urlscan.io logo urlscan.io
SecurityTrails logo

twinklesphotos.exblog.jp Open in urlscan Pro
54.199.193.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://twinklesphotos.exblog.jp/33443959/
Submission: On November 08 via api from DE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 143 IPs in 13 countries across 107 domains to perform 503 HTTP transactions. The main IP is 54.199.193.165, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is twinklesphotos.exblog.jp.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 13th 2025. Valid for: a year.
This is the only time twinklesphotos.exblog.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.199.193.165 16509 (AMAZON-02)
21 3.164.121.26 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
7 54.230.175.43 16509 (AMAZON-02)
2 3.164.121.60 16509 (AMAZON-02)
17 142.250.199.98 15169 (GOOGLE)
1 151.101.1.55 54113 (FASTLY)
3 18.64.132.164 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
4 199.232.148.157 54113 (FASTLY)
1 3.165.11.79 16509 (AMAZON-02)
1 13.32.54.10 16509 (AMAZON-02)
1 3.166.244.95 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.172.52.109 16509 (AMAZON-02)
9 34.160.89.38 396982 (GOOGLE-CL...)
4 31.13.82.7 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
28 142.251.42.162 15169 (GOOGLE)
2 3.173.238.22 16509 (AMAZON-02)
3 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 54.238.63.60 16509 (AMAZON-02)
2 172.66.0.227 13335 (CLOUDFLAR...)
4 13.32.54.79 16509 (AMAZON-02)
2 18.178.205.149 16509 (AMAZON-02)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 9 142.251.42.134 15169 (GOOGLE)
2 34.36.200.111 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 172.217.31.142 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
1 202.232.238.39 2497 (IIJ Inter...)
15 54.202.27.156 16509 (AMAZON-02)
7 3.168.249.239 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 142.250.207.1 15169 (GOOGLE)
8 57.182.52.186 16509 (AMAZON-02)
1 35.201.98.24 396982 (GOOGLE-CL...)
4 103.132.192.30 138552 (RTBHOUSE-...)
3 104.18.26.193 13335 (CLOUDFLAR...)
1 5 18.172.52.87 16509 (AMAZON-02)
4 2606:4700:440... 13335 (CLOUDFLAR...)
3 124.146.153.153 2514 (INFOSPHER...)
5 9 35.213.17.49 15169 (GOOGLE)
3 103.253.24.95 133210 (ENTECHNOL...)
4 207.65.34.76 62713 (AS-PUBMATIC)
1 5 103.43.90.21 29990 (ASN-APPNEX)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.199.99 15169 (GOOGLE)
4 142.250.207.34 15169 (GOOGLE)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
6 34.149.40.38 396982 (GOOGLE-CL...)
3 3.173.238.128 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
1 2600:9000:294... 16509 (AMAZON-02)
2 142.250.207.8 15169 (GOOGLE)
2 54.248.77.59 16509 (AMAZON-02)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
2 2406:2600:4::22 55569 (CRITEO-AS...)
17 2406:2600:4::2e 55569 (CRITEO-AS...)
2 2406:2600:4::31 55569 (CRITEO-AS...)
2 202.232.238.37 2497 (IIJ Inter...)
3 3 35.213.7.90 15169 (GOOGLE)
1 9 52.69.229.53 16509 (AMAZON-02)
8 23.40.192.188 16625 (AKAMAI-AS)
2 4 34.98.64.218 396982 (GOOGLE-CL...)
3 3 184.26.241.115 16625 (AKAMAI-AS)
6 23.40.149.60 16625 (AKAMAI-AS)
2 2 2600:1f10:4ce... 14618 (AMAZON-AES)
6 25 142.251.42.194 15169 (GOOGLE)
5 5 52.223.40.198 16509 (AMAZON-02)
2 35.73.112.140 16509 (AMAZON-02)
2 6 2406:2600:4::13 55569 (CRITEO-AS...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 124.146.153.162 2514 (INFOSPHER...)
2 2406:2600:4:: 55569 (CRITEO-AS...)
2 2 2620:116:800e... 16509 (AMAZON-02)
4 4 2406:da18:a99... 16509 (AMAZON-02)
1 1 35.186.193.173 396982 (GOOGLE-CL...)
2 2 203.137.133.187 4694 (IDCF IDC ...)
1 1 23.223.41.138 20940 (AKAMAI-AS...)
1 1 52.198.167.118 16509 (AMAZON-02)
2 2 35.208.249.213 19527 (GOOGLE-2)
10 2406:2600:4::1f 55569 (CRITEO-AS...)
4 2406:2600:4::25 55569 (CRITEO-AS...)
15 207.65.34.87 62713 (AS-PUBMATIC)
14 20 69.173.158.64 26667 (RUBICONPR...)
3 207.65.34.81 62713 (AS-PUBMATIC)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2600:1901:0:2... 396982 (GOOGLE-CL...)
3 23.50.118.175 20940 (AKAMAI-AS...)
1 3 34.96.105.8 396982 (GOOGLE-CL...)
1 1 35.213.183.23 15169 (GOOGLE)
4 4 64.74.236.223 22075 (AS-OUTBRAIN)
2 2 64.74.236.191 22075 (AS-OUTBRAIN)
1 1 162.159.141.246 13335 (CLOUDFLAR...)
2 2600:140b:1c0... 20940 (AKAMAI-AS...)
3 141.95.98.65 16276 (OVH OVH SAS)
1 202.233.84.10 131957 (MICROAD M...)
1 202.233.84.1 131957 (MICROAD M...)
1 34.49.1.209 396982 (GOOGLE-CL...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:1901:0:d... 396982 (GOOGLE-CL...)
4 2620:1ec:bdf::46 8075 (MICROSOFT...)
2 2620:1ec:bdf::69 8075 (MICROSOFT...)
1 6 103.43.91.51 29990 (ASN-APPNEX)
1 7 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2 142.250.77.166 15169 (GOOGLE)
2 2 2406:2000:a4:... 10230 (YAHOO-SG ...)
1 4 98.82.156.107 14618 (AMAZON-AES)
1 2620:1ec:50::12 8075 (MICROSOFT...)
1 2 52.94.220.185 16509 (AMAZON-02)
1 100.29.93.34 14618 (AMAZON-AES)
1 54.199.181.74 16509 (AMAZON-02)
3 6 103.43.89.4 29990 (ASN-APPNEX)
1 1 18.65.207.41 16509 (AMAZON-02)
1 1 54.230.175.58 16509 (AMAZON-02)
1 54.230.175.123 16509 (AMAZON-02)
1 131.153.206.103 59210 (PHOENIXNA...)
1 172.64.146.152 13335 (CLOUDFLAR...)
4 141.95.33.120 16276 (OVH OVH SAS)
1 2001:41d0:701... 16276 (OVH OVH SAS)
1 142.250.76.34 15169 (GOOGLE)
2 2 139.99.123.205 16276 (OVH OVH SAS)
5 51.79.152.76 16276 (OVH OVH SAS)
2 23.59.252.162 20940 (AKAMAI-AS...)
2 142.250.207.2 15169 (GOOGLE)
1 31.13.82.36 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
1 203.137.133.39 4694 (IDCF IDC ...)
1 35.227.252.103 396982 (GOOGLE-CL...)
1 35.75.119.135 16509 (AMAZON-02)
1 52.76.10.239 16509 (AMAZON-02)
1 2406:2600:4::2d 55569 (CRITEO-AS...)
1 216.58.220.132 15169 (GOOGLE)
1 4 23.108.103.28 59253 (LEASEWEB-...)
3 182.161.74.19 55569 (CRITEO-AS...)
1 23.208.31.195 20940 (AKAMAI-AS...)
1 1 54.238.191.85 16509 (AMAZON-02)
1 107.178.248.96 396982 (GOOGLE-CL...)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 3 148.251.40.117 24940 (HETZNER-A...)
1 4 35.244.159.8 396982 (GOOGLE-CL...)
2 9 104.18.27.193 13335 (CLOUDFLAR...)
8 2406:2600:4::2b 55569 (CRITEO-AS...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 35.77.91.60 16509 (AMAZON-02)
1 1 211.183.211.31 152199 (KAKAOCORP...)
1 1 80.77.87.162 46636 (NATCOWEB)
2 2 82.145.213.8 39832 (NO-OPERA ...)
1 2 20.157.93.108 8069 (MICROSOFT...)
2 3 35.186.253.211 396982 (GOOGLE-CL...)
1 1 2406:da18:929... 16509 (AMAZON-02)
1 1 3.231.235.87 14618 (AMAZON-AES)
1 3.213.192.51 14618 (AMAZON-AES)
2 2 172.64.150.63 13335 (CLOUDFLAR...)
2 2 185.84.60.23 198622 (ADFORM Ad...)
1 198.206.157.241 399668 (E-PLANNING-)
1 1 13.228.29.185 16509 (AMAZON-02)
1 1 47.236.192.116 45102 (ALIBABA-C...)
3 23.108.103.29 59253 (LEASEWEB-...)
8 8 131.153.206.101 59210 (PHOENIXNA...)
1 1 54.251.34.228 16509 (AMAZON-02)
1 1 87.249.128.56 60068 (CDN77 Dat...)
2 2 35.71.178.8 16509 (AMAZON-02)
3 3 52.43.79.118 16509 (AMAZON-02)
1 1 37.157.5.86 198622 (ADFORM Ad...)
1 220.150.223.50 4686 (BEKKOAME ...)
2 2 3.173.238.82 16509 (AMAZON-02)
1 3.166.244.76 16509 (AMAZON-02)
1 3.113.198.155 16509 (AMAZON-02)
1 57.180.143.124 16509 (AMAZON-02)
1 1 103.67.201.72 59210 (PHOENIXNA...)
1 152.228.215.159 16276 (OVH OVH SAS)
1 54.248.38.178 16509 (AMAZON-02)
3 18.64.122.111 16509 (AMAZON-02)
1 23.52.128.77 20940 (AKAMAI-AS...)
1 172.111.38.86 63023 (AS-GLOBAL...)
2 13.228.194.215 16509 (AMAZON-02)
503 143
1    54.199.193.165 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-193-165.ap-northeast-1.compute.amazonaws.com
twinklesphotos.exblog.jp
21    3.164.121.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-26.nrt12.r.cloudfront.net
s.eximg.jp
2    2404:6800:4004:808::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2404:6800:4004:821::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    54.230.175.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-43.nrt57.r.cloudfront.net
image.excite.co.jp
2    3.164.121.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-60.nrt12.r.cloudfront.net
pds.exblog.jp
17    142.250.199.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f2.1e100.net
securepubads.g.doubleclick.net
1    151.101.1.55 (United States)

ASN54113 (FASTLY, US)
flux-cdn.com
3    18.64.132.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-132-164.nrt12.r.cloudfront.net
c.amazon-adsystem.com
2    2404:6800:4008:c00::9b (Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    199.232.148.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
platform.twitter.com
1    3.165.11.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-11-79.nrt12.r.cloudfront.net
config.aps.amazon-adsystem.com
1    13.32.54.10 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-54-10.nrt57.r.cloudfront.net
b.st-hatena.com
1    3.166.244.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-95.nrt20.r.cloudfront.net
cdn.nidan.d2c.ne.jp
1    2606:4700:10::ac42:ab85 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700::6810:afe2 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    18.172.52.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-109.nrt20.r.cloudfront.net
yield-manager.browsiprod.com
9    34.160.89.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
4    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
3    2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
28    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
pagead2.googlesyndication.com
2    3.173.238.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-22.nrt20.r.cloudfront.net
md.exblog.jp
3    2600:140b:1c00:48::1734:8c23 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
dmp.im-apps.net
1    54.238.63.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-63-60.ap-northeast-1.compute.amazonaws.com
logging.exblog.jp
2    172.66.0.227 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
syndication.twitter.com
analytics.twitter.com
4    13.32.54.79 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-54-79.nrt57.r.cloudfront.net
cdn.browsiprod.com
2    18.178.205.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-205-149.ap-northeast-1.compute.amazonaws.com
js.api.nidan.d2c.ne.jp
nidan.addlv.smt.docomo.ne.jp
11    2606:4700:10::6814:2f50 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
9    142.251.42.134 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f6.1e100.net
ad.doubleclick.net
2    34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com
ab.dns-finder.com
1    2606:4700:10::6814:14bd (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    172.217.31.142 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s08-in-f14.1e100.net
www.google-analytics.com
3    130.211.23.194 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    202.232.238.39 (Jingūmae, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
cnt.fout.jp
15    54.202.27.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-202-27-156.us-west-2.compute.amazonaws.com
events.browsiprod.com
7    3.168.249.239 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-249-239.nrt57.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:20::681a:8a9 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    142.250.207.1 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f1.1e100.net
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
8    57.182.52.186 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
hb.adingo.jp
1    35.201.98.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com
sp.gmossp-sp.jp
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
3    104.18.26.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
5    18.172.52.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-87.nrt20.r.cloudfront.net
ad.as.amanad.adtdp.com
4    2606:4700:4407::ac40:994e (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    124.146.153.153 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
d.socdm.com
9    35.213.17.49 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 49.17.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
3    103.253.24.95 (Singapore)

ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG)
shb.richaudience.com
4    207.65.34.76 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    103.43.90.21 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    162.159.140.229 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
syndication.twitter.com
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.250.199.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f3.1e100.net
www.google.co.jp
4    142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net
googleads.g.doubleclick.net
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
6    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
3    3.173.238.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-128.nrt20.r.cloudfront.net
pdn.adingo.jp
9    2404:6800:4004:820::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:2943:1a00:a:d2fd:aec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.sx.adingo.jp
2    142.250.207.8 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f8.1e100.net
www.googletagmanager.com
2    54.248.77.59 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-77-59.ap-northeast-1.compute.amazonaws.com
sh.adingo.jp
2    2406:2600:7:100::32 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.sg1.as.criteo.com
2    2406:2600:4::22 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
17    2406:2600:4::2e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    2406:2600:4::31 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.jp2.as.criteo.com
2    202.232.238.37 (Jingūmae, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
3    35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
9    52.69.229.53 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
8    23.40.192.188 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-188.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
3    184.26.241.115 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-241-115.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    23.40.149.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2600:1f10:4ce4:4a05:ef39:1e7d:8ea0:2f17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
hrbh3.publishers.tremorhub.com
25    142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net
cm.g.doubleclick.net
5    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.73.112.140 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-73-112-140.ap-northeast-1.compute.amazonaws.com
aud.adjust-net.jp
6    2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    2606:4700:10::ac42:a937 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
bid.socdm.com
2    2406:2600:4:: (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
measurement-api.criteo.com
2    2620:116:800e:21:46d:7e81:55ff:4c12 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
4    2406:da18:a99:1b02:5f:8d38:8237:dd15 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
dclk-match.dotomi.com
1    35.186.193.173 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    203.137.133.187 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
rt.gsspat.jp
1    23.223.41.138 (Honolulu, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-223-41-138.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    52.198.167.118 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-198-167-118.ap-northeast-1.compute.amazonaws.com
tracking.prismpartner.smt.docomo.ne.jp
2    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtracenep.admaster.cc
10    2406:2600:4::1f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
imageproxy.as.criteo.net
4    2406:2600:4::25 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
client-side-metrics.as.criteo.net
15    207.65.34.87 (United States)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
20    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
3    207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2600:140b:1c00:48::1734:8c3b (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cf.im-apps.net
1    2600:140b:1c00:48::1734:8c28 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.audiencedata.net
1    2600:1901:0:2dbc:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
atb.im-apps.net
3    23.50.118.175 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-50-118-175.deploy.static.akamaitechnologies.com
sync.im-apps.net
3    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    35.213.183.23 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 23.183.213.35.bc.googleusercontent.com
s.ad.smaato.net
4    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    64.74.236.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.outbrain.com
1    162.159.141.246 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
www.temu.com
2    2600:140b:1c00:54::1738:2a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
sync6.im-apps.net
3    141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu
api.id5-sync.com
lb.eu-1-id5-sync.com
1    202.233.84.10 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
universe.send.microad.jp
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
1    34.49.1.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.1.49.34.bc.googleusercontent.com
b.im-apps.net
2    2606:4700::6810:aee2 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2600:1901:0:d959:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
4    2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
adsdk.bing.net
2    2620:1ec:bdf::69 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdkprod.azureedge.net
6    103.43.91.51 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
sin3-ib.adnxs.com
7    2600:140b:1c00:47::1734:8cc2 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
www.bing.com
2    142.250.77.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrtb-ac-in-f6.1e100.net
10208769.fls.doubleclick.net
2    2406:2000:a4:807:: (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)
ups.analytics.yahoo.com
4    98.82.156.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-107.compute-1.amazonaws.com
s.amazon-adsystem.com
1    2620:1ec:50::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    100.29.93.34 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-29-93-34.compute-1.amazonaws.com
sync.springserve.com
1    54.199.181.74 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-181-74.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
6    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    18.65.207.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-207-41.nrt57.r.cloudfront.net
live.primis.tech
1    54.230.175.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-58.nrt57.r.cloudfront.net
sync.intentiq.com
1    54.230.175.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-123.nrt57.r.cloudfront.net
syncv4.intentiq.com
1    131.153.206.103 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
sync.a-mo.net
1    172.64.146.152 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
4    141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    2001:41d0:701:1000::50d8 (France)

ASN16276 (OVH OVH SAS, FR)
lbs.eu-1-id5-sync.com
1    142.250.76.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lckixa-ar-in-f2.1e100.net
adservice.google.com
2    139.99.123.205 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ads3-sgp.stickyadstv.com
ads.stickyadstv.com
5    51.79.152.76 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip76.ip-51-79-152.net
onetag-sys.com
2    23.59.252.162 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-59-252-162.deploy.static.akamaitechnologies.com
www.bing.com
2    142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net
ep1.adtrafficquality.google
1    31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com
www.facebook.com
3    2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    203.137.133.39 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
aladdin.genieesspv.jp
1    35.227.252.103 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    35.75.119.135 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-119-135.ap-northeast-1.compute.amazonaws.com
ad.ad-stir.com
1    52.76.10.239 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-10-239.ap-southeast-1.compute.amazonaws.com
g2.gumgum.com
1    2406:2600:4::2d (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
grid-bidder.criteo.com
1    216.58.220.132 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f132.1e100.net
www.google.com
4    23.108.103.28 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ads.us.e-planning.net
sync.e-planning.net
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
1    23.208.31.195 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-208-31-195.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    54.238.191.85 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-191-85.ap-northeast-1.compute.amazonaws.com
bypass.ad-stir.com
1    107.178.248.96 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.248.178.107.bc.googleusercontent.com
penta.a.one.impact-ad.jp
2    104.18.24.18 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    148.251.40.117 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.117.40.251.148.clients.your-server.de
sync.richaudience.com
4    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
excite-d.openx.net
us-u.openx.net
eu-u.openx.net
9    104.18.27.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
8    2406:2600:4::2b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    35.77.91.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-77-91-60.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    211.183.211.31 (Korea, Republic Of)

ASN152199 (KAKAOCORP-AS-KR Kakao Corp, KR)
serv.ds.kakao.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    82.145.213.8 (Amsterdam, Netherlands)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    20.157.93.108 (Washington, United States)

