574dbee11d7245e19c7ae
ced914fdfff976939189a60d917d42aeb3ff1b99972e93526e11b6df9cbd58fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf4c3c2ec18de3d4dcd49151ffe00cb299f86fc98467cf806b9c447467935479
d012510a809dc3c1ae6c56bc32f90440eb9f87baee6b46e97efb35a5f95b14fa
d0e3a6662bd8e833a3eb1965953cfd00fe1fa5e06753ab807698107928a436a5
d34f592d41bd6931e6b6f68901337dce4525db27870bbd336a2010019b727dbf
d632bb47cf1294a49186e527adabf5543006874a8b2c6a2ff706d5ff0f5465c7
d644f75e609a887273904225a066b54053d7d42d7f11a5a485366d6d5c9ea9af
d7502230a5faa6a7c3333a5229324a62fa31ea041beea8617bcf265de7274cc9
d78e38d21391cea71129bf873dde6914e94e0e3c133b3020d5230cf1c348ab20
dbb38fedbbe46a4dbc2884610da14cd3b2b55c8e9eb216f5b1e04a4a3f618395
dcd0d3bdc1828b4ed5f755b7a6565c19dca9ba24bc1f4d12bb25d29a6aa5ab25
dcd4a5ac70faae2eb4af611d90b3643154959a5b905720cc0875bd5d1399088e
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcfcb20b975fc2c0d0c597fdd7cdc22bc3d840d778914b35a57f1b78eaace340
dd27d688fcb628ea933925ce527eeac93f7561cda801b4fe657aa49f028c9d0a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e22f1d227e4a8a95d3e57af7a5428ec15a076cf326988913da8655b2537aa097
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42cd1d0597173d0d322ea8f6d6c36f0930483864c46ccf49121121b617dd777
e7fc2a83ccbb3aba87ff842a077f2b3a61e5d6578d284b14cd69018713289802
e895c252516573c273738defef761a39649bcfa8d16548412a39f1df37c23485
e8b5b39e947979aa50b4fe78da89b82c6f06a9430beb222e1bda0b4a745c809f
eb658766bc0865b719c76913b6b82ba32d0e14660216bf8d6d3953e30ad3e06d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f056a519e034222e0429c529f665f684974cddf652533d4cffb2ee1afafd6ea7
f09f1c9b71c5721ef8c3bc149b3b82c483bde85b41b662306b8a2babb7a77322
f26a09253bb77f2ed54a27b1f40cb8bbf26c0fb6f1c6b8931874c0f56d96d87b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f677bc04d5703de673e0a9bc9edf097e4f34e9057268cb81032e1ebfc0e183fb
fd99303a6c8f6d2e2ffabf0a350594470bf45dfc7537cd70d57744ee4b7218fb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

crypto.livertadquest.com Open in urlscan Pro 183.90.238.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

334 Requests

74 %HTTPS

0 %IPv6

76 Domains

114 Subdomains

69 IPs

13 Countries

2754 kBTransfer

6222 kBSize

144 Cookies

13 Outgoing links

Page URL History

Redirected requests

334 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

crypto.livertadquest.com Open in urlscan Pro
183.90.238.3 Public Scan

Screenshot
Live screenshot

Full Image

334
Requests

74 %
HTTPS

0 %
IPv6

76
Domains

114
Subdomains

69
IPs

13
Countries

2754 kB
Transfer

6222 kB
Size

144
Cookies

334 HTTP transactions
16 data transactions