ASN8069 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.temu.com
3    35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    2406:da18:929:5a03:836c:255a:e37c:4d81 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.231.235.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-235-87.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    3.213.192.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-192-51.compute-1.amazonaws.com
i.liadm.com
2    172.64.150.63 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    185.84.60.23 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
1    198.206.157.241 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    13.228.29.185 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    47.236.192.116 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gw-iad-bid.ymmobi.com
3    23.108.103.29 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
u-sin01.e-planning.net
8    131.153.206.101 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    54.251.34.228 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-34-228.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    87.249.128.56 (Tokyo, Japan)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-87-249-128-56.cdn77.com
id.a-mx.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
3    52.43.79.118 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-79-118.us-west-2.compute.amazonaws.com
ap.lijit.com
1    37.157.5.86 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
2    3.173.238.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-82.nrt20.r.cloudfront.net
cr-p20.ladsp.com
1    3.166.244.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-76.nrt20.r.cloudfront.net
j.zucks.net.zimg.jp
1    3.113.198.155 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-198-155.ap-northeast-1.compute.amazonaws.com
i.adingo.jp
1    57.180.143.124 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-180-143-124.ap-northeast-1.compute.amazonaws.com
sh.zucks.net
1    103.67.201.72 (Singapore, Singapore)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
PTR: 1.cpm.sin1.wowcon.net
sync.adkernel.com
1    152.228.215.159 (France)

ASN16276 (OVH OVH SAS, FR)
visitor-waardex.omnitagjs.com
1    54.248.38.178 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-38-178.ap-northeast-1.compute.amazonaws.com
k.zucks.net
3    18.64.122.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-122-111.nrt12.r.cloudfront.net
tags.crwdcntrl.net
1    23.52.128.77 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-52-128-77.deploy.static.akamaitechnologies.com
hb.trustedstack.com
1    172.111.38.86 (Washington, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: 86-38-111-172.clients.gthost.com
tracker.adex-rtb.com
2    13.228.194.215 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-194-215.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
Apex Domain
Subdomains		 Transfer
59 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 261
stats.g.doubleclick.net — Cisco Umbrella Rank: 191
ad.doubleclick.net — Cisco Umbrella Rank: 168
googleads.g.doubleclick.net — Cisco Umbrella Rank: 62
cm.g.doubleclick.net — Cisco Umbrella Rank: 318
10208769.fls.doubleclick.net — Cisco Umbrella Rank: 577720
350 KB
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 212
477 KB
31 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1038
imageproxy.as.criteo.net — Cisco Umbrella Rank: 19852
client-side-metrics.as.criteo.net — Cisco Umbrella Rank: 18328
124 KB
30 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 636
ads.pubmatic.com — Cisco Umbrella Rank: 644
ut.pubmatic.com — Cisco Umbrella Rank: 1095
image6.pubmatic.com — Cisco Umbrella Rank: 1062
39 KB
29 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1136
eus.rubiconproject.com — Cisco Umbrella Rank: 700
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 36847
pixel.rubiconproject.com — Cisco Umbrella Rank: 466
35 KB
26 criteo.com
rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 22204
ads.as.criteo.com — Cisco Umbrella Rank: 18236
cat.jp2.as.criteo.com — Cisco Umbrella Rank: 63758
gum.criteo.com — Cisco Umbrella Rank: 512
measurement-api.criteo.com — Cisco Umbrella Rank: 2280
grid-bidder.criteo.com — Cisco Umbrella Rank: 948
mug.criteo.com — Cisco Umbrella Rank: 4028
ssp-sync.criteo.com — Cisco Umbrella Rank: 857
122 KB
24 adingo.jp
hb.adingo.jp — Cisco Umbrella Rank: 41677
pdn.adingo.jp — Cisco Umbrella Rank: 115119
cdn.sx.adingo.jp — Cisco Umbrella Rank: 114811
sh.adingo.jp — Cisco Umbrella Rank: 96468
cs.adingo.jp — Cisco Umbrella Rank: 4658
i.adingo.jp — Cisco Umbrella Rank: 116931
36 KB
21 browsiprod.com
yield-manager.browsiprod.com — Cisco Umbrella Rank: 4741
cdn.browsiprod.com — Cisco Umbrella Rank: 4810
events.browsiprod.com — Cisco Umbrella Rank: 4450
115 KB
21 eximg.jp
s.eximg.jp
112 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 323
sin3-ib.adnxs.com — Cisco Umbrella Rank: 28952
acdn.adnxs.com — Cisco Umbrella Rank: 793
secure.adnxs.com — Cisco Umbrella Rank: 565
47 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 420
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 786
aax.amazon-adsystem.com — Cisco Umbrella Rank: 571
s.amazon-adsystem.com — Cisco Umbrella Rank: 386
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1222
98 KB
13 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 6225
cf.im-apps.net — Cisco Umbrella Rank: 278725
atb.im-apps.net — Cisco Umbrella Rank: 214750
sync.im-apps.net — Cisco Umbrella Rank: 10710
sync6.im-apps.net — Cisco Umbrella Rank: 6729
b.im-apps.net — Cisco Umbrella Rank: 111200
audiencedata.im-apps.net — Cisco Umbrella Rank: 41374
15 KB
12 openx.net
us-u.openx.net — Cisco Umbrella Rank: 584
rtb.openx.net — Cisco Umbrella Rank: 635
excite-d.openx.net
eu-u.openx.net — Cisco Umbrella Rank: 2344
u.openx.net — Cisco Umbrella Rank: 808
3 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 643
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 623
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 694
dsum.casalemedia.com — Cisco Umbrella Rank: 1824
ssum.casalemedia.com — Cisco Umbrella Rank: 2527
9 KB
11 4dex.io
script.4dex.io — Cisco Umbrella Rank: 5227
mp.4dex.io — Cisco Umbrella Rank: 3109
u.4dex.io — Cisco Umbrella Rank: 2912
26 KB
11 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1142
2 KB
10 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 8824
penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 116602
4 KB
9 a-mo.net
sync.a-mo.net — Cisco Umbrella Rank: 1527
prebid.a-mo.net — Cisco Umbrella Rank: 951
5 KB
9 bing.com
www.bing.com — Cisco Umbrella Rank: 51
49 KB
9 flux.jp
a.flux.jp — Cisco Umbrella Rank: 146920
1 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2809
s.e-planning.net — Cisco Umbrella Rank: 10072
sync.e-planning.net — Cisco Umbrella Rank: 6240
u-sin01.e-planning.net — Cisco Umbrella Rank: 62813
3 KB
7 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 796
api.id5-sync.com — Cisco Umbrella Rank: 1605
id5-sync.com — Cisco Umbrella Rank: 515
38 KB
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1796
syndication.twitter.com — Cisco Umbrella Rank: 2199
analytics.twitter.com — Cisco Umbrella Rank: 1178
148 KB
7 excite.co.jp
image.excite.co.jp
44 KB
6 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3329
sync.richaudience.com — Cisco Umbrella Rank: 1162
2 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 36312
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
763 KB
6 exblog.jp
twinklesphotos.exblog.jp
pds.exblog.jp
md.exblog.jp
logging.exblog.jp
42 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1118
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1173
23 KB
5 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 341
ep2.adtrafficquality.google — Cisco Umbrella Rank: 348
26 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 774
4 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 439
3 KB
5 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 7764
4 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 1045
api.btloader.com — Cisco Umbrella Rank: 1182
33 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 764
3 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3657
2 KB
4 socdm.com
d.socdm.com — Cisco Umbrella Rank: 68263
bid.socdm.com
4 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 839
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 745
cm.adform.net — Cisco Umbrella Rank: 1257
2 KB
3 eu-1-id5-sync.com
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1220
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 974
844 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 491
pbs.yahoo.com Failed
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 1216
1 KB
3 temu.com
www.temu.com — Cisco Umbrella Rank: 710
2 KB
3 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1426
452 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 453
1 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 174
www.google.com — Cisco Umbrella Rank: 2 Failed
adservice.google.com — Cisco Umbrella Rank: 607
632 B
3 fout.jp
cnt.fout.jp — Cisco Umbrella Rank: 212825
sync.fout.jp — Cisco Umbrella Rank: 13196
1 KB
3 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10426
469 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 308
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 64
21 KB
2 zucks.net
sh.zucks.net — Cisco Umbrella Rank: 238296
k.zucks.net — Cisco Umbrella Rank: 252942
2 KB
2 ladsp.com
cr-p20.ladsp.com
862 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 530
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1462
s.tribalfusion.com — Cisco Umbrella Rank: 3408
1008 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 928
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 823
cdn.indexww.com — Cisco Umbrella Rank: 1829
2 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 872
140 KB
2 ad-stir.com
ad.ad-stir.com — Cisco Umbrella Rank: 229252
bypass.ad-stir.com — Cisco Umbrella Rank: 182868
469 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
994 B
2 bing.net
adsdk.bing.net — Cisco Umbrella Rank: 3320
41 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1121
syncv4.intentiq.com — Cisco Umbrella Rank: 1636
2 KB
2 azureedge.net
adsdkprod.azureedge.net — Cisco Umbrella Rank: 2573
35 KB
2 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 2389
39 KB
2 microad.jp
universe.send.microad.jp — Cisco Umbrella Rank: 181962
aid.send.microad.jp — Cisco Umbrella Rank: 35428
1 KB
2 outbrain.com
b1sync.outbrain.com — Cisco Umbrella Rank: 834
1 KB
2 admaster.cc
gtracenep.admaster.cc — Cisco Umbrella Rank: 2846
777 B
2 gsspat.jp
rt.gsspat.jp — Cisco Umbrella Rank: 12577
728 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 989
761 B
2 adjust-net.jp
aud.adjust-net.jp — Cisco Umbrella Rank: 421807
2 tremorhub.com
hrbh3.publishers.tremorhub.com — Cisco Umbrella Rank: 807012
652 B
2 docomo.ne.jp
nidan.addlv.smt.docomo.ne.jp — Cisco Umbrella Rank: 150132
tracking.prismpartner.smt.docomo.ne.jp — Cisco Umbrella Rank: 14476
415 B
2 dns-finder.com
ab.dns-finder.com — Cisco Umbrella Rank: 1267
233 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 235
76 KB
2 d2c.ne.jp
cdn.nidan.d2c.ne.jp — Cisco Umbrella Rank: 203906
js.api.nidan.d2c.ne.jp — Cisco Umbrella Rank: 115507
4 KB
1 adex-rtb.com
tracker.adex-rtb.com — Cisco Umbrella Rank: 5520
304 B
1 trustedstack.com
hb.trustedstack.com — Cisco Umbrella Rank: 1520
406 B
1 omnitagjs.com
visitor-waardex.omnitagjs.com — Cisco Umbrella Rank: 3955
79 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1458
809 B
1 zimg.jp
j.zucks.net.zimg.jp — Cisco Umbrella Rank: 242514
8 KB
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 10803
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1485
1 KB
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 734
822 B
1 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 1948
404 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 661
327 B
1 liadm.com
i.liadm.com — Cisco Umbrella Rank: 629
208 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
1 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 816
645 B
1 kakao.com
serv.ds.kakao.com — Cisco Umbrella Rank: 142830
613 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 9170
471 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 901
463 B
1 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1621
253 B
1 genieesspv.jp
aladdin.genieesspv.jp — Cisco Umbrella Rank: 39588
248 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 123
13 KB
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1000
329 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1820
566 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 722
433 B
1 springserve.com
sync.springserve.com — Cisco Umbrella Rank: 1583
206 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
538 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 787
470 B
1 audiencedata.net
cdn.audiencedata.net — Cisco Umbrella Rank: 391768
2 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 4974
1 KB
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5776
627 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 18424
63 B
1 gmossp-sp.jp
sp.gmossp-sp.jp — Cisco Umbrella Rank: 103154
593 B
1 st-hatena.com
b.st-hatena.com — Cisco Umbrella Rank: 174884
3 KB
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 142201
165 KB
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 nex8.net Failed
cs.nex8.net Failed
503 107
Domain Requested by
28 pagead2.googlesyndication.com twinklesphotos.exblog.jp
image.excite.co.jp
pagead2.googlesyndication.com
googleads.g.doubleclick.net
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
ep2.adtrafficquality.google
securepubads.g.doubleclick.net
25 cm.g.doubleclick.net 6 redirects twinklesphotos.exblog.jp
googleads.g.doubleclick.net
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
ssum-sec.casalemedia.com
21 s.eximg.jp twinklesphotos.exblog.jp
s.eximg.jp
17 static.criteo.net ads.as.criteo.com
17 securepubads.g.doubleclick.net image.excite.co.jp
securepubads.g.doubleclick.net
twinklesphotos.exblog.jp
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
pagead2.googlesyndication.com
15 ut.pubmatic.com ads.pubmatic.com
15 events.browsiprod.com cdn.browsiprod.com
flux-cdn.com
11 ad-delivery.net btloader.com
10 pixel.rubiconproject.com 7 redirects twinklesphotos.exblog.jp
10 imageproxy.as.criteo.net ads.as.criteo.com
10 ib.adnxs.com 3 redirects flux-cdn.com
twinklesphotos.exblog.jp
acdn.adnxs.com
9 www.bing.com 1 redirects srcdoc
twinklesphotos.exblog.jp
9 cs.adingo.jp 1 redirects twinklesphotos.exblog.jp
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
9 y.one.impact-ad.jp 5 redirects twinklesphotos.exblog.jp
flux-cdn.com
9 ad.doubleclick.net 1 redirects btloader.com
twinklesphotos.exblog.jp
9 a.flux.jp flux-cdn.com
8 prebid.a-mo.net 8 redirects
8 ssp-sync.criteo.com
8 ads.pubmatic.com pdn.adingo.jp
script.4dex.io
flux-cdn.com
ads.us.e-planning.net
sync.richaudience.com
8 hb.adingo.jp flux-cdn.com
7 token.rubiconproject.com 4 redirects eus.rubiconproject.com
7 aax.amazon-adsystem.com c.amazon-adsystem.com
7 image.excite.co.jp twinklesphotos.exblog.jp
image.excite.co.jp
6 sin3-ib.adnxs.com 1 redirects srcdoc
adsdkprod.azureedge.net
6 gum.criteo.com 2 redirects pdn.adingo.jp
flux-cdn.com
6 eus.rubiconproject.com pdn.adingo.jp
eus.rubiconproject.com
script.4dex.io
ads.us.e-planning.net
6 u.4dex.io twinklesphotos.exblog.jp
ads.us.e-planning.net
6 www.googletagmanager.com twinklesphotos.exblog.jp
www.googletagmanager.com
dmp.im-apps.net
5 onetag-sys.com script.4dex.io
ads.us.e-planning.net
sync.richaudience.com
5 match.adsrvr.org 5 redirects
5 us-u.openx.net 1 redirects twinklesphotos.exblog.jp
excite-d.openx.net
pdn.adingo.jp
5 ad.as.amanad.adtdp.com 1 redirects flux-cdn.com
4 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
4 rtb.openx.net 2 redirects flux-cdn.com
excite-d.openx.net
4 id5-sync.com cdn.id5-sync.com
flux-cdn.com
4 s.amazon-adsystem.com 1 redirects twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
4 b1sync.zemanta.com 4 redirects
4 client-side-metrics.as.criteo.net ads.as.criteo.com
4 dclk-match.dotomi.com 4 redirects
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 hbopenbid.pubmatic.com flux-cdn.com
4 mp.4dex.io flux-cdn.com
4 prebid-asia.creativecdn.com flux-cdn.com
4 bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 cdn.browsiprod.com flux-cdn.com
cdn.browsiprod.com
4 platform.twitter.com twinklesphotos.exblog.jp
platform.twitter.com
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
3 ap.lijit.com 3 redirects
3 u-sin01.e-planning.net ads.us.e-planning.net
3 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
3 sync.richaudience.com 1 redirects flux-cdn.com
sync.richaudience.com
3 mug.criteo.com
3 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
3 pixel-apac.rubiconproject.com 3 redirects
3 www.temu.com 2 redirects
3 tr.blismedia.com 1 redirects bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
excite-d.openx.net
3 sync.im-apps.net cf.im-apps.net
3 image6.pubmatic.com ads.pubmatic.com
cf.im-apps.net
3 secure-assets.rubiconproject.com 3 redirects
3 x.bidswitch.net 3 redirects
3 pdn.adingo.jp twinklesphotos.exblog.jp
securepubads.g.doubleclick.net
pdn.adingo.jp
3 shb.richaudience.com flux-cdn.com
3 d.socdm.com flux-cdn.com
3 htlb.casalemedia.com flux-cdn.com
3 api.btloader.com btloader.com
3 dmp.im-apps.net twinklesphotos.exblog.jp
pdn.adingo.jp
dmp.im-apps.net
3 blogger.googleusercontent.com twinklesphotos.exblog.jp
3 cdn.jsdelivr.net flux-cdn.com
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
3 c.amazon-adsystem.com image.excite.co.jp
c.amazon-adsystem.com
3 www.google-analytics.com twinklesphotos.exblog.jp
www.google-analytics.com
www.googletagmanager.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 cr-p20.ladsp.com 2 redirects
2 eb2.3lift.com 2 redirects
2 sync.e-planning.net ads.us.e-planning.net
2 c1.adform.net 2 redirects
2 t.adx.opera.com 2 redirects
2 ads.us.e-planning.net 1 redirects script.4dex.io
2 static.xx.fbcdn.net www.facebook.com
2 ep1.adtrafficquality.google securepubads.g.doubleclick.net
2 ads.stickyadstv.com 2 redirects
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
flux-cdn.com
2 adsdk.bing.net adsdk.microsoft.com
2 aax-eu.amazon-adsystem.com 1 redirects twinklesphotos.exblog.jp
2 ups.analytics.yahoo.com 2 redirects
2 10208769.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 adsdkprod.azureedge.net srcdoc
2 adsdk.microsoft.com srcdoc
2 audiencedata.im-apps.net cdn.audiencedata.net
dmp.im-apps.net
2 sync6.im-apps.net dmp.im-apps.net
flux-cdn.com
2 b1sync.outbrain.com 2 redirects
2 gtracenep.admaster.cc 2 redirects
2 rt.gsspat.jp 2 redirects
2 cms.quantserve.com 2 redirects
2 measurement-api.criteo.com ads.as.criteo.com
2 cdn.id5-sync.com pdn.adingo.jp
2 aud.adjust-net.jp pdn.adingo.jp
2 hrbh3.publishers.tremorhub.com 2 redirects
2 sync.fout.jp pdn.adingo.jp
2 cat.jp2.as.criteo.com ads.as.criteo.com
2 ads.as.criteo.com googleads.g.doubleclick.net
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
2 rtb.sg1.as.criteo.com googleads.g.doubleclick.net
twinklesphotos.exblog.jp
2 sh.adingo.jp pdn.adingo.jp
2 creativecdn.com 2 redirects
2 ab.dns-finder.com btloader.com
2 syndication.twitter.com platform.twitter.com
twinklesphotos.exblog.jp
2 md.exblog.jp twinklesphotos.exblog.jp
2 connect.facebook.net twinklesphotos.exblog.jp
connect.facebook.net
2 yield-manager.browsiprod.com flux-cdn.com
cdn.browsiprod.com
2 btloader.com flux-cdn.com
btloader.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 pds.exblog.jp twinklesphotos.exblog.jp
1 u.openx.net 1 redirects
1 tracker.adex-rtb.com sync.richaudience.com
1 hb.trustedstack.com ads.us.e-planning.net
1 k.zucks.net j.zucks.net.zimg.jp
1 visitor-waardex.omnitagjs.com
1 sync.adkernel.com 1 redirects
1 sh.zucks.net j.zucks.net.zimg.jp
1 i.adingo.jp pdn.adingo.jp
1 j.zucks.net.zimg.jp pdn.adingo.jp
1 ssum.casalemedia.com pdn.adingo.jp
1 sync-dsp.ad-m.asia pdn.adingo.jp
1 cm.adform.net 1 redirects
1 id.a-mx.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 gw-iad-bid.ymmobi.com 1 redirects
1 match.sharethrough.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 i.liadm.com ssum-sec.casalemedia.com
1 eu-u.openx.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 serv.ds.kakao.com 1 redirects
1 ds.uncn.jp 1 redirects
1 ad.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 excite-d.openx.net flux-cdn.com
1 js-sec.indexww.com flux-cdn.com
1 penta.a.one.impact-ad.jp flux-cdn.com
1 bypass.ad-stir.com 1 redirects
1 acdn.adnxs.com flux-cdn.com
1 grid-bidder.criteo.com flux-cdn.com
1 g2.gumgum.com flux-cdn.com
1 ad.ad-stir.com flux-cdn.com
1 aladdin.genieesspv.jp flux-cdn.com
1 www.facebook.com connect.facebook.net
1 adservice.google.com 10208769.fls.doubleclick.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 capi.connatix.com twinklesphotos.exblog.jp
1 sync.a-mo.net twinklesphotos.exblog.jp
1 syncv4.intentiq.com twinklesphotos.exblog.jp
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 match.prod.bidr.io twinklesphotos.exblog.jp
1 sync.springserve.com twinklesphotos.exblog.jp
1 px.ads.linkedin.com twinklesphotos.exblog.jp
1 b.im-apps.net cdn.audiencedata.net
1 aid.send.microad.jp cf.im-apps.net
1 universe.send.microad.jp cf.im-apps.net
1 analytics.twitter.com cf.im-apps.net
1 api.id5-sync.com cdn.id5-sync.com
1 s.ad.smaato.net 1 redirects
1 atb.im-apps.net twinklesphotos.exblog.jp
1 cdn.audiencedata.net www.googletagmanager.com
1 cf.im-apps.net twinklesphotos.exblog.jp
1 tracking.prismpartner.smt.docomo.ne.jp 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 ipac.ctnsnet.com 1 redirects
1 bid.socdm.com 1 redirects
1 www.google.com googleads.g.doubleclick.net
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
ep2.adtrafficquality.google
1 cdn.sx.adingo.jp pdn.adingo.jp
1 www.google.co.jp twinklesphotos.exblog.jp
1 analytics.google.com www.googletagmanager.com
1 sp.gmossp-sp.jp flux-cdn.com
1 script.4dex.io flux-cdn.com
1 nidan.addlv.smt.docomo.ne.jp cdn.nidan.d2c.ne.jp
1 cnt.fout.jp dmp.im-apps.net
1 js.api.nidan.d2c.ne.jp cdn.nidan.d2c.ne.jp
1 logging.exblog.jp twinklesphotos.exblog.jp
1 cdn.nidan.d2c.ne.jp flux-cdn.com
1 b.st-hatena.com twinklesphotos.exblog.jp
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 flux-cdn.com image.excite.co.jp
1 twinklesphotos.exblog.jp
0 dps.jp.cinarra.com Failed excite-d.openx.net
0 cs.nex8.net Failed excite-d.openx.net
0 pbs.yahoo.com Failed twinklesphotos.exblog.jp
503 193
Subject Issuer Validity Valid
*.exblog.jp
Amazon RSA 2048 M03		 2025-04-13 -
2026-05-12		 a year crt.sh
*.eximg.jp
Amazon RSA 2048 M02		 2025-01-09 -
2026-02-07		 a year crt.sh
*.google-analytics.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.excite.co.jp
Amazon RSA 2048 M03		 2024-12-28 -
2026-01-25		 a year crt.sh
*.g.doubleclick.net
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
flux-cdn.com
Certainly Intermediate R1		 2025-11-03 -
2025-12-03		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M04		 2025-10-20 -
2026-11-18		 a year crt.sh
*.twimg.com
R12		 2025-09-20 -
2025-12-19		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
*.b.st-hatena.com
Amazon RSA 2048 M04		 2025-07-23 -
2026-08-20		 a year crt.sh
cdn.nidan.d2c.ne.jp
Amazon RSA 2048 M03		 2025-06-29 -
2026-07-27		 a year crt.sh
btloader.com
WE1		 2025-09-27 -
2025-12-26		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2025-04-25 -
2026-05-04		 a year crt.sh
*.browsiprod.com
Amazon RSA 2048 M04		 2025-10-14 -
2026-11-11		 a year crt.sh
a.flux.jp
WR3		 2025-09-15 -
2025-12-14		 3 months crt.sh
*.facebook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-08-17 -
2025-11-15		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2025-01-10 -
2026-01-10		 a year crt.sh
twitter.com
E7		 2025-10-13 -
2026-01-11		 3 months crt.sh
js.api.nidan.d2c.ne.jp
Amazon RSA 2048 M02		 2025-07-01 -
2026-07-28		 a year crt.sh
ad-delivery.net
WE1		 2025-10-30 -
2026-01-28		 3 months crt.sh
*.doubleclick.net
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
ab.dns-finder.com
WR3		 2025-10-22 -
2026-01-20		 3 months crt.sh
api.btloader.com
WR3		 2025-09-23 -
2025-12-22		 3 months crt.sh
*.fout.jp
RapidSSL TLS RSA CA G1		 2025-01-27 -
2026-02-25		 a year crt.sh
*.smt.docomo.ne.jp
Cybertrust Japan SureServer CA G4		 2025-05-27 -
2026-06-14		 a year crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
script.4dex.io
WE1		 2025-09-11 -
2025-12-10		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M04		 2025-07-16 -
2026-08-14		 a year crt.sh
sp.gmossp-sp.jp
WR3		 2025-10-05 -
2026-01-03		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2025-04-17 -
2026-05-02		 a year crt.sh
casalemedia.com
E8		 2025-10-02 -
2025-12-31		 3 months crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M01		 2025-11-05 -
2026-12-03		 a year crt.sh
mp.4dex.io
WE1		 2025-10-16 -
2026-01-14		 3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2025-09-04 -
2026-09-30		 a year crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2025-02-20 -
2026-02-25		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-19 -
2026-03-22		 a year crt.sh
*.adnxs.com
GeoTrust TLS ECC CA G1		 2025-09-25 -
2026-10-26		 a year crt.sh
*.one.impact-ad.jp
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-16 -
2025-12-10		 3 months crt.sh
*.google.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.google.co.jp
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
sx.adingo.jp
Amazon RSA 2048 M02		 2025-01-30 -
2026-03-01		 a year crt.sh
*.sg1.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-14 -
2026-01-10		 3 months crt.sh
*.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-11-05 -
2026-02-04		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-16 -
2026-01-18		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-31 -
2026-01-28		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.adjust-net.jp
Amazon RSA 2048 M04		 2025-04-14 -
2026-05-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-03 -
2025-12-06		 3 months crt.sh
id5-sync.com
WE1		 2025-09-19 -
2025-12-18		 3 months crt.sh
*.as.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-26 -
2026-01-21		 3 months crt.sh
*.audiencedata.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-09-22 -
2026-09-21		 a year crt.sh
atb.im-apps.net
WR3		 2025-09-20 -
2025-12-19		 3 months crt.sh
tr.blismedia.com
WR3		 2025-11-05 -
2026-02-03		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2025-10-06 -
2026-11-07		 a year crt.sh
b.im-apps.net
WR3		 2025-10-28 -
2026-01-26		 3 months crt.sh
audiencedata.im-apps.net
WR3		 2025-10-16 -
2026-01-14		 3 months crt.sh
adsdk.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2025-08-01 -
2026-02-01		 6 months crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 07		 2025-10-16 -
2026-04-14		 6 months crt.sh
match.prod.bidr.io
Amazon RSA 2048 M02		 2025-05-17 -
2026-06-13		 a year crt.sh
adsdk.bing.net
Microsoft Azure RSA TLS Issuing CA 04		 2025-10-10 -
2026-04-08		 6 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 04		 2025-04-23 -
2026-04-18		 a year crt.sh
eu-1-id5-sync.com
R12		 2025-11-01 -
2026-01-30		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
adtrafficquality.google
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2025-04-07 -
2026-05-08		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2025-08-12 -
2026-08-19		 a year crt.sh
*.ad-stir.com
Amazon ECDSA 256 M01		 2025-11-05 -
2026-12-04		 a year crt.sh
*.sp-adex-prd-eks-1.ggops.com
Amazon RSA 2048 M03		 2025-03-27 -
2026-04-25		 a year crt.sh
ads.us.e-planning.net
R12		 2025-09-08 -
2025-12-07		 3 months crt.sh
cdn.adnxs.com
R12		 2025-10-18 -
2026-01-16		 3 months crt.sh
*.a.one.impact-ad.jp
R13		 2025-09-16 -
2025-12-15		 3 months crt.sh
indexww.com
WE1		 2025-09-21 -
2025-12-20		 3 months crt.sh
*.temu.com
Go Daddy Secure Certificate Authority - G2		 2025-07-01 -
2026-07-01		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-10-30 -
2026-08-04		 9 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2025-07-01 -
2026-07-29		 a year crt.sh
*.e-planning.net
R13		 2025-09-08 -
2025-12-07		 3 months crt.sh
sync-dsp.ad-m.asia
R13		 2025-08-25 -
2025-11-23		 3 months crt.sh
j.zucks.net.zimg.jp
Amazon RSA 2048 M04		 2025-07-30 -
2026-08-27		 a year crt.sh
sh.zucks.net
Amazon RSA 2048 M03		 2025-01-31 -
2026-03-01		 a year crt.sh
k.zucks.net
Amazon RSA 2048 M04		 2025-05-09 -
2026-06-07		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M04		 2025-08-09 -
2026-09-07		 a year crt.sh
hb.trustedstack.com
R13		 2025-10-23 -
2026-01-21		 3 months crt.sh
u.4dex.io
WR3		 2025-09-13 -
2025-12-12		 3 months crt.sh
*.adex-rtb.com
Sectigo ECC Domain Validation Secure Server CA		 2024-11-26 -
2025-11-26		 a year crt.sh

This page contains 55 frames:

Primary Page: https://twinklesphotos.exblog.jp/33443959/
Frame ID: 74C523CB09F827D89AB88671B3204CA2
Requests: 218 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Frame ID: 2544F140B8225DDDF1CB37DFA03AD3C3
Requests: 2 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5727730570625024&upapi=true
Frame ID: 1B6E9E93D9E77F969D281102E0AD9C33
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: D66DC7AE717BD60DDF617B63C34296E5
Requests: 1 HTTP requests in this frame

Frame: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: B2BB6F35511528248FDAD201AE3DCF40
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
Frame ID: 85F87DDE068D651007BCDF4325BA3B85
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/zrt_lookup_fy2021.html
Frame ID: 1EED7CBDCB0774C9D4CCA16AC31E7302
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&adk=433290209&adf=473226989&lmt=1762581700&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700361&bpp=13&bdt=768&idt=449&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3538105162288&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=469
Frame ID: 31170B71D679DD106E001A3749FEC595
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Frame ID: 0BA26501487CFA7D5FC4A6461CD69A0B
Requests: 7 HTTP requests in this frame

Frame: https://pdn.adingo.jp/p.js
Frame ID: A1094B25D59A0FF3126FDEDDFAB94423
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Frame ID: 18EADADA19A812156DEB75944109F1ED
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Frame ID: 319137C167C2539C72C580B2A6E493F6
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 375CA8980B9028214FC573378117EF59
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Frame ID: D678EEE58E70C7EE0B98CE6F5AD158CA
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Frame ID: 61E0E32BD1238B90D6016CC5B142D7C7
Requests: 20 HTTP requests in this frame

Frame: https://cf.im-apps.net/imid/beacon.html
Frame ID: BB97E2AFE78F3E97C3E9C0A2D85168FC
Requests: 8 HTTP requests in this frame

Frame: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 972E133FB7C8997A99FB5B2532354E1C
Requests: 12 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Frame ID: 7AF3A841D31E528F635FE1C48332E1A2
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4C938050094BC55C666C0044E0A57F6A
Requests: 9 HTTP requests in this frame

Frame: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 1D5F77002B36AC86592EC4B23237F1A2
Requests: 12 HTTP requests in this frame

Frame: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: ED53BD7A0B29D6AF9AEB3567ED744A9E
Requests: 10 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 8EE6A4FB3A479F0057062E446F9D4655
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 4CA344625A6706CC6F304E660F9A93A5
Requests: 8 HTTP requests in this frame

Frame: https://10208769.fls.doubleclick.net/activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F
Frame ID: 44A56D22152C10D1CEC32F742B9235C7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: 7252C5F119061ED8B4962DDD3EE3A136
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: 798A7C00789C1766018C2B678F54F0CB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: 45DA8AAE5F802A5290D2AE8E0A4900CC
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 708174FC7AC8397ACCE8A3B32F15E4BE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c69f38404cb44ef%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ff08387238f28e4909%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&layout=button_count&locale=ja_JP&sdk=joey
Frame ID: CBD9D97DF015193EEC14C6254313D4F1
Requests: 3 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: 8120ADA4C4A0E58D054B58D6D1A92071
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F43238AD72A3E1DA8B9B6AF46B0DD69
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 42C15048871D9CF89A47319FA510C476
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 076E2E8C5697A1415D7D2E1546B75B7F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: 9B78CA82F3E4A6770F6F497FC96F2DA9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtPXrWf6k3VDrePK0Qae5dBbLkXxiFnCzK_KqZTJWKjcBIkmt5a50_OIx47KWwpzNU74r-An3JF2zfGd5eBAG2ZTd0_yU6SJ1wn8Xk0CZoDGCPl7bysEPm74Z51G6sDLrejIGouPzpi1XozlO6ZBORukFuFn258z0BAQ-hVNsHYWlUWGvftPqMoDrFkmrD6MsfmP3ESUmo1xcEBxZHdyAtgBvk8ebaBh_SSoqSWgwJndrnHT6sv8fONrvhSuuDXj62jMADyt1kvNFI-pOdvPIoYrjgRdLiulh1HHHy7yyE_uX5k7FsIglc-kzzNGCNcCSIIEWPNCRqwQL7NuzoHTAKR36S6EPYC9dm8iDKgQmZJFAMpOwLGmSbdldpY3VxqJtCYYyCHHkruF9sE5yiuhIxOJ9bcpNwSZlIzMeALwCOuhiB33Uqh1cXVzSNUfRaAcU&sai=AMfl-YTL0E5OcP5OzVA7U16PjCxt_WY1yycMFzEgkSILuP9FI1vdR4s3px42VVs1O_5W9Mh5jEV29O3GgKbx6T7V4ExRRwruOXqtxGtuNUmrgxh86cnjFc23Xr35ehgHRWHSb97LSQD7tFvAEpexRNGdfu_jecMZhhUAO6LLR3fIZ-7_Ac1knBZ7rCnRKORBDZvH8P8up6q6vC31BXwhAFZ0bGNa5AbT2KXobEcUMiclhVcKw21Fn7tdWhhctO5eZvWc2jgtag&sig=Cg0ArKJSzOiFNePqoeYgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 2F7766285C60169B469E16A6DDD9752C
Requests: 20 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8B40C459C4434D5933CB4E6FD6CB736E
Requests: 3 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: A21FEB7E776ED9952EB6F23F5DCE2203
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B2D33FB605630F83EC65B153C00D5504
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=twinklesphotos.exblog.jp&gpp=
Frame ID: 974F415783AF9560D32D21BB2CF74955
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Frame ID: E3FCC2B7300CECAF508EB41CB7E002FB
Requests: 3 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1122990312&rd=1
Frame ID: 27F86F1C9ED7DA8051C436632390FDB8
Requests: 3 HTTP requests in this frame

Frame: https://excite-d.openx.net/w/1.0/pd
Frame ID: 8118D7F99CC87AC15E3E8EB530399B8F
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 54898384493E12FEA794FE8E17ED89B5
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Frame ID: CFA9EAE884743C4D365D9202BE640A7B
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2cce3e0c8930cc60%26uid%3D
Frame ID: 3F4CEE1FE3021F5E4F4E6F39F38EE702
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: DDF5CC39B5885D993E9F01706DFB1977
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Frame ID: DF0C7F40EDE2AD0FC36BFC3DF29ABB19
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=193191&cb=https://cs.adingo.jp/sync/%3Ffrom%3Didxex%26id%3D
Frame ID: 1E1DD4253BF3D54FBD4862FD97A0EAA0
Requests: 1 HTTP requests in this frame

Frame: https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D2cce3e0c8930cc60
Frame ID: C307338E2F08EAECB6DDA086B69805C7
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&it=adg-pb-clt&uid=AEpQsjRTgg6kx12S
Frame ID: 0D7FDC8A66A3CA61DC9CE031A266681E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156538&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.richaudience.com%2Fa8c1b6a2754b510b088f624c91944bf3%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D
Frame ID: 6C5A5B11C49684CB1FBDB802679E5C97
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Frame ID: 5A22F9DE4A039C590680CEF664C356E6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: F53831876F84FE3D5028D4DE90D081DB
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 30D44B5A230C5CC88FDC84C419A1CCEF
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C106%2C33%2C164%2C2%2C116&lac=true&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 0D27E46314392A0E467DA8BDF3DCDCB7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

10 Essential Tips for Crypto Mining Success : TWINKLES

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

503
Requests

84 %
HTTPS

23 %
IPv6

107
Domains

193
Subdomains

143
IPs

13
Countries

3808 kB
Transfer

11951 kB
Size

179
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279398&cb=57985842707&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=18680e396c16239&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=57985842707&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=18680e396c16239&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 119
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279402&cb=33133920718&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=58a369ce8510b858&tid=ac341f04-87af-4633-a008-17e5cff362ab&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=33133920718&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=58a369ce8510b858&tid=ac341f04-87af-4633-a008-17e5cff362ab&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 138
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=78CGVj64qbWtJCN4lSymaVfCpFMRZnwLy9zilwcO7Uo&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 175
  • https://x.bidswitch.net/sync?ssp=fluct HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fluct HTTP 302
  • https://cs.adingo.jp/sync/?from=bidsw&id=435287f2-cb7d-4872-8355-902b772ad7ed
Request Chain 177
  • https://us-u.openx.net/w/1.0/cm?id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
Request Chain 178
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=fluct&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Request Chain 179
  • https://ad.as.amanad.adtdp.com/v1/sync/ssp?ssp=5 HTTP 303
  • https://cs.adingo.jp/sync/?from=aja&id=s2suidHSCZO7PGM2QKlhmn32N8-gyLxHgCcuqlCwGxONuILS5t4rcN-5wO6vAsBndK_DcjpE29U1
Request Chain 180
  • https://hrbh3.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D HTTP 302
  • https://hrbh3.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D HTTP 302
  • https://cs.adingo.jp/sync/?from=magnite&id=f9302e1a028a483ca5bebd760dab9cf3
Request Chain 181
  • https://y.one.impact-ad.jp/tbs_cs?callback=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dp1%26id%3D%24UID&ex=p1.com HTTP 302
  • https://cs.adingo.jp/sync/?from=p1&id=82626013-c39d-4924-badf-5965e0c41e47
Request Chain 182
  • https://cs.adingo.jp/adx/go/?nid=fluct_eb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbf0d86134963f4a5205ad2b21b441f3
Request Chain 183
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
  • https://cs.adingo.jp/sync/?from=tdid&id=20657a5b-463b-4127-b06a-ab3e93a99895&ttl=1765173701
Request Chain 188
  • https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&t=.gif HTTP 302
  • https://cs.adingo.jp/sync/?from=scaleout&id=aQ7cxMCo8HcAAMhKxz4AAAAA
Request Chain 191
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEhaAM9FNMDd4AG3R7UQF0c&google_cver=1&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_F9jiO8gopXjSlVdm7NYC3Z2_FIXlxONy7ZPFsC05ZIyHc HTTP 302
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEhaAM9FNMDd4AG3R7UQF0c&google_cver=1&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_F9jiO8gopXjSlVdm7NYC3Z2_FIXlxONy7ZPFsC05ZIyHc&__qcmcs=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_F9jiO8gopXjSlVdm7NYC3Z2_FIXlxONy7ZPFsC05ZIyHc&google_hm=fP-O5mJJ84GFNhiiQXIFtg
Request Chain 192
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_cver=1&google_push=AXcoOmQXMHosfjJj5EqwHyRzncuhU5LxGcRo3UHq_qdCxeXVBUmMILVNi366XL0RZhO9wYXSA_kot-ZblrKAsWGmFJ23fXE-YbZWQTw HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=233e071b17a1ff1&is_secure=true&networkId=14000&version=1&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_cver=1&google_push=AXcoOmQXMHosfjJj5EqwHyRzncuhU5LxGcRo3UHq_qdCxeXVBUmMILVNi366XL0RZhO9wYXSA_kot-ZblrKAsWGmFJ23fXE-YbZWQTw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAKvTVR9bJFuQJM3rTPAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_push=AXcoOmQXMHosfjJj5EqwHyRzncuhU5LxGcRo3UHq_qdCxeXVBUmMILVNi366XL0RZhO9wYXSA_kot-ZblrKAsWGmFJ23fXE-YbZWQTw
Request Chain 193
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEKzgWua5GEFXMrxHcYawwn0&google_cver=1&google_push=AXcoOmQCvCaKOBPmnKonYn7nQJ7zyd6nFezYUnrEofmhGuqDsdJoTpAEAINTdO-VvLolXMuxJ_itbyo8fBf13HuenoEZQXGyZWhJBw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQCvCaKOBPmnKonYn7nQJ7zyd6nFezYUnrEofmhGuqDsdJoTpAEAINTdO-VvLolXMuxJ_itbyo8fBf13HuenoEZQXGyZWhJBw&google_hm=YZdspvpXQvas1pbPTuaIRoc
Request Chain 194
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmRdv3IMeoKsw6xn_M_TG5LChix6KCwsq99tbufJHqj-CMFoqx6V5d09tWbgFGKb0CD6mJMLeZBWl45r4rcEd0imfgqawmUHjuQ&google_gid=CAESEMb1WrCdS0rGjivgrvAh-Ns&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmRdv3IMeoKsw6xn_M_TG5LChix6KCwsq99tbufJHqj-CMFoqx6V5d09tWbgFGKb0CD6mJMLeZBWl45r4rcEd0imfgqawmUHjuQ
Request Chain 195
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESENoUcY7rhyJlmw9zrmg0VT0&google_cver=1&google_push=AXcoOmT4jMGXKvTEXA_JdkCavbo_NQF3ujpKIcKshErFn7wEqqakBiXd24CBzu1v4YMvPM1VpBL4R96_Dqb0Ah8BtpbNWsPEFF9cDnUe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT4jMGXKvTEXA_JdkCavbo_NQF3ujpKIcKshErFn7wEqqakBiXd24CBzu1v4YMvPM1VpBL4R96_Dqb0Ah8BtpbNWsPEFF9cDnUe
Request Chain 196
  • https://tracking.prismpartner.smt.docomo.ne.jp/sync/adx?google_gid=CAESEL3FvvxKYS6GA5vApJkbnxk&google_cver=1&google_push=AXcoOmRr6OTIciI8tPazN1BZcQpWc8v81j3uQftH5ZddBGQrH2loJvm2c0Ai6FkfcSkqhVy2jrrb7zmb78HzFKu3RzohGrxuQ6RPCCW5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=I_yvvrAhRjmo2VRX4Cw7tQ&google_push=AXcoOmRr6OTIciI8tPazN1BZcQpWc8v81j3uQftH5ZddBGQrH2loJvm2c0Ai6FkfcSkqhVy2jrrb7zmb78HzFKu3RzohGrxuQ6RPCCW5
Request Chain 197
  • https://gtracenep.admaster.cc/ju/cs/google?google_gid=CAESELQ6iBUifOL58F0dB36NSTE&google_cver=1&google_push=AXcoOmSnTXPFmH9ztNWA9vfDt4OzLULABnBEgmlgTIXo0ik9UvD87J8rGdUQwdoxSy6ilkUXvyZ3ggspqZQIe3PDjnvZgodbmMVV4LvQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSnTXPFmH9ztNWA9vfDt4OzLULABnBEgmlgTIXo0ik9UvD87J8rGdUQwdoxSy6ilkUXvyZ3ggspqZQIe3PDjnvZgodbmMVV4LvQ&google_hm=05a3810e8dee14a52blvvj00mhpvmx6w
Request Chain 237
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_cver=1&google_push=AXcoOmQUxrW0Zp2dJvY20e4co71mG-lB50md77UkfSRd1RM5YwTdiHMevYR7ubYF0hs_Ec0xEFOfjIKbwaWk53ApSwiLOAQ71Qzn HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=184507380969219e&is_secure=true&networkId=14000&version=1&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_cver=1&google_push=AXcoOmQUxrW0Zp2dJvY20e4co71mG-lB50md77UkfSRd1RM5YwTdiHMevYR7ubYF0hs_Ec0xEFOfjIKbwaWk53ApSwiLOAQ71Qzn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQANEcNLQtWOTQIFNEAOAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_push=AXcoOmQUxrW0Zp2dJvY20e4co71mG-lB50md77UkfSRd1RM5YwTdiHMevYR7ubYF0hs_Ec0xEFOfjIKbwaWk53ApSwiLOAQ71Qzn
Request Chain 239
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmSyso3xSju7GnBkpznFQrzXo4GZ337s0aqVR6CAEiuDK5dpTvl1tR4TE1EWjG4XCC14xTACsMj2gvJqCk4YOBYT0oDZcfmV&google_gid=CAESEOz_aMxhLFs7z3MWmXu7j9o&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmSyso3xSju7GnBkpznFQrzXo4GZ337s0aqVR6CAEiuDK5dpTvl1tR4TE1EWjG4XCC14xTACsMj2gvJqCk4YOBYT0oDZcfmV
Request Chain 240
  • https://s.ad.smaato.net/c/?adExInit=g&google_gid=CAESEKnrPtclratsszWz2nFksuo&google_cver=1&google_push=AXcoOmTknWyWvHuIv9L9oogdaIqwVdX-9DDHnpP06u61J_NvKv9f4PAKsvYN08dyLrifR94zXp5p89xrJqYeWgN7ChT-9Eyhf4cE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=02c2065e6c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D&google_push=AXcoOmTknWyWvHuIv9L9oogdaIqwVdX-9DDHnpP06u61J_NvKv9f4PAKsvYN08dyLrifR94zXp5p89xrJqYeWgN7ChT-9Eyhf4cE
Request Chain 241
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEPMqaZ3xWYMwFBdwxYal8iM&google_cver=1&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw HTTP 302
  • https://b1sync.outbrain.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEPMqaZ3xWYMwFBdwxYal8iM&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw&s=2 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEPMqaZ3xWYMwFBdwxYal8iM&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw&obuid=689411a5-4e59-4109-ae5a-98adf5121a80&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw&google_hm=Njg5NDExYTUtNGU1OS00MTA5LWFlNWEtOThhZGY1MTIxYTgw
Request Chain 242
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEMr0YAU9t8eQSVdXlYis008&google_cver=1&google_push=AXcoOmR8mR7A9MybzWwpAKXF9qkXy87D7qrE7xiGX2j9v9C1sQSIIH5emi37milXhSZ_WhOa6b_taWs0VkYKnCEYDinv8GqYlWVYXw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_push=AXcoOmR8mR7A9MybzWwpAKXF9qkXy87D7qrE7xiGX2j9v9C1sQSIIH5emi37milXhSZ_WhOa6b_taWs0VkYKnCEYDinv8GqYlWVYXw&google_nid=whaleco_services_llc
Request Chain 243
  • https://gtracenep.admaster.cc/ju/cs/google?google_gid=CAESEBE80h5SrJEGOqC7ht_7JHs&google_cver=1&google_push=AXcoOmTioAYz9a75oPG7KG2qnDxtKFb8rcBqcyC_CD1IZ5Etrmyklv7_jEZTqrBXptfgLghPkju5jltYVMBSrheUc0welDy9mwdlXg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmTioAYz9a75oPG7KG2qnDxtKFb8rcBqcyC_CD1IZ5Etrmyklv7_jEZTqrBXptfgLghPkju5jltYVMBSrheUc0welDy9mwdlXg&google_hm=05a3810e84983ed920746500mhpvmx6w
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm HTTP 302
  • https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEMGX5UvqpqNqi20cHHwet04&google_cver=1
Request Chain 272
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1 HTTP 302
  • https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=20657a5b-463b-4127-b06a-ab3e93a99895
Request Chain 291
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=fluct&khaos=MHPVMX4Y-1C-7DVJ HTTP 302
  • https://cs.adingo.jp/sync?from=rubicon&id=MHPVMX4Y-1C-7DVJ
Request Chain 304
  • https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443959%252F&e=wqT_3QKcCqAcBQAAAwDWAAUBCMS5u8gGEMiHt6i7gMDOcRgAKjYJ368fg4bdtD8R3w0JJBkAAAAgXI_qPyERGwApEQn00AQxAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeKjUBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTkvgAMAiAMBkAMAmAMXoAMBqgOdBQqxBGh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWRlZjVkZDhkLWVmMWEtNDY5OC1hOWViLTAxNTVhMTZmYTA2YSZiaWRJZD0yJmJpZGRlcklkPTQmY21FeHBJZD1SU1YmaW1wSWQ9ODE4NjY5OTcxMzU1MTkwOTgzMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWY1MzU4OTY1LWUzZDQtNGIxYS04ZTA0LTAxYjQ1ODIzNDRjMiZyZWdpb249YXBhYyZybGluaz1odHRwcyUzQSUyRiUyRnd3dy5iaW5nLmNvbSUyRmFlcyUyRmMuZ2lmJTNGREklM0QwJTI2RElTJTNEU0JfMi0xLTAlM0YlMjZSRyUzRDU3ZWQ4ODk3Y2MyYjQ0N2Y5YzRiNzRhZTYwMzA0N2E4JTI2U05SJTNEMSUyNkdWJTNEMiUyNm1lZCUzRDEwJnJ0eXBlPW51cmwmdGFnSWQ9MzUwOTE0MDYmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19rbmFxZV9jbmx6cmFnX3F2ZnBlcmNuYXBsXzUmdWJlckdyb3VwPWhvcmVfM2MmdWJlclN1Ykdyb3VwPXBiYWdlYnlfNSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzgxODY2OTk3MTM1NTE5MDk4MzIiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJek9UVXdOalF3TlRFeU1qQWpNak16TkRFNU5EUTJOek13TlRBek9RPT1IAcAD2ATIAwDYA4fqNOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDYuNzAuMjAxLjEzNagEALIEEggAEAEYrAIg-gEoADAAOAJCALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFh-7i1KLot8JMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyterAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB6jUBdIHDwkAAAAAAAAAABAAGAAgANoHBggAEAAYAOAHAOoHAggA8Afr2gSKCEcKQwAAAZpiDl2gcZ0AA7UNw8gzX5QlUaVcJtUWHuMvfV78HbQHOA2wjfr8RE8e00FeayRtdo5hxVemustrUi9YerKFpCgQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=6bf0dc2dff54282f44cbdd1a443343db0204df08 HTTP 302
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=def5dd8d-ef1a-4698-a9eb-0155a16fa06a&bidId=2&bidderId=4&cmExpId=RSV&impId=8186699713551909832&oAdUnit=391466&publisherId=162645330&rId=f5358965-e3d4-4b1a-8e04-01b4582344c2&region=apac&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_2-1-0%3F%26RG%3D57ed8897cc2b447f9c4b74ae603047a8%26SNR%3D1%26GV%3D2%26med%3D10&rtype=nurl&tagId=35091406&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_knaqe_cnlzrag_qvfpercnapl_5&uberGroup=hore_3c&uberSubGroup=pbageby_5&aid=8186699713551909832 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=57ed8897cc2b447f9c4b74ae603047a8&SNR=1&GV=2&med=10
Request Chain 306
  • https://ad.doubleclick.net/activity;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CMa778Hw4ZADFeVBDwId1pUFcg;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F
Request Chain 307
  • https://10208769.fls.doubleclick.net/activityi;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F HTTP 302
  • https://10208769.fls.doubleclick.net/activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F
Request Chain 308
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=OQlG2gmgejiat6J1UZIWCcn5EUdSAgOZEtemQ7w0kco&csrc= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=OQlG2gmgejiat6J1UZIWCcn5EUdSAgOZEtemQ7w0kco&csrc=&verify=true HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5CG0.qtE2oJhjw351q3yYC261RSwumlqQ189FQ--~A
Request Chain 309
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN55ktsm0k61Eq6FmAhmwKo&google_cver=1
Request Chain 310
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 311
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTZlMjJjMmJmNWE3ZDM0YzRiMGE3NTM2OWVjZjNmNmI2NDE5ZTA4Yw
Request Chain 312
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20657a5b-463b-4127-b06a-ab3e93a99895&gdpr=0&gdpr_consent=&expires=30
Request Chain 313
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MHPVMX4Y-1C-7DVJ&ex=d-rubiconproject.com&status=ok
Request Chain 314
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPVMX4Y-1C-7DVJ
Request Chain 315
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 316
  • https://pixel.rubiconproject.com/token?pid=52948 HTTP 302
  • https://sync.springserve.com/usersync?aid=1000025&uuid=MHPVMX4Y-1C-7DVJ
Request Chain 317
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUhQVk1YNFktMUMtN0RWSg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM7q15YSsAR92Vz3sPouBxs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQVk1YNFktMUMtN0RWSg==&google_push=
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange HTTP 302
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
Request Chain 320
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
Request Chain 321
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MHPVMX4Y-1C-7DVJ HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPVMX4Y-1C-7DVJ HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPVMX4Y-1C-7DVJ&ckls=true&ci=Y1MSyYjRLD&nc=false&trid=-937318272
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=MHPVMX4Y-1C-7DVJ
Request Chain 323
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=MHPVMX4Y-1C-7DVJ&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 357
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=71e42f7de5cdfbc17119c1e1ce2e3a7
Request Chain 366
  • https://id5-sync.com/i/1159/8.gif?o=api&id5id=ID5*hgEWGjCduRfZLMEi-vw8NyFFGIiQCB0SnEL-7Jn-a4T__2kO3MdaAAEBCmkO3MYAYDz67aIWCWQfGmwVeewN9Q&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/108/7/2.gif?puid=d95c27e0-a0dc-481d-8d11-0121fbc2c5d3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=20657a5b-463b-4127-b06a-ab3e93a99895&ttl=%%TTL%% HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1159/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/2/5/4.gif?puid=450508794178240395&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F441%2F4%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/441/4/5.gif?puid=a_bf41a000-6ab5-43f5-b195-82f99d37bfd2&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1159/112/3/6.gif?puid=15BFB9EAFA9CDD76&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/2/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/2/7.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/19/2/7.gif?puid=4f92f869a6ab64fa9eea02ec04af3a85&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F1%2F8.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F1%2F8.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=95d2284d-cfa0-45e6-ac4d-dd3ed5641c6e-690edcca-4a50&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F1%2F8.gif%3Fpuid%3D95d2284d-cfa0-45e6-ac4d-dd3ed5641c6e-690edcca-4a50%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1159/826/1/8.gif?puid=95d2284d-cfa0-45e6-ac4d-dd3ed5641c6e-690edcca-4a50&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=MTVCRkI5RUFGQTlDREQ3Ng%3D%3D&gdpr=0&gdpr_consent=&id5=ID5-0ee1hvnKPG9IsglMmE8clyFroyZsbjkqJo3HL5oYrw
Request Chain 391
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 396
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=MHPVMX4Y-1C-7DVJ HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
Request Chain 400
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=71e42f7de5cdfbc17119c1e1ce2e3a7
Request Chain 401
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Request Chain 414
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&domain=twinklesphotos.exblog.jp&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=-8CBm3xSN1FkUXBNZG9jVkU5T3ZLd1FKdFJ6NElOZVVQMUIzUU5VM1RhbUUyTTh0MThxZG9kbnNQM045U0ZjdFRaR2RmRVhCVERvUUpZbVhqbzRZVzdwUWZ1Q2djRlNqeTlJZEZnK2tDekhkSUxLWWJGZzlaYjN3THIzUkJKQUMvSG1QQ1JkSlRnbmNJVXovSWZ3dmFKT1pIM1dhbEIrOHM5ekliK01jTEhFY2FiZW1jRzB1b3ZSc1ltd1NtbUFQbUxoNWF2S09xU0lHUHhDcFJIOEQ2bEdaQ3JESjZNYjFLUmcyakhoaE5tcHJrSDZtcjQ2d0gySE15RDVkUnI5ZFhQT3RmMDgvcGJXN3BUZDFyVDlLNlBPdDlvRnlvTlpZQjByb1E0cTJPU0xWbVVvaz18&cppv=2
Request Chain 417
  • https://y.one.impact-ad.jp/push_sync HTTP 302
  • https://bypass.ad-stir.com/push_sync?xid=yone HTTP 302
  • https://y.one.impact-ad.jp/cs?r=no&tg=0&d=303&uid=56b0bbc5-18ec-4bcd-a13a-db42be10f978 HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 421
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1122990312 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1122990312&rd=1
Request Chain 425
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=twinklesphotos.exblog.jp&sn=ChromeSyncframe&so=0&topUrl=twinklesphotos.exblog.jp&topicsavail=1&fledgeavail=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=_pkEG3xEZGNLLzVoOEVlMW8xVllWKzdvcmFPY2piV1VhaVVmQUZFMHNMVzJkWXJnVDBYWW9oVXRvR0JReEcrSTFOTDdoNHRSR01NeWYzS1ZDek5TUkpWd3ZyRmwzeFhBb1RJQ1JjQWV0WVB4bS8vcmp0TzBCU0N1My9OZlZiUHBLZWlsek9MWGZBOWEwdXlYL0dOYW94N1R6K2c2c0RuMVQ4MXloTkg4YVRWYzhVMURBTjk4VFN4VURkNVNVcjQ2QzdoNVF0Vm1rZXd3eGZJL2oyaU1meTd2bndYUE9LOFQrM1VubmEyTzhUOTY0NlhCZHVsSEFITEpCNUlNaUVrc25rdEI1emhBY1hzM2tydTVlenN4WFFWL01aOEhHVkRIcERFQnlkNGdnNHVnMmU4R3d2MTJGZ1liSXlFR1BNVGFSdlBGcHRMYm41a0xlNldaT3lFKy80bnM1RkE9PXw&cppv=2
Request Chain 426
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 427
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=Wmi6OF9GVFc3M3dSeXVYJTJCaiUyQm1mTHFjWWdhdXlVbEJYTUpibHRtazd6dFJ3cVQlMkZRJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-V6Idh-Pa_TvH9rrZGxOdFxYMvlCVEFKqgnPzPQ HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=Wmi6OF9GVFc3M3dSeXVYJTJCaiUyQm1mTHFjWWdhdXlVbEJYTUpibHRtazd6dFJ3cVQlMkZRJTNE&u=435287f2-cb7d-4872-8355-902b772ad7ed
Request Chain 428
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dM2FAFl9odno5ckM3SHN4UHg1Q1VjYkxqUXl1RVdYQ2k3NWFYdjlxcXclMkZlbVFjRm8lM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=M2FAFl9odno5ckM3SHN4UHg1Q1VjYkxqUXl1RVdYQ2k3NWFYdjlxcXclMkZlbVFjRm8lM0Q&u=450508794178240395&gdpr=0&gdpr_consent=
Request Chain 429
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-V6Idh-Pa_TvH9rrZGxOdFxYMvlCVEFKqgnPzPQ&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dC_pnf19GREp1Vjh0Zk8yOGVmYW8lMkJPdHpWJTJGQ09GbU10OWRvdFBjaEJiU3V6cGZXNCUzRA%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=C_pnf19GREp1Vjh0Zk8yOGVmYW8lMkJPdHpWJTJGQ09GbU10OWRvdFBjaEJiU3V6cGZXNCUzRA&u=CAESEJH4LVjisiesQJpajlaqACA&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 430
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=7212087466330178906
Request Chain 431
  • https://ds.uncn.jp/mg/0/sync_push HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_8e4cd468-1360-4b89-a2af-c69e5283af3c
Request Chain 432
  • https://serv.ds.kakao.com/adx/criteo/sync-uid?redirect_uri=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dCQzQAF9VSHdGUFBMMG03JTJCVDlRbjllbTZFNGMlMkZmWUFaOVlaRVJrSjk4bUNYNkphWSUzRA%26x%3d491%26u%3d%24%7bDSP_UUID%7d%26age%3d%24%7bCOOKIE_AGE%7d HTTP 307
  • https://ssp-sync.criteo.com/user-sync/match?p=CQzQAF9VSHdGUFBMMG03JTJCVDlRbjllbTZFNGMlMkZmWUFaOVlaRVJrSjk4bUNYNkphWSUzRA&x=491&u=0b3c77f38d354cab97e1e271843f09fe%3B1762581704568%3B&age=365
Request Chain 433
  • https://cs.admanmedia.com/e805be652c9053b8f771665f0ac3c361.gif?puid=k-V6Idh-Pa_TvH9rrZGxOdFxYMvlCVEFKqgnPzPQ&redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d_zoOJF9TcFNZSlllWVU5OVRQTml4V3lpRzI2M0w5TXpEUVV5VWJseHlSRWslMkJnQWclM0Q%26u%3d%5bUID%5d&gdpr=0&gdpr_consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=_zoOJF9TcFNZSlllWVU5OVRQTml4V3lpRzI2M0w5TXpEUVV5VWJseHlSRWslMkJnQWclM0Q&u=2de5b28d-3e3b-41a5-8717-12373ad49994
Request Chain 434
  • https://t.adx.opera.com/pub/sync?pubid=pub13186530141056&gdpr=0&consent=&us_privacy=&gpp=&gpp_sid=&custom_data=121f5V9JZVVBdldIdVFzR0NPJTJCbU9TV2t0cXJ0R0h2eXI3Yzk0ZkUlMkZrSW5lOE1mayUzRA HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=740da36049a35b6b&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub13186530141056%26gdpr%3D0%26consent%3D%26us_privacy%3D HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub13186530141056&gdpr=0&consent=&us_privacy= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=${REDIRECT_ENCRYPTED_PAYLOAD}&u=OPU99ae78a6aa40427390c2ec080e23d632
Request Chain 436
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=N4mYVqRyxo4a5vxZ2SPekQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 438
  • https://pr-bh.ybp.yahoo.com/sync/openx/7c18742e-9d58-ede9-cd45-a61bf56d2962?gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073025&val=y-EcadkxNE2p_mEBqfYWLzWv6gKZwr._AW50o-~A
Request Chain 439
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=3F4qtkgCXkBiNGYglJBs35JGyYc&gdpr=&gdpr_consent=
Request Chain 441
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=690EDCC5C607B8113E58478A_&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D690EDCC5C607B8113E58478A_ HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=690EDCC5C607B8113E58478A_
Request Chain 443
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aQ7cyBdaRDUAPvHdD1lWcgAAFPIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESECHec-1xfGp0dMBBrKODAgo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESECHec-1xfGp0dMBBrKODAgo&google_hm=aQ7cyBdaRDUAPvHdD1lWcgAAFPIAAAIB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
Request Chain 445
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=20657a5b-463b-4127-b06a-ab3e93a99895&expiration=1765173704&gdpr=0&gdpr_consent=
Request Chain 447
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aQ7cyBdaRDUAPvHdD1lWcgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aQ7cyBdaRDUAPvHdD1lWcgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662124573305556
Request Chain 448
  • https://b1sync.zemanta.com/usersync/index/?puid=aQ7cyBdaRDUAPvHdD1lWcgAA%265362&cb=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fexternal_user_id%3D_ZUID_&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://b1sync.outbrain.com/usersync/index/?cb=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fexternal_user_id%3D_ZUID_&gdpr=&gdpr_consent=&puid=aQ7cyBdaRDUAPvHdD1lWcgAA%265362&s=2&us_privacy= HTTP 302
  • https://b1sync.zemanta.com/usersync/index/?cb=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fexternal_user_id%3D_ZUID_&gdpr=&gdpr_consent=&obuid=689411a5-4e59-4109-ae5a-98adf5121a80&puid=aQ7cyBdaRDUAPvHdD1lWcgAA%265362&s=2&us_privacy= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=689411a5-4e59-4109-ae5a-98adf5121a80&puid=aQ7cyBdaRDUAPvHdD1lWcgAA&5362
Request Chain 449
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=7652560972407335593&expiration=1763791304
Request Chain 450
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=450508794178240395
Request Chain 456
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=3a8ef762-a5a7-4ff4-9782-b8c15696cad8&dc=769fefa8321c94fb&iss=1
Request Chain 457
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D2cce3e0c8930cc60 HTTP 302
  • https://u-sin01.e-planning.net/um?uid=ym_user_ef30bada-6f60-4fe6-ad8f-0e00f5b8692f&dc=dbfd729d40c9c3fc&fi=2cce3e0c8930cc60
Request Chain 458
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26fi%3D2cce3e0c8930cc60 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/0/19288?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=openx&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%3D%3D&uid=d1019da5-b46b-4c49-971e-70fb8b6126a6 HTTP 302
  • https://ads.yieldmo.com/pbsync?is=adptmx&gdpr=0&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dyieldmo%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/19288?gpp=&gdpr_consent=&gpp_sid=&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=yieldmo&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%3D%3D&uid=xFmB6FFupwFHG2to89_K&gdpr=0&us_privacy=1--- HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D&A=12dec727-6557-430e-b3e5-30d3763e380f&F=0 HTTP 302
  • https://prebid.a-mo.net/cchain/2/19288?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=amx_com&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%3D%3D&uid=12dec727-6557-430e-b3e5-30d3763e380f HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/4/19288?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=appnexus&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%3D%3D&uid=450508794178240395 HTTP 302
  • https://eb2.3lift.com/getuid?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/5/19288?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=triplelift&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%3D%3D&uid=4641293838896285431828 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/7/19288?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=sovrn&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA==&uid=LospALZHZ2TTTOzfRB-4R3cE HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F8%2F19288%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D1---%26A%3D12dec727-6557-430e-b3e5-30d3763e380f%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/8/19288?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=1---&A=12dec727-6557-430e-b3e5-30d3763e380f&bidder=adform&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9MmNjZTNlMGM4OTMwY2M2MA%3D%3D&uid=7652560972407335593 HTTP 302
  • https://u-sin01.e-planning.net/um?uid=12dec727-6557-430e-b3e5-30d3763e380f&dc=4cb5e7f09da39e40&fi=2cce3e0c8930cc60&us_privacy=1---&gdpr=0
Request Chain 459
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2cce3e0c8930cc60%26uid%3D%24UID HTTP 302
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=2cce3e0c8930cc60&uid=450508794178240395
Request Chain 460
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Request Chain 468
  • https://cr-p20.ladsp.com/cookiesender/20 HTTP 302
  • https://cr-p20.ladsp.com/cookiesender/20?cr=true HTTP 302
  • https://cs.adingo.jp/sync/?from=logicad&id=AQY9WJM8fJaiks8AKPHtRNzymM8AAAGaYg5vEQ
Request Chain 480
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=12186&khaos=MHPVMX4Y-1C-7DVJ HTTP 302
  • https://sync.e-planning.net/um?uid=MHPVMX4Y-1C-7DVJ&dc=9bcc91305985f0db&iss=1
Request Chain 485
  • https://sync.adkernel.com/user-sync?zone=256788&t=image&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dmadopi%26it%3Dadg-pb-clt%26uid%3D%7BUID%7D HTTP 302
  • https://visitor-waardex.omnitagjs.com/visitor/bsync?uid=f9f79c63be893b97a3364690a09d0b8d&name=WAARDEX_SSP&url=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D256788%26dsp%3D688143%26t%3Dimage%26uid%3DPARTNER_USER_ID
Request Chain 493
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=LospALZHZ2TTTOzfRB-4R3cE
Request Chain 498
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26it%3Dadg-pb-clt%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&it=adg-pb-clt&uid=64d516ff-da9c-4d68-b03b-8dc9d1b8edc3

503 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
twinklesphotos.exblog.jp/33443959/ 		63 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.193.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-193-165.ap-northeast-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
b669a79365d8bd0fdac065e8018aad19e4de640ac903b3696c6574b461c961be

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:01:39 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/7.1.33
jquery-1.11.3.min.js
s.eximg.jp/exblog/user3/library/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/library/js/jquery-1.11.3.min.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"f03e5a3bf534f4a738bc350631fd05bd"
x-amz-version-id
732s9xuGyB4xP.JlD9YbV0LDsuHxAABF
age
3420
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
0z3UXHlrKz2N-ESx7V8wsM49u_OkMccVhd-i13Jg4OBy-y2kGX1Wpw==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog.js
s.eximg.jp/exblog/user3/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/exblog.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85959bc05ec04039dce0b3063238c0ba830761ab00ec7084d416c87ca8907738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"7da5f8b7eebc56ea75792432592db35d"
x-amz-version-id
17bW7urhYnPlLfwzL5Ez52s0fqXynhn1
age
3420
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Xb_-bdPpUPVM8XA4bwqPZk8G0aW4vOyX96E2_M0YfR16U8drh3rOQg==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
jquery-cookie-1.4.1.min.js
s.eximg.jp/exblog/user3/library/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/library/js/jquery-cookie-1.4.1.min.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"4412bf8023109ee9eb1f1f226d391329"
x-amz-version-id
mtZNv6ObwvsP6NZhpfPdfgUaHdnETGJU
age
3420
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9HGojdHo7TteVkJ4ofqxPxL0O2xpt4fHRJWYZDmZmsO7KAQyYeBbSA==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
jquery.inview.js
s.eximg.jp/exblog/user3/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/jquery.inview.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333012005cd5b3a4a127f3418a3e573111de891dcd221d62b92697fb0dea868a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"d22188e69538818dc40df96cf2726c98"
x-amz-version-id
E9Heb0avEcrFMhulU163hvxR9.e31O_Z
age
3420
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
DDT7RbYzyuxZpevemvu9shS4UDBgdoc3iVANE-bm1QygTcolcVHBjQ==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
app.js
s.eximg.jp/exblog/user3/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/app.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b8575a49854fbbcd1ab2fa83512644e78406d7cf3e9c605e00a2b7f3c76e09e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"e0369fd622f6883624d34dc34c42f340"
x-amz-version-id
Kw3Sw6m1QcNdhyjKzPpN7HXH9Ul72baM
age
3419
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
AyKckgx-HjJyivho0aNfAomkxD5FRUF-zrgOgyLTxhKUKaq8vCjGQQ==
date
Sat, 08 Nov 2025 05:04:41 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
htmx.min.js
s.eximg.jp/exblog/js/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/js/htmx.min.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc57ba0e655504d282bb6ec1c3d89240cde9f2ce1c393d5b38a95c5bc6da875

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fda0965a21d4f1da88c0f429c5983923"
x-amz-version-id
UVuIrEucp1VtPHoj2N_WDdogqM9zc41O
age
65831
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
tCejRV46oonhy9X23P5D-dvDhGMFgkYgsAqSCaIj-p0iu7xEkyZ70g==
date
Fri, 07 Nov 2025 11:44:29 GMT
content-type
application/javascript
last-modified
Fri, 29 Aug 2025 07:38:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
alpine.min.js
s.eximg.jp/exblog/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/js/alpine.min.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"382e629b180f49ed81f57b3025b9497c"
x-amz-version-id
zIiwsuJ5fTBLkGtt_5pjpDm3QeqEkNxB
age
888
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
RU_EztfuUkkLk48W_rcI0FLAluZ6rlBGrSzDl-QPtGs1nd-Q7EZ6tg==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
application/javascript
last-modified
Fri, 29 Aug 2025 07:38:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog.profile.v2.css
s.eximg.jp/exblog/user3/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/exblog.profile.v2.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9d32e10eedfd0caeb9078619591824bb16d49f7a7fd48db978d4722d77df7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"bb36afcc86abf89a6a5ede128a59e56a"
x-amz-version-id
iMRUSQ38NkoCuBUUz4LzajoxKgw8IqAL
age
3417
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kvUewUtWMkaW2s2Ga5IFuR-KM6MjkgfpMZmXo0r8JKCh5oMbPJMRZg==
date
Sat, 08 Nov 2025 05:04:43 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
age
200
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 07:58:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 05:58:19 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
js
www.googletagmanager.com/gtag/ 		419 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8544d9a12429c1a3c3562126fd01c68fc232c9f18e1d3140a1e705c6ab5fe02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:01:39 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145513
date
Sat, 08 Nov 2025 06:01:39 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
pc_blog_interstitial.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		1 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_interstitial.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88be574e0c528801a7136fe617c4addca09a980d1ce6d3c168a3cd93e829087e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"cc45d04f3bf9c397da3fb29f8bf87a44"
age
355
via
1.1 1c37116cbfe9d9ab1d19c37d356598a6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
OdgpduINpAjt8c6XG1qnNHAFkSVolU_9yOOuUPAsIb1GAtjkHF96Fg==
date
Sat, 08 Nov 2025 05:55:45 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Mon, 28 Apr 2025 04:26:16 GMT
x-amz-server-side-encryption
AES256
pc_blog.js
image.excite.co.jp/jp/ox/gpt/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0bbbb58003463134857d74b642aae70b80b3b3c7fc7925c31e3377da092cd0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"c7651bade94a8f849290ed7573709ab2"
age
413
via
1.1 1c37116cbfe9d9ab1d19c37d356598a6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Axc0IG6UnToQVYdpWzuk_FyQH8qvqo2Kd8idLx5mEiw2k6Hn3ErFzA==
date
Sat, 08 Nov 2025 05:54:47 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 29 Oct 2025 06:09:37 GMT
x-amz-server-side-encryption
AES256
exblog.css
image.excite.co.jp/jp/ox/gpt/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/exblog.css
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fe35a9faa667b765290de5ccc3d72389fe061f1972b9897725f4bb7ebe7f364

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"b46e5a315373ffc27505d3c6f852d137"
age
476
via
1.1 1c37116cbfe9d9ab1d19c37d356598a6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
F_WFlv3lMAnHqlFmO_6Sw7DDF-yk03EHW0trrbn6G6uDzMi0AO-TPw==
date
Sat, 08 Nov 2025 05:53:44 GMT
content-type
text/css
vary
accept-encoding
server
AmazonS3
last-modified
Thu, 10 Apr 2025 08:14:55 GMT
x-amz-server-side-encryption
AES256
main.css
s.eximg.jp/exblog/user3/css/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06744d7c6fad3342f81eec248a0fee7a91da9e107323a2b258a1cff749d69d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fe041e6bbcb3d5748cf495e956c7080f"
x-amz-version-id
cg61_m.sftKcSZv9IDxwbw1Hl.EW0lMC
age
3398
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
aFdKQsvBBjAnYt83-fk24G7Aj7Aa7T_TOQcpc8fGklLpvY2MOZHvoA==
date
Sat, 08 Nov 2025 05:05:02 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
a01401_01.min.css
pds.exblog.jp/skin/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pds.exblog.jp/skin/css/a01401_01.min.css
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-60.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c06a5e89dacc8f6b30863312339b881230e92594d3e883b9fb14d24c830079fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
br
etag
W/"807a85c3670b4ce5b6338757afa9937c"
x-amz-version-id
null
age
26966
via
1.1 ef359af61e64577c628090c2363bcb22.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
wac9ek8aMfvL6toHT3XBBftcrKK_00D53z3ZJRIqWk4jNYDd9rEgUA==
date
Fri, 07 Nov 2025 22:32:14 GMT
content-type
text/css
last-modified
Wed, 19 Jul 2023 08:15:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
pc_blog_overlay.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		20 B
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_overlay.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ee110dbcd43f529cefff78de1c2c7dcb701f85750803e0434670b888b40cf42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
etag
"cf0a22e75c80423724aefe3f29d62dcc"
age
379
via
1.1 1c37116cbfe9d9ab1d19c37d356598a6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
20
x-amz-cf-id
6Ml8FRZ9lnmVGLBylh2RtBxCKcMutt5FqdakR89OlIXyAFv45R_qtw==
date
Sat, 08 Nov 2025 05:55:21 GMT
content-type
text/javascript
last-modified
Wed, 22 Nov 2023 03:16:05 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
x-amz-server-side-encryption
AES256
dmp.js
image.excite.co.jp/jp/ox/gpt/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/dmp.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4db37d3b185e5d1141e79fca02dba385de6ec04d19783648466a7b412e0c6c6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
W/"c8711f4eb7d8c39193f20dab0b80d8e7"
age
532
via
1.1 1c37116cbfe9d9ab1d19c37d356598a6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
NaJH58EapHT4YSRchbu1I_WH3NJX11njc3pK0GrWzjXms2JxZMgtdw==
date
Sat, 08 Nov 2025 05:52:48 GMT
content-type
application/javascript
last-modified
Fri, 30 Oct 2020 11:17:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
vary
accept-encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e15913e96dbf48a0c5e009b2eb0fc1f0fdf638cff4e3822222e8b265cef42c92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
503 / 20400 / m202511040101 / config-hash: 853804471933052373
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:01:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34000
x-xss-protection
0
server
cafe
exblog_00138.min.js
flux-cdn.com/client/00125/ 		598 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/00125/exblog_00138.min.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f40b89f97a2021c030bea7f28fef4d47b1ecd859e600f9d63649a5b60b8aeb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=300
content-encoding
br
etag
"51914c9c12c0b9bf9cb0f6ce47ee2ad9"
age
79
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-amz-meta-release_job_id
18567
content-length
169050
date
Sat, 08 Nov 2025 06:01:39 GMT
last-modified
Tue, 04 Nov 2025 00:55:20 GMT
content-type
application/javascript
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		344 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.132.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-132-164.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a22bd3e31a724c89c7872e733cbb00dabbdbd3c126f41ebc2e7a1ea70412451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"c1f46a99d4a4e5632a4e581187980ae1"
age
910
via
1.1 1375f5159b5e792617846e37988e54de.cloudfront.net (CloudFront), 1.1 9b8a6e30994167e8de984036681d4ff6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
kkPnCKwPD7hwzGqDgQJ4ArOoGkGy3-IUBTX443aG_Gqbi7xeucZdtg==
date
Sat, 08 Nov 2025 05:46:30 GMT
content-type
application/javascript
x-amz-cf-pop
NRT20-P9, NRT12-P1
server
AmazonS3
last-modified
Thu, 06 Nov 2025 21:44:55 GMT
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		3 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j102&a=651698699&t=pageview&_s=1&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&ul=ja-jp&dt=10%20Essential%20Tips%20for%20Crypto%20Mining%20Success%20%3A%20TWINKLES&sr=1600x1200&vp=1600x1200&_u=YGBAgAABAAAAACAAI~&jid=2114769727&gjid=2080734307&cid=722595003.1762581700&tid=UA-8858058-55&_gid=141664557.1762581700&_slc=1&cd1=guest&cd3=3m&cd4=0&cd6=True&z=198808073
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

report-to
{"group":"ascnsrsgac:211:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:211:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:211:0
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:211:0
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j102&tid=UA-8858058-55&cid=722595003.1762581700&jid=2114769727&gjid=2080734307&_gid=141664557.1762581700&_u=YGBAgAABAAAAAGAAI~&z=1552192444
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c00::9b , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

report-to
{"group":"ascnsrsgdc:147:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:147:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:39 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:147:0
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgdc:147:0
content-length
1
server
Golfe2
gtm.js
www.googletagmanager.com/ 		327 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e411d9b66927a14eac5106b5a41014786d073526b6f8a9e2f0abaa6fcfdf020c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:01:39 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114970
date
Sat, 08 Nov 2025 06:01:39 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
pc_blog_billboard.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		19 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_billboard.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09359e654a4198a8740f0b735c9d94c00875f46dcf920fb50ba8efc5fabd66d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

etag
"928d76cd7c646339f00d8bc6870b5ee2"
age
352
via
1.1 1c37116cbfe9d9ab1d19c37d356598a6.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
19
x-amz-cf-id
5GtZqBiR0f-STrbEavvsZ08QmKXrboz2AZUeV1rrLMiHWMXboIFgpQ==
date
Sat, 08 Nov 2025 05:55:48 GMT
content-type
application/javascript
last-modified
Mon, 26 Apr 2021 09:58:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
vary
accept-encoding
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 08 Nov 2025 06:01:39 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-nrt-rjtt7900046-NRT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
3402
config.aps.amazon-adsystem.com/configs/ 		531 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3402
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.11.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-11-79.nrt12.r.cloudfront.net
Software
CloudFront /
Resource Hash
e247f7b759dfe24cefb94bd6e106bb2cac01b1627678d9a0c6e904d9dc7e3878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=3600
age
2227
via
1.1 af4a3d6da547d8f14a7f34cd361488d2.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
JdeWJKa0hm62gIEbgyS2EkidkxJ93LsaSo5mI-DQIqykrqHLxQLY0w==
date
Sat, 08 Nov 2025 05:24:32 GMT
content-type
application/javascript
x-amz-cf-pop
NRT12-P4
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3402&u=https%3A%2F%2Ftwinklesphotos.exblog.jp
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.132.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-132-164.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
6000
access-control-allow-credentials
true
via
1.1 9b8a6e30994167e8de984036681d4ff6.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Hit from cloudfront
x-amz-cf-id
UP9pGI_vjTkoP0gBHSKV3lgM8gbZ_xaZHKry8TMuh8XX4A1Pc9cNGg==
date
Sat, 08 Nov 2025 04:21:38 GMT
x-amz-cf-pop
NRT12-P1
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.132.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-132-164.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
6000
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Czzx-9AgVKiSUSd4xEUegrSJD0fK5Ccy4pNypXhtyM-w8zrKxzJgXw==
date
Sat, 08 Nov 2025 04:21:40 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 269160a4d1e0a4937fee2132fea7cb32.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
logo_exblog.svg
s.eximg.jp/exblog/user3/img/header/ 		44 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/header/logo_exblog.svg
Requested by
Host: s.eximg.jp
URL: https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edf44487f4da57757afaa928aebc937dcc957984dfe3beb6a7464070861db172

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"264f4377d5fe2bac95746a671b8e56ec"
x-amz-version-id
k9dnybSkuITTKIJhy2r9zKSho8tBg10G
age
887
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
DyncsQvgjggMhjQj7b7d73iALJGC04e17Z2QIfkXYwZ1KQzRpimV9A==
date
Sat, 08 Nov 2025 05:46:53 GMT
content-type
image/svg+xml
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
btn-search-white.png
s.eximg.jp/exblog/user3/img/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/header/btn-search-white.png
Requested by
Host: s.eximg.jp
URL: https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
603b19e63cfe4fc5e1405ffedc90135e5c54400bdcca5711184200bf9e0dda40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64

Response headers

x-amz-version-id
KdNINm2BfM5VLCWK3A5ePUeiu0wtdTJo
etag
"c79d41eb7d5a946ae71b8fb8a869f2cc"
age
870
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1092
x-amz-cf-id
qso3tthpf-dlfQfPx4_6eRCLFqkiULIdPI7oIbNltuWj-AO8zAt8dg==
date
Sat, 08 Nov 2025 05:47:10 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
bookmark_button.js
b.st-hatena.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/js/bookmark_button.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.10 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-10.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
W/"690303b0-1990"
age
20316
expires
Sat, 15 Nov 2025 00:23:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
F5DRi0VVJkNPbNQ0wA_uPMNT2aJZtTfpSDljDm5NADgJZNbJzT9Gkw==
date
Sat, 08 Nov 2025 00:23:03 GMT
content-type
application/x-javascript
last-modified
Thu, 30 Oct 2025 06:20:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=604800
via
1.1 244b21180635dc2bce3a318b681e9cd2.cloudfront.net (CloudFront)
access-control-allow-origin
https://b.hatena.ne.jp
x-amz-cf-pop
NRT57-P8
server
nginx
index.js
cdn.nidan.d2c.ne.jp/1.0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nidan.d2c.ne.jp/1.0/index.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.244.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-244-95.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dde9ced87fcbee6180d08642a89eccdcacae929c63d0f873b4c1f82f8c4435c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6f71da711220ce0f35c311a838a11bb0"
x-amz-version-id
null
age
82528
via
1.1 d4c840773666334669d28ed4f37c31fe.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
50EA4ALiLLz33fgmnDlAV9SagZBV0p7oXOLEepsm8aajEq_D4d4w-Q==
date
Fri, 07 Nov 2025 07:06:12 GMT
content-type
text/javascript
last-modified
Wed, 08 Oct 2025 07:05:03 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P6
x-amz-server-side-encryption
AES256
tag
btloader.com/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5727730570625024&upapi=true
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:ab85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41afd2f3734221881cf67e89567dab76a5a136e7c3474e7afb6b3a8727a92623

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"b2b12b16145a3b6b3f1e32ecdc34f5dc"
via
1.1 google
cf-ray
99b2db68bb258a36-NRT
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:39 GMT
content-type
application/javascript
last-modified
Sat, 08 Nov 2025 05:14:03 GMT
server
cloudflare
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:afe2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1796d2e5d57af5bfaf616113335dbd63c050b0325c995c0f8e4f97a47259fce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"64c-bP93R9Rg2gXa4z8l9y0bpLwrZsQ"
age
7257
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRx%2FZWe0Gl4JxlyQ6cP4hxoyFBqxWSPYzndogARWhYN82ofmH%2BTLgUgW7yymDwASCqI%2BCMo3fHId8gTjsWujRj89MNkj8k%2BixFJyzWPxDHn5JP%2B0I1Kb2bo2UcU89zAVb4Bdy06dq2G6qjC9kz8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220102-FRA, cache-nrt-rjtt7900070-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b2db68fd25687c-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
854
server
cloudflare
x-jsd-version
1.0.2603
v2
yield-manager.browsiprod.com/prebid/ 		220 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/prebid/v2?sk=exblog&pk=excite&sw=1600&sh=1200&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&eu=false&t=1762581699985&pvid=b2f407fd-c927-4a7a-b5a8-edb669396a51&us=%7B%7D&at=10%20Essential%20Tips%20for%20Crypto%20Mining%20Success%20%3A%20TWINKLES
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-109.nrt20.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
145755eba75431632cc38d392d82f44b6090750231ab8a5cd0688beae7a568e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
x-amz-cf-id
s4LqxfV1xhTiQ9Vcl_Z3-DeTXyjKnvHcc6K3y3U4Z9bhYUMiGgyG8w==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain; charset=UTF-8
x-amz-cf-pop
NRT20-P2
server
akka-http/10.2.1
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-6fca52734885e6604d5e0764af80df3f-7089c00a99cac4d4-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
6fca52734885e6604d5e0764af80df3f/8109223755819697364
sdk.js
connect.facebook.net/ja_JP/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
f4d9fd6e7ebc152dbe1abdf35cfd9ae21fd409e962d50bdea4b417d6a25d7e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-md5
KIg6j6Eq6z6VibXhmBBAdw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"6e97cc4995d3c66147cba53788543b0b"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:20:50 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
7b4458e9d0832d6f0b653189e3fa42a9
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4984, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
cvm9JEed5dJcgN3bokl1vue08Jk2WtKVr5YGRgAA9HyWQAQjmNI39DCTKYLNohcrNTt3FAafdtZQpvXUzLwfJA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1685
origin-agent-cluster
?1
istockphoto-1324841462-612x612.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRbzwE88dfOPr6lH9rXg1yJlbQq3tE4PQ4iWcCOrbHrsPpBxSzjDTiZ-EHcYqeP9NmHZo1OsgTVdFpn7fKYXTSbnA1BHlPlJDk8zcd9uJKign3deWH3gJFHcXB11wgBPOEIiEf7qLajRgRVzio... 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgRbzwE88dfOPr6lH9rXg1yJlbQq3tE4PQ4iWcCOrbHrsPpBxSzjDTiZ-EHcYqeP9NmHZo1OsgTVdFpn7fKYXTSbnA1BHlPlJDk8zcd9uJKign3deWH3gJFHcXB11wgBPOEIiEf7qLajRgRVzioQJiY7RMGDqTzQwjVDerwqBhnueRjysZLjWvTWJAu4J9N/s16000/istockphoto-1324841462-612x612.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
01bf7953d31dcf3502c08f1bcf4dcdaab2cdfe945cf627135129c0a87851dee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4b6"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59867
date
Sat, 08 Nov 2025 06:01:43 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="istockphoto-1324841462-612x612.jpg"
1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8J1tM58I64ReC_HCxLVJASQl1Pg8_0OBFvTqziAzTAx2OkG7_T19zMtod0haVPpRX-6yaeRawYo01NPsivrtstilGTIc5gZ6_qmZ75g1kDsD461TRHzmeQOBOAnUcYg-hmpqFMqbPNkBhN7fA... 		320 KB
321 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg8J1tM58I64ReC_HCxLVJASQl1Pg8_0OBFvTqziAzTAx2OkG7_T19zMtod0haVPpRX-6yaeRawYo01NPsivrtstilGTIc5gZ6_qmZ75g1kDsD461TRHzmeQOBOAnUcYg-hmpqFMqbPNkBhN7fAJtiz23Pz-e7mpijDwfD33_W3-amJZUeNMTtfi4UFhqh7/s16000/1.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
cb8cb355357a3340a17f041417fc608f4cc73571ee045e613a7adafc4003932f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4b7"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328171
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="1.jpg"
istockphoto-916553110-612x612.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKYws_rHUsAj70Aeqyda8cvKEgfUz55YbxOdLXmjfdq0oWA6KxzmGjmdCnJGDmCEEV8-MgZwSKz-ldutCe8cpIgC25admPiWHyHoZNbD7LpojnpVSw3bxzPqiuZfVUw-YyFygcILGjQ5NPV9eI... 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKYws_rHUsAj70Aeqyda8cvKEgfUz55YbxOdLXmjfdq0oWA6KxzmGjmdCnJGDmCEEV8-MgZwSKz-ldutCe8cpIgC25admPiWHyHoZNbD7LpojnpVSw3bxzPqiuZfVUw-YyFygcILGjQ5NPV9eILqx-8FD5v0AaiZ5HJnQEwQZl8m6DgJEgOVE8QDjFhdOf/s16000/istockphoto-916553110-612x612.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f273da637848baa3900f7daf227956dbb688a9aa662c398fc02efabf41f6e7b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4ba"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91763
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="istockphoto-916553110-612x612.jpg"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
6d5b2ed1de961bfbdac435637e045525f0d386949e0ae04b7c6016c85678ff7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
3737760685110681061
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55309
x-xss-protection
0
server
cafe
e043743820240118094946.png
pds.exblog.jp/logo/1/197001/01/38/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pds.exblog.jp/logo/1/197001/01/38/e043743820240118094946.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-60.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcdeaeebab1faae706be2c05fc793f3b723031845d687e492376584c8d6a2f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
null
etag
"62d5ba881269012d098df4991e72d4f5"
via
1.1 ef359af61e64577c628090c2363bcb22.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Miss from cloudfront
content-length
8115
x-amz-cf-id
k9KUyOGTQx85j3KKwQlwkDGEZ25gpYcARqDQNo8Sj_e2T7AkCu8HYw==
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/octet-stream
last-modified
Thu, 18 Jan 2024 00:49:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
banner_l_17-5.gif
md.exblog.jp/img/genre/banner/2/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md.exblog.jp/img/genre/banner/2/banner_l_17-5.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-22.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1075dbd8e50dbefedaa0a8e6251f654cbdc25c58d41060d902aeba6b8648fb57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
null
etag
"192e0bd33628b6c54b4d176281f3df23"
age
61704
via
1.1 1b64143ad8928c8f978ba9e138d9f266.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
7405
x-amz-cf-id
3dbDFl_ZmdBXzBTToq5nvZFOM64ozwK-WuLMhXvEBlP9ennUsAz2xQ==
date
Fri, 07 Nov 2025 12:53:17 GMT
content-type
image/gif
last-modified
Mon, 10 Apr 2023 06:27:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P9
x-amz-server-side-encryption
AES256
banner_l_17-2.gif
md.exblog.jp/img/genre/banner/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md.exblog.jp/img/genre/banner/2/banner_l_17-2.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-22.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feda41fd13b033c850fed32cc18e53490ac4e28b1bddaae427edbde4beab610f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
x-amz-version-id
null
etag
"2aa4f3965ce5c54bb7eb1f177d5fa84c"
age
23666
via
1.1 1b64143ad8928c8f978ba9e138d9f266.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8689
x-amz-cf-id
-tZwGXLARHelDiuxGrp259-Pw5DxiSDFGgd2S5MXQEMi4V8uwpeecw==
date
Fri, 07 Nov 2025 23:27:15 GMT
content-type
image/gif
last-modified
Mon, 10 Apr 2023 06:27:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P9
x-amz-server-side-encryption
AES256
logo-to-excite.gif
s.eximg.jp/exblog/user3/img/layout/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/layout/logo-to-excite.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d61b2e1e812644b72ee86c38dca895266813d59360f92cb7c3f365978129708

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
5oPSHXl56MX3XKULF8WWZnT1AHC24kX1
etag
"4e6e76b265d31b59bee6c00d9f40c01c"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2417
x-amz-cf-id
OJmyvAYSBC7eeaWYnvVzWErElwdr1K-iuavlA_Wo-OQnlpb2rsihLA==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog-facebox.js
s.eximg.jp/exblog/user3/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/exblog-facebox.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90289b868561ed36a7007e3ff1a12b0674210c56aa55cae278f9ec80f8cb6bf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"c09e1520d4f1d21f89379c7fd0b1f8b8"
x-amz-version-id
E3U_03UnBE1IFtNhVLDYIjAed1XRu_91
age
3414
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
xqGMGZ2kZNJGdZxjSjkG5wBv1dzzaZzb5buL6kXpzoOZvsw7SJTSVQ==
date
Sat, 08 Nov 2025 05:04:47 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
facebox.css
s.eximg.jp/exblog/user3/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/facebox.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bbdf8eefbcdec2d9f88f7e452316b39228bdf9ac58b7523964d8f2ff84e9236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"5cf0b6d214131267e85f774cf8bb5406"
x-amz-version-id
1p5C4jBqoeRkoqRO_REL0y8O29mtxFnu
age
3416
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
0LsPd-HWwtC9JnLmbtFUMaYLbvWi7PnwiksTlhtK2VGNYT4RynQvaw==
date
Sat, 08 Nov 2025 05:04:45 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
icon-close.gif
s.eximg.jp/exblog/user3/img/facebox/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/icon-close.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc3c8f67291b46b0b7c26148f146db5c486d049c5a4996643bcdbfb005917082

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
flX9yc3TgSzPyKGNzrYBTJM.AxsQlLic
etag
"0e5462b0b4f00432eac4b33d5fa31c5a"
age
891
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
979
x-amz-cf-id
ImlfmyBrzz_fSuCJI6BJzphfwVtzQzQOWZ6H5U35hAgFo3XJngvsoA==
date
Sat, 08 Nov 2025 05:46:50 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
itm.js
dmp.im-apps.net/js/8266/0001/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/js/8266/0001/itm.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c23 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ea89d46b95924261fc238dfb667fe2c2e89f0d461a6faf3e0d20bd7927f288cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=7054
content-encoding
gzip
etag
"04bf9faf0991be622104832434aac5b9"
x-amz-version-id
BCOYcpwo.YY1NadU_svr_9qfq4z7GSSN
expires
Sat, 08 Nov 2025 07:59:14 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
780
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Fri, 15 Jan 2016 09:30:56 GMT
content-type
application/javascript
vary
Accept-Encoding
/
logging.exblog.jp/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logging.exblog.jp/?request_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&blogid=e0437438&serial=33443959&referer=&login_blogid=&tag=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.238.63.60 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-63-60.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache
content-length
43
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.22.1
img-loading.gif
s.eximg.jp/exblog/user3/img/facebox/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-loading.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
yvjH3nWmrBo2zhl_6Y3bDyEOXIGryah5
etag
"7e99e1159a3686f6aa4f90043c554483"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2767
x-amz-cf-id
z0Jot-PspPjYPaSHYau9nkPiJ9xshjVncl08YIa5mUibN5fOv0G_Hg==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-top-left.png
s.eximg.jp/exblog/user3/img/facebox/ 		132 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-top-left.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f52bc51c65a9e30cf1733c3a54b7eebc13edba95834cd9f7184131dc06ddbfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
V5aOcUzn2Zw3q43T51njLl_FiaS3L6rr
etag
"02e125bbaed0093265655bc9bb36265f"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
132
x-amz-cf-id
wmlcRPGh5wmm0cuaqecQbxYtiYZxEpuTjOs8POjtTYZIc5AnoR1L_w==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border.png
s.eximg.jp/exblog/user3/img/facebox/ 		84 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5ea0feb6780869811fbc088a8f8f2e2d715b09540885306edd228b1dafdbcc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
0QcbId0kkrIPFpaHTPgW6qR3cHCnhKqh
etag
"6d5ebfa02c59a2ba7bc8906e888911c8"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
84
x-amz-cf-id
swJlJmi3kPmaiaCiTNlJwz4b3Djmkwzn1zKmmBi-WBfEniAausCmRQ==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-top-right.png
s.eximg.jp/exblog/user3/img/facebox/ 		125 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-top-right.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c964938d7c06e404dd521487654a489fdbbcbf8f55c79fe5693808b7aed4305c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
sE9lp8PlArAo7lDvsIkW2O2p6cb2v6B.
etag
"7b0f5e3d1dee42a15daa83c543d3ed03"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
125
x-amz-cf-id
OP9hqdSbP0GDlsH4lYkuZG-rMLuEQOQF_5Sz5HL2l9HFi9EfeSiStw==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-bottom-left.png
s.eximg.jp/exblog/user3/img/facebox/ 		124 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-bottom-left.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0d19d08cb31495a801c0a81631d5e81c0528981f403cda57fa0134a526d1fc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
3FRBIH.Yf3ACBZeukSoejFvKLuNPsqzv
etag
"1dc6e3caf8defd8df126cb8d0631c58b"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
124
x-amz-cf-id
o7p5OJoLBy1yOtG5FD2pG3F4eDajN3b84DTlifReEwRA2sgAdd_44w==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-bottom-right.png
s.eximg.jp/exblog/user3/img/facebox/ 		124 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-bottom-right.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff56024d51fb27ab3b6212239c8e38972681b84e1eff17e9bbe0d59e392d6559

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
m_1vvQ.rqNC9GbW5.MQ2mkfXvifx8FFc
etag
"e674cba1293fb82871366299f905f669"
age
889
via
1.1 7bb66c5fc1e732675b1f05b324f80096.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
124
x-amz-cf-id
1aXE3TzaF_E3AbKsjPXuJJ7rMJG-OQzgrJOrHvBlv-36vgcN47dyeQ==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 2544 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Sat, 08 Nov 2025 06:01:40 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-nrt-rjtt7900069-NRT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8544321996124660
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
466d44063e8b4f2e3d2e1e9a1fce15f1bd4bea9347bf78dcb1dc040e853c2dc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
8944804695778539121
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55225
x-xss-protection
0
server
cafe
settings
syndication.twitter.com/ Frame 2544 		870 B
954 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=bdf12f3620bf2c61ffcc1572528573b215bf11c0
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://platform.twitter.com/

Response headers

x-transaction-id
4cc9c781040982d7
content-encoding
gzip
cf-cache-status
DYNAMIC
x-response-time
7
date
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8
vary
Origin, accept-encoding
perf
7402827104
x-served-by
t4_p
strict-transport-security
max-age=631138519; includeSubdomains
cache-control
must-revalidate, max-age=600
origin-cf-ray
99b2db6a392de35f-NRT
access-control-allow-credentials
true
cf-ray
99b2db6a392de35f-NRT
access-control-allow-origin
https://platform.twitter.com
content-length
338
server
cloudflare envoy
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.79 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-79.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b362da3617d82c0a21be6255810aa40acc8e1f6640af0c418fe6e63e25a07fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=3600
content-encoding
br
x-amz-version-id
AtXFtaQ.gkG4VQMOtIVf0pwxM7jVXFts
etag
W/"45333f10311ac91fa33fef08a89414fa"
age
1880
via
1.1 31b8bdf6fddc75da39a6331a42478b80.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
PvT0B1c45bNorzJ7YRAfJeccfrrzxWJm4OkS5_KOZej-bem4xyXuKw==
date
Sat, 08 Nov 2025 05:30:21 GMT
content-type
application/javascript
last-modified
Sun, 02 Nov 2025 08:34:13 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P8
x-amz-server-side-encryption
AES256
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 		600 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ea47742e94e6a95b08832e9e5875a5a73ab2ea3bc740e6938d927c39e03273bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
14735669544948044405
age
62702
x-content-type-options
nosniff
expires
Sat, 07 Nov 2026 12:36:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 12:36:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
193950
x-xss-protection
0
server
cafe
pre
js.api.nidan.d2c.ne.jp/id/nidan/ 		52 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.api.nidan.d2c.ne.jp/id/nidan/pre?callback=d2c.nidan.ns&origin=https%3A%2F%2Ftwinklesphotos.exblog.jp&domain=twinklesphotos.exblog.jp&referrer=&nv=2
Requested by
Host: cdn.nidan.d2c.ne.jp
URL: https://cdn.nidan.d2c.ne.jp/1.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.178.205.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-205-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
add8758c77582d050590ccefa3647c691023450c96fd2c363a7f10b45960da3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=7200
content-length
52
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/javascript; charset=UTF-8
js
www.googletagmanager.com/gtag/ 		375 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50h1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7cb59f0bc8eee482dff945ca234e679b81a196eac1c0dce00175f11704d88c65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:01:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134681
date
Sat, 08 Nov 2025 06:01:40 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
js
www.googletagmanager.com/gtag/ 		419 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ&cx=c&gtm=4e5b50h1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
274b0370be7579b5f368d10d755f3b2abee3b619e46ac30200ed594cc2a7cb3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:01:40 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145525
date
Sat, 08 Nov 2025 06:01:40 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
px.gif
ad-delivery.net/ 		43 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.26217026303058477
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358870
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:40 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db6abf692644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.747464009670434
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5614028517088409
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358870
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:40 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db6abf6a2644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
dns
ab.dns-finder.com/meta/ 		2 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.dns-finder.com/meta/dns
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.200.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers
X-Resolver
x-resolver
default
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain; charset=utf-8
vary
Origin
trustedIframe.html
btloader.com/ Frame 1B6E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btloader.com/trustedIframe.html?o=5727730570625024&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14bd -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d777e3df9814ec252061059134ea3be6e0d9fcb692c08f43f8683b50b28eda7

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=3600, stale-while-revalidate=3600
cf-ray
99b2db6ac80fd5b7-NRT
content-encoding
br
content-type
text/html
date
Sat, 08 Nov 2025 06:01:40 GMT
server
cloudflare
vary
accept-encoding
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z6VR2N8KNZ&gtm=45je5b50v9174502665za200zb71867219zd71867219&_p=1762581699723&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=722595003.1762581700&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480709~115583767~115616985~115938466~115938469~116217636~116217638&sid=1762581700&sct=1&seg=0&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&dt=10%20Essential%20Tips%20for%20Crypto%20Mining%20Success%20%3A%20TWINKLES&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1039
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to
{"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:106:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain
server
Golfe2
exd
api.btloader.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/exd?tid=uQhrMiKiz-EaRG5ElK3-9a620e5eab&sid=Z1iRc0p5-h7dNdGPt-9a620e5eab&cv=2.1.167&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
vary
Origin
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200086-IAD, cache-nrt-rjtt7900046-NRT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2620
x-amz-server-side-encryption
AES256
sdk.js
connect.facebook.net/ja_JP/ 		250 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=65413a4dc2da38c444765d7ca7ab925c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
42a9947dc99b171e76766fe25bf629e43df0f571f5ec8a9ec70085ae3f14a70e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-md5
fRhl15GBDrHWNkeejSCbkg==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"3367e596f4e832073c3498ee0a2b9978"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 08 Nov 2026 05:33:54 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
297d8ae8e53a2c8f98a6471d70c98f54
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=27, mss=1232, tbw=9391, tp=16, tpl=0, uplat=1, ullat=-1
x-fb-debug
3F9y8Fa9lPzcjyX+zb7Wby0mB0QhuGEpBsfLEnJC7iAgnDLh8VsMsEeBvmNcGbj7J3rZ4cbhQb0pqvArXkAXKA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
75603
origin-agent-cluster
?1
audience
cnt.fout.jp/segapi/ 		15 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.fout.jp/segapi/audience?callback=_itm_.sa_cb&cvid=mHDmdffSCFxfWgmjsQ
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8266/0001/itm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.39 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bc96117cb3eea4c79f15172c6be567e3675d7b32ed0d617f7e4175f4e5c1c675

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Origin
*
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 06:01:40 GMT
Content-Type
application/javascript; charset=utf-8
Server
nginx
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/ 		501 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c67b67498d4a538f47e089bb36c003d924c56cb33b8fb691f3687cd4487e8cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
12022265679802278726
age
62476
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 12:40:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 12:40:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
169325
x-xss-protection
0
server
cafe
supply
events.browsiprod.com/events/v2/ 		0
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=TTJCoHfKt
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:40 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=exblog&pk=excite&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&bid=TTJCoHfKt%23%24WEZoWpEWS&at=10%20Essential%20Tips%20for%20Crypto%20Mining%20Success%20%3A%20TWINKLES&sw=1600&sh=1200&rp=false&ga=%7B%22t%22%3A1762581700392%2C%22eu%22%3Afalse%7D&pvid=b2f407fd-c927-4a7a-b5a8-edb669396a51&l=ja
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-109.nrt20.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
945acbb8035657872254e4a3e2ad6bdd2e5d9d1d05ec12b6e056c5dc6351388d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 b7aac263ca63a866073824e6a67d4e5a.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
x-amz-cf-id
U7srMICgN1xNHtImjccfLri6sMA-Vub48NNqLp3ZUf1YDOXzQR6OnA==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json
x-amz-cf-pop
NRT20-P2
server
akka-http/10.2.1
sync
nidan.addlv.smt.docomo.ne.jp/id/daisy/ 		18 B
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nidan.addlv.smt.docomo.ne.jp/id/daisy/sync?callback=d2c.nidan.ds&origin=https%3A%2F%2Ftwinklesphotos.exblog.jp&domain=twinklesphotos.exblog.jp&referrer=&ncid=13ZCwjSbtV3Zyti7MQ6af
Requested by
Host: cdn.nidan.d2c.ne.jp
URL: https://cdn.nidan.d2c.ne.jp/1.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.178.205.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-205-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
f3a7bcd0a6c9eb7e05d4149db3c93e49a0e12b50aae2ac460c33da92f43ba2c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/javascript; charset=UTF-8
content-length
18
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.249.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-249-239.nrt57.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 06:01:39 GMT
server
Server
via
1.1 5a89fe8269a29b3c265454cd7c180666.cloudfront.net (CloudFront)
x-amz-cf-id
CFV_zMngR-K1F2hdpoGfaSl3vqwMEWIETf4JOTZQWTGGyFaRHqFXcg==
x-amz-cf-pop
NRT57-P5
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.249.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-249-239.nrt57.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 06:01:40 GMT
server
Server
via
1.1 5a89fe8269a29b3c265454cd7c180666.cloudfront.net (CloudFront)
x-amz-cf-id
P0REHkN8f8hWTAEQP-LlbY5HOfwupQZd3tAmiLLHfZRhFN0g7mwk8A==
x-amz-cf-pop
NRT57-P5
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.249.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-249-239.nrt57.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 06:01:39 GMT
server
Server
via
1.1 5a89fe8269a29b3c265454cd7c180666.cloudfront.net (CloudFront)
x-amz-cf-id
QYJ8E_WpjOLxp9IooU8Uv2Wrqy6H591ZPOuGPXf4V2GG5PoCvcp0vA==
x-amz-cf-pop
NRT57-P5
x-cache
Miss from cloudfront
adagio.js
script.4dex.io/a/latest/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299314ceedf1362e55e1caf70d8ab51202c931224793b9b5463c86411ae42721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Cache-Control
public, max-age=1800
Content-Encoding
br
cf-cache-status
HIT
etag
W/"b5ccbcc2259cdb10e0b65bbd0798ca7d"
Age
805878
Connection
keep-alive
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dVY3oU%2FanbLPXCkez0SZ6Ptx%2BYmBU7sDKNNW235vOviTZhAUons8w24PEU8mqE%2Bc2S%2F%2Bd8%2F9UDB1FPapjYoXCYGMyVd3YZ%2BA6C2Fw%2BYhEEIMzM7o6V946Bk%3D"}]}
CF-RAY
99b2db6bea5dd510-NRT
Date
Sat, 08 Nov 2025 06:01:40 GMT
Content-Type
application/javascript
Last-Modified
Wed, 10 Sep 2025 13:49:52 GMT
Server
cloudflare
Vary
Accept-Encoding
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.249.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-249-239.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 017bcea4623003e4eb8b5df81f6048dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
2w28HrS5Hc8izlnWYxFLp20d0vzq-1nn7QR3ieun82gCJsQX77QsxA==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT57-P5
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.249.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-249-239.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
f9407c584179c346760e40a7f07d14807fdd268510692529d44d0e2bd9379ac0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 017bcea4623003e4eb8b5df81f6048dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
5Ab0t0R0Wt3F8MdpSZKudyQMzT-LkMfsxhLVYBG0HmW8r7jWebqTAw==
date
Sat, 08 Nov 2025 06:01:39 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT57-P5
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.168.249.239 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-168-249-239.nrt57.r.cloudfront.net
Software
Server /
Resource Hash
5ba40df0b5475745c6ca953e7cbbdf7ee5feeaf3ea29782607c6dc31c6b0c173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 017bcea4623003e4eb8b5df81f6048dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
8U47_2cYXES493TaM8Vn2KTvKtp_ac32GR9P7puMuT8-mcTpvawoeg==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT57-P5
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame D66D 		105 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
sffe /
Resource Hash
018185e30fbbce704be5b336095797ee6594f767c5c81ebc4945257994adad3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1023
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29887
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 05:44:37 GMT
expires
Sat, 08 Nov 2025 06:34:37 GMT
last-modified
Mon, 03 Nov 2025 20:43:45 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=870617481837885&correlator=3821372230074046&eid=31095251%2C95375632%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&dids=gpt_unit_%2F18333008%2FPC_blog_int&sfv=1-0-45&ists=1&fas=8&fsapi=1&sc=1&cookie_enabled=1&abxe=1&dt=1762581700529&lmt=1762581700&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762581699592&idt=808&adks=381580271&frm=20&eoidce=1&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d32a1e10197bf0c6c868362674b7ac8d9cb5887316d5d0ba0fc9f5b3a7a49989
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
google-lineitem-id
5984413840
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138388250744
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
17959
x-xss-protection
0
server
cafe
container.html
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame B2BB 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:40 GMT
expires
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
081f94d2c63723df86834268d381fcb54bbeda3566e1ca95f3c7ea1f7f1dc217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
13914731579438644706
age
60164
x-content-type-options
nosniff
expires
Sat, 07 Nov 2026 13:18:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 13:18:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
19818
x-xss-protection
0
server
cafe
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_left&tagId=44737%3A1000303245&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:01:40 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
query.ad
sp.gmossp-sp.jp/hb/prebid/ 		0
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sp.gmossp-sp.jp/hb/prebid/query.ad?tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&bid=4f94c63df10fc7&ver=9.37.0&sid=g945014&shared_id=ab7385d2-be9b-4ce0-9a68-d78ca36c44ff&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&meta_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&cur=JPY&dnt=0&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
24.98.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-methods
GET, POST, PUT, OPTIONS
observe-browsing-topics
?1
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/html; charset=UTF-8
x-cloud-trace-context
263d7aa3aec557657993d9fe04343e2f
access-control-allow-headers
Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=0, no-cache
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
0
server
Google Frontend
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:40 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ 		130 B
752 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1890fb9ff087751cc56a8c97126e1887678a89005971647f1b1b0a800f43b9f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=M6Zl4k5P0pEZ2Pb0ITgbuJRj4kEQEfqamOaKPav3%2B6hc8mxtKV7sAZKXkCJv1cKohGAkUzgNPl5CTWlInmODRLkLABPHqaKsK0HJa54TA%2BuaLNI%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b2db6c8c59af2b-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
116
server
cloudflare
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=hlQJ4BI55&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_left&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&prebid_id=1060a0e32080bd6&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ab7385d2-be9b-4ce0-9a68-d78ca36c44ff%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-87.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
PUfxiOc2LtiQN317oa8FePCoDsfvegWXojV9c8R4Zt7tRdiESXZxlg==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 bb1084139629d83977ea8b21c49ea966.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT20-P2
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4bca1f2a899ebdac5e0b058ea1a570b94e1af730770abc162ab5bc951db92a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
expires
0
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b2db6c980fb603-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
server
cloudflare
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209341&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.153 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
caeba8b541d07e1bcea183cc128c72b0f90b4e8e9eefbeea10696f347ce88c00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-ng19.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:01:40 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1168
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209341&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7cxMCo8HcAAMhKxz4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1168"}
X-SO-HostName
m-ad1168.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ7cxMCo8HcAAMhKxz4AAAAA
Content-Length
94
X-SO-IP
146.70.201.135
X-SO-Ads-Time
75
Server
nginx
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_left&tagId=44737%3A1000303245&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:40 GMT
server
nginx
access-control-allow-credentials
true
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279398&cb=57985842707&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=18680e396c16239&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&uc=gpt_pc_blog_ina...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=57985842707&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=18680e396c16239&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&uc=gpt_pc_bl...
133 B
370 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=57985842707&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=18680e396c16239&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
b244cedf18ff7d316d61bcbce5d6be87e4def9c5faa2e25747588c5356da2c6f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=57985842707&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=18680e396c16239&tid=bf2a1b65-db34-4f5c-b3e3-525fd00d60aa&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:01:40 GMT
/
shb.richaudience.com/hb/ 		0
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.95 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
translator
hbopenbid.pubmatic.com/ 		0
70 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:01:40 GMT
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
c6a0a15ea973a340053e0e6b720fdd712bbc98601f79fdd6fe84b8511dd9b92b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=294
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
071c9016-71d2-4d33-833c-20c506c0b022
x-xss-protection
0
server
nginx/1.25.5
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_2_left&tagId=44737%3A1000303249&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:01:40 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209343&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.153 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
43d863d9d557775e3b81a2c95376385accf64437a2acb92aefcf3c3b5a063c22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-tgng20.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:01:40 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1043
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209343&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7cxMCo8XgAAHK2dlgAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1043"}
X-SO-HostName
m-ad1043.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ7cxMCo8XgAAHK2dlgAAAAA
Content-Length
94
X-SO-IP
146.70.201.135
X-SO-Ads-Time
21
Server
nginx
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_2_left&tagId=44737%3A1000303249&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:40 GMT
server
nginx
access-control-allow-credentials
true
h_bid
y.one.impact-ad.jp/ 		120 B
197 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=279400&cb=49042611344&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=3034165afde123f8&tid=25e2b336-cb4c-4795-84bd-a3ab23cb5a8a&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
631616eeefa3dc856fba52383877bbc682d146b6fb5f637aa29b32b60d05a6a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8
translator
hbopenbid.pubmatic.com/ 		0
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:01:40 GMT
server
nginx
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714291f59c841bb8b0001fad50e897aa437b4cbcec61586bd828cfc56dac84ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b2db6c981db603-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
811 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=M0bww75HL&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_2_left&tid=25e2b336-cb4c-4795-84bd-a3ab23cb5a8a&prebid_id=3641dfa77e549bd8&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ab7385d2-be9b-4ce0-9a68-d78ca36c44ff%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-87.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
NSYrQpLx1WPe7OJOlXIJhDTd4K7nQM5FV6nRZC9KDObr6bj5cWicsw==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 bb1084139629d83977ea8b21c49ea966.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT20-P2
pbjs
htlb.casalemedia.com/openrtb/ 		132 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173252
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9734cb227c39470045d54ae32cefc48ad34081116c6648576276f8c97f4e3110

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=GL6d67H%2FmtlV9oNsD52s2o3IGfPIRUd9gSzY3cXeWdmvcOGUW43i%2BiLmApU%2BXQLyvFdy6Nmb3MO2AeOJlqojnRIRVGktrvt9CjrsBsMnvC7j7uw%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b2db6c9c68af2b-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
117
server
cloudflare
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:40 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
/
shb.richaudience.com/hb/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.95 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
482c408b73fab1429742602bfb4483ec8920fa26571e8c20719e7b67167b69fa
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=154
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
274bb2c1-4262-4275-a2f5-e65cc55c2816
x-xss-protection
0
server
nginx/1.25.5
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_3_left&tagId=44737%3A1000303251&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:01:40 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_3_left&tagId=44737%3A1000303251&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:40 GMT
server
nginx
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:40 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209345&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.153 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
7dce0b62c7100361d1cedb8d03e67f566d9afa92333f8d2f1b16375b0515417c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-ng9.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:01:40 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad71
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209345&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7cxMCo8G0AAEZ-sSMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad71"}
X-SO-HostName
m-ad71.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ7cxMCo8G0AAEZ-sSMAAAAA
Content-Length
94
X-SO-IP
146.70.201.135
X-SO-Ads-Time
24
Server
nginx
prebid
mp.4dex.io/ 		1 KB
1015 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68de2ea8038d16fba34aca3033a40da8795d30183a4c64e31cf7770d8b4fe966

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b2db6ca84cb603-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
809 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=aj0f2cOHk&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_3_left&tid=ac341f04-87af-4633-a008-17e5cff362ab&prebid_id=54d351647577885&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ab7385d2-be9b-4ce0-9a68-d78ca36c44ff%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-87.nrt20.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
PuYNXimeHs4WQeYT8PhCiaBYAUXhcXuC_7gMoYs22P_1QFb6unaMHA==
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 bb1084139629d83977ea8b21c49ea966.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT20-P2
translator
hbopenbid.pubmatic.com/ 		0
70 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:01:40 GMT
server
nginx
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279402&cb=33133920718&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=58a369ce8510b858&tid=ac341f04-87af-4633-a008-17e5cff362ab&uc=gpt_pc_blog_in...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=33133920718&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=58a369ce8510b858&tid=ac341f04-87af-4633-a008-17e5cff362ab&uc=gpt_pc_b...
134 B
367 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=33133920718&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=58a369ce8510b858&tid=ac341f04-87af-4633-a008-17e5cff362ab&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
51ea78d76c995009cdbbcd3f5895d2866720146a6f5e622c7d15fa2272dde990

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=33133920718&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&uid=58a369ce8510b858&tid=ac341f04-87af-4633-a008-17e5cff362ab&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:01:40 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		132 B
718 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173254
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28d812fda2a2c5f4266cf4b9cbedaee24ecd8bf21d2156a675b06755d15db230

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=JUm8852pOqeeqg7UKE3%2BVu5nsfwRs0kVgUNy%2F263Xt5WvskL9NV3B3nBb64TXmkghyVN1c9%2FDT63EJbKWiXfp1Kigg5CRLeWZb957iMVIilkQ%2B4%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b2db6cbc7aaf2b-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
116
server
cloudflare
/
shb.richaudience.com/hb/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.95 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
8f78a6ac770200851e59517ed6e4c5cb242324f764500a3d4c9582f9f51117f8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=315
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
fe07a77b-c8ed-4573-92fa-cb6fd1328f9a
x-xss-protection
0
server
nginx/1.25.5
middy-desktop-4.51.1233.js
cdn.browsiprod.com/sd/apps/middy/ 		383 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.79 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-79.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75e2e4d47e7c7596d591fcacd56dffa46ac630c7302b3501f8984d04d50cdec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=31536000
content-encoding
br
x-amz-version-id
qi40OgQStYwY28IH0dpt62eF5pGhjteu
etag
W/"6c6a64e422dda1334df7e6e9a6cf7b8e"
age
245304
via
1.1 31b8bdf6fddc75da39a6331a42478b80.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
iGDaHZqhbNM1c08L1p-Rzc98NN2Cf9dEzPUEW4uRAmwUZRmky2SHfw==
date
Wed, 05 Nov 2025 09:53:17 GMT
content-type
application/javascript
last-modified
Wed, 05 Nov 2025 09:50:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P8
x-amz-server-side-encryption
AES256
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-ccdb458201a5ff5d4d5e0764af80dfcb-6db84febf420ce1e-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
ccdb458201a5ff5d4d5e0764af80dfcb/7906157020680605214
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.40938346473062914
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358870
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:40 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db6cc8cb2644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
platform.twitter.com/widgets/ Frame 85F8 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02d04afec46359550b450ac2c48d9cd4cf13a0299d32fff3047056f06cee188d

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
12889
content-type
text/html; charset=utf-8
date
Sat, 08 Nov 2025 06:01:40 GMT
etag
"b4ee8875191d05848bcb34575c58675f+gzip"
last-modified
Mon, 11 Dec 2023 17:19:48 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200162-IAD, cache-nrt-rjtt7900069-NRT
embeds
syndication.twitter.com/i/jot/ 		43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Excite_blog%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1762581700686%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=bdf12f3620bf2c61ffcc1572528573b215bf11c0
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

server
cloudflare envoy
strict-transport-security
max-age=631138519; includeSubdomains
x-transaction-id
53c83064e9140def
cache-control
must-revalidate, max-age=600
origin-cf-ray
99b2db6d5924e37f-NRT
cf-cache-status
DYNAMIC
cf-ray
99b2db6d5924e37f-NRT
x-response-time
7
content-length
43
date
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
vary
Origin
perf
7402827104
x-served-by
t4_p
px.gif
ad-delivery.net/ 		43 B
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.982813542998912
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358870
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:40 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db6d69642644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
truncated
/ Frame 85F8 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SK7DRSBW10&gtm=45je5b50h1v886322701z871867219za200zb71867219zd71867219&_p=1762581699723&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=722595003.1762581700&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938469~116217636~116217638&sid=1762581700&sct=1&seg=0&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&dt=10%20Essential%20Tips%20for%20Crypto%20Mining%20Success%20%3A%20TWINKLES&en=page_view&_fv=1&_ss=1&ep.contents_type_foreign=not_set&tfd=1468
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50h1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:164:0
report-to
{"group":"ascnsrsggc:164:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:164:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:164:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SK7DRSBW10&cid=722595003.1762581700&gtm=45je5b50h1v886322701z871867219za200zb71867219zd71867219&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938469~116217636~116217638
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50h1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c00::9b , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:132:0
report-to
{"group":"ascnsrsggc:132:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:132:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:132:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.co.jp/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SK7DRSBW10&cid=722595003.1762581700&gtm=45je5b50h1v886322701z871867219za200zb71867219zd71867219&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938469~116217636~116217638&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938469~116217636~116217638&z=292829911
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 06:01:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.8630628059568691
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/ Frame 1EED 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
61631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3880
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 12:54:29 GMT
etag
7188602577369524748
expires
Fri, 21 Nov 2025 12:54:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gpt_pc_blog_overlay&cls=gpt_pc_blog_overlay&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:40 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 3117 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&adk=433290209&adf=473226989&lmt=1762581700&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700361&bpp=13&bdt=768&idt=449&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3538105162288&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fsapi=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=469
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:40 GMT
expires
Sat, 08 Nov 2025 06:01:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0BA2 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
00083d4c3f2844e2c67293042a7ee2e977910eecc18263e219db4d52d062f208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13471
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Sat, 08 Nov 2025 06:01:41 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
setuid
u.4dex.io/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=78CGVj64qbWtJCN4lSymaVfCpFMRZnwLy9zilwcO7Uo&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
0
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rtbhouse&uid=78CGVj64qbWtJCN4lSymaVfCpFMRZnwLy9zilwcO7Uo&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 06:01:41 GMT
vary
Origin, Accept-Encoding

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://u.4dex.io/setuid?bidder=rtbhouse&uid=78CGVj64qbWtJCN4lSymaVfCpFMRZnwLy9zilwcO7Uo&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
vary
Accept-Encoding
p.js
pdn.adingo.jp/ Frame A109 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdn.adingo.jp/p.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-128.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f70c33af86e3e19b2e72af3ed6096ac60cd1b8e4e9685d806bdfcf291b432f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
x-amz-version-id
68SSrNMo4P.HyQuumtqYJW7fVvLTTKM.
etag
"e36f48717bf9c17e9f11a49ef2bd6645"
age
594
x-cache
Hit from cloudfront
x-amz-cf-id
45H7R00Rmsa6Bzi-gvASC4a-71uYwqP0VtFEB57ydCBCQpH6JXn8Kg==
date
Sat, 08 Nov 2025 05:51:47 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Sep 2025 02:14:34 GMT
cache-control
max-age=600, s-maxage=600, immutable
via
1.1 c48e2bd9d54e87ccaf7b7bca1b3102da.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20368
x-amz-cf-pop
NRT20-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A109 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
11779502037942753168
age
1098
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/ Frame 18EA 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83c8faff109ba90cf68a5d7d0d02716e96e66de5feb4113028c092eed5e954cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
8658142367797687823
age
30630
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 21:31:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 21:31:10 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
6628
x-xss-protection
0
server
cafe
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/ Frame 18EA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8fbd5b5d257438d5c1b781491859472bef148a2f3f747be72b8d6caef431367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
2165137149068350384
age
30630
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 21:31:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 21:31:10 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9578
x-xss-protection
0
server
cafe
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.79 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-79.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
age
6000
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
dNPXp-PEvcPso3JgjPo7Ssv66uc8wnV-B0AFhrsMATGT911tN6IGjw==
date
Sat, 08 Nov 2025 04:21:41 GMT
content-type
application/javascript
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
via
1.1 4b6c7ad5dacffe91dde6317f9f24d81e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT57-P8
server
AmazonS3
web-vitals-4.2.3.js
cdn.browsiprod.com/web-vitals/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/web-vitals/web-vitals-4.2.3.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.79 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-79.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cf3e6d0ce85a08fee4fd2a90152a1a50e8b829c10003981d8f79da6cc2e874c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
content-encoding
gzip
etag
W/"368295c3c1ca25cab006d95cf23bf675"
x-amz-version-id
auY5YQzsiUXHB2pR679xyleBGL_hEO7t
age
30547
via
1.1 31b8bdf6fddc75da39a6331a42478b80.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
UmdxYFj3UiqvrZGxIhpH1U-DjDh9mHIHkBrJ2icpV7DU3jXKafbhEw==
date
Fri, 07 Nov 2025 21:45:29 GMT
content-type
application/javascript
last-modified
Mon, 26 Aug 2024 12:35:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P8
x-amz-server-side-encryption
AES256
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame A109 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame A109 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame A109 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
rtd_supply
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_supply?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
rtd_supply
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_supply?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
cb.js
cdn.sx.adingo.jp/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sx.adingo.jp/cb.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2943:1a00:a:d2fd:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e896507e687129617fcf7ee9f55216897bfdbbd55393322f8277b1c97a9cd9c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
cache-control
public, immutable, max-age=900, s-maxage=7200, stale-while-revalidate=14400, stale-if-error=864000
content-encoding
br
x-amz-version-id
KDLxO8S11dj67KRguKFHiOmEm.f76YaC
etag
W/"80eec4d215a36a33af61f94523b88a65"
age
6658
via
1.1 ba197ae0cd8410de85ea1b4619bff194.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
P-3UsbQJLt-UKeZk04MHnb0lhaKA_hsCkMInh_nPvXipL5PHIsnKdw==
date
Sat, 08 Nov 2025 04:10:44 GMT
content-type
text/javascript
last-modified
Mon, 14 Jul 2025 07:03:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P7
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		335 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8266/0001/itm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
02614a06346392d7fcd1a8962e07e037c6a8ea3226da6f599a83bc2cb24ed74a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121412
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/gpt
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
13283420341987886150
age
54385
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 14:55:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 14:55:16 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23314
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202510140101"
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=870617481837885&correlator=3001502660068336&eid=31095251%2C95375632%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_2_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&dids=gpt_pc_blog_inarticle_rec_2_le&adfs=831591099&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D942f7e439c459d3d%3AT%3D1762581700%3ART%3D1762581700%3AS%3DALNI_MY-yDEQ04M7o4L6n0uB-YJ4o-pVxw&gpic=UID%3D000011b0bc4aec31%3AT%3D1762581700%3ART%3D1762581700%3AS%3DALNI_MZ09pAmhjiopPfc2c5Crf3M9CHvsg&abxe=1&dt=1762581701121&lmt=1762581701&adxs=510&adys=1732&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskkezL9T2tbElmsXr9XF90eJw1am2BDpn1VuDy5e5wg0tUickjPy-SLV6alXOFZkCxdm_VQQEj9URRZX2K-dqKQUaW3pbLdMf_zIxut&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762581699592&idt=808&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=2701395909&frm=20&eo_id_str=ID%3Dbafaf13df53f15ad%3AT%3D1762581700%3ART%3D1762581700%3AS%3DAA-AfjacRpDD4sw_LAG1r1qfD8s_&gblpids=%2F18333008%2FPC_blog_inarticle_rec_2_left&pb_szs=300x250&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
d2d4ee85af8a63b153c8c3df4b707535cda6fb9c0652fb4231c36599cc73a6e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
4840
x-xss-protection
0
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-c5a5e3f11eb3b13f3b4d98fe0c69130e-4b41dece7881ab77-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
c5a5e3f11eb3b13f3b4d98fe0c69130e/5422860404697181047
/
sh.adingo.jp/p/ Frame A109 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sh.adingo.jp/p/?G=1000142419&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&R=&serial=31029365570791&guid=ON&kv=%7B%22page_title%22%3A%5B%2210%20Essential%20Tips%20for%20Crypto%20Mining%20Success%20%3A%20TWINKLES%22%5D%2C%22keywords%22%3A%5B%22TWINKLES%22%2C%22%E3%83%96%E3%83%AD%E3%82%B0%22%5D%7D&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=491e53fa-f265-4a21-b297-af60d3416f18
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.248.77.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-248-77-59.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1c0b5f950a0d42bfff5edab298c78d214a1f594e74a8d08ac169bd97a16ea9e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
server
nginx
last-modified
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-headers
Content-Type
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 0BA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
36953
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:45:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:45:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 0BA2 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
11924741404489600640
age
36954
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:45:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:45:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8624
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ Frame 0BA2 		0
0
adview
googleads.g.doubleclick.net/pagead/ Frame 0BA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbL_xxNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBPoBT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9PR0zm-Cr9hpIUZbR_3oLX8TlUIyM8A6LB5SlEwqyUAZ9LVX8DIAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZADgAoB-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFyoKGBIUcHViLTg1NDQzMjE5OTYxMjQ2NjAYABgMKgo2NDUwMTM2NTQzUAGqGBcJwipejQDKuEASCjY0NTAxMzY1NDMYAQ&sigh=587DvOD4bHg&uach_m=%5BUACH%5D&cid=CAQSnwEAwksa0Xv2Ua_oshkoMT8uV5Sd8Xf6qvxm2-JZ9MWIr31O_ZZUkYGXxOck-1zqb42SckC0oG8a1m7m6ePC-OcUCNz9-x744F8TFW6YkGnROESbIjv6UhWUtldfVpydILm92gbyzW2U-dO62QnMN7U3CD6vwmjIopJhal16DwebS-n7EobTRHUnPZ3LqqlfT_5UTkVaErJRTT-LeXPBx4EYAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472

Response headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
notify
rtb.sg1.as.criteo.com/googleortb/auction/ Frame 0BA2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.sg1.as.criteo.com/googleortb/auction/notify?profile=14&payload=mr6tErr3AawC-gG-ZqqlGwAAAKsXDnXLvVu2EQy6dBDE3A5pos-JafbAlYc0KwAAEgAACg5BUVVCRGdFQkRnWUJEZ2lkp2huUWd8c1Mek1MeWEo&wp=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::32 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

strict-transport-security
max-age=31536000; preload;
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
server
Kestrel
server-processing-duration-in-ticks
189336
afr.php
ads.as.criteo.com/delivery/r/ Frame 3191 		144 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3533b1d8206e00126b181d23abbd30440e607a3b74257f6b77bc66bb43f8599
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:40 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://client-side-metrics.as.criteo.net/heavyad?cppv=3&cpp=A4lB9pqT3orBc7TFboZec-p_3xExRz2Izj9YuPEZ-GyeZrq8nJw4Dy6fFUEUsQWjGFV3GB89pT8dUnN70YHDyfK-lPkOtbXGZ6h-ds0rbvqVKaQKGhU3tbEl0Rgb-RC-PF1Pgpv-LaNUOPx2G_jTUdF6A3Ots8bECjzNFufCVp1csjVlh7Cwv3n_0I0NaqJ4uOnSps8eaT170eAN_WsqL5db-Ah4B1Ysy2-P7FIxpa_-MuFJ6G-Vry7hRuzsFb-yrqGECQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
33785624
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-trace-id
601661dcaba2e8d3ae63f0d0e311a480
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 375C 		1 KB
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
54227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
812
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 14:57:54 GMT
etag
9725182468138058862
expires
Sat, 08 Nov 2025 14:57:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=870617481837885&correlator=3002900028070597&eid=31095251%2C95375632%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&dids=gpt_pc_blog_inarticle_rec_left&adfs=1694680682&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D942f7e439c459d3d%3AT%3D1762581700%3ART%3D1762581700%3AS%3DALNI_MY-yDEQ04M7o4L6n0uB-YJ4o-pVxw&gpic=UID%3D000011b0bc4aec31%3AT%3D1762581700%3ART%3D1762581700%3AS%3DALNI_MZ09pAmhjiopPfc2c5Crf3M9CHvsg&abxe=1&dt=1762581701255&lmt=1762581701&adxs=510&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskkezL9T2tbElmsXr9XF90eJw1am2BDpn1VuDy5e5wg0tUickjPy-SLV6alXOFZkCxdm_VQQEj9URRZX2K-dqKQUaW3pbLdMf_zIxut&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762581699592&idt=808&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D8.00%26hb_adid%3D65b2d495ae68a44%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=3140661673&frm=20&eo_id_str=ID%3Dbafaf13df53f15ad%3AT%3D1762581700%3ART%3D1762581700%3AS%3DAA-AfjacRpDD4sw_LAG1r1qfD8s_&gblpids=%2F18333008%2FPC_blog_inarticle_rec_left&pb_szs=300x250&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
ba145c0641199caf5b6f95f393a7d47a8affbee9588b2b65a6039feb9d6c8daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
dcb
google-lineitem-id
5406912180
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315327170
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
2830
x-xss-protection
0
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-eb8eb8a3147d43383b4d98fe0c69169f-fd735bfcc620ac98-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
eb8eb8a3147d43383b4d98fe0c69169f/18263042055131409560
truncated
/ Frame 0BA2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ede2ee4e1c82f851f23ee2d6373c9de405734e7f5e5af3447c1e39365d72a8d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=870617481837885&correlator=2548610534007651&eid=31095251%2C95375632%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_3_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&dids=gpt_pc_blog_inarticle_rec_3_le&adfs=2641128446&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D5b2532975c3ac1a1%3AT%3D1762581700%3ART%3D1762581700%3AS%3DALNI_MaNWn-QY7ZcGDcLLQ6AtYr3r3aU8w&gpic=UID%3D000011b0bce34e2f%3AT%3D1762581700%3ART%3D1762581700%3AS%3DALNI_MZKiGO0jEoG8lYCzGpTYZaqZBz2_w&abxe=1&dt=1762581701293&lmt=1762581701&adxs=510&adys=2266&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskkezL9T2tbElmsXr9XF90eJw1am2BDpn1VuDy5e5wg0tUickjPy-SLV6alXOFZkCxdm_VQQEj9URRZX2K-dqKQUaW3pbLdMf_zIxut&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762581699592&idt=808&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D4.00%26hb_adid%3D67a97a2147121048%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=2659255272&frm=20&eo_id_str=ID%3Df65741dc0a3d92b1%3AT%3D1762581700%3ART%3D1762581700%3AS%3DAA-Afjbd41o97Dju-bYuzy7x_TLJ&gblpids=%2F18333008%2FPC_blog_inarticle_rec_3_left&pb_szs=300x250&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
1ecd661a28bb47fcae4093dd371f0ce1273d412e75c5d91b68e1fa9747f184e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
dcb
google-lineitem-id
5406912174
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315363297
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
2822
x-xss-protection
0
server
cafe
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3191 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42ba84-6aa"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3191 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42b9ee-759"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
close_button.svg
static.criteo.net/flash/icon/ Frame 3191 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"5e46a5e4-134"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
308
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
back_button2.svg
static.criteo.net/flash/icon/ Frame 3191 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"626a59dc-125"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
293
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
lg.php
cat.jp2.as.criteo.com/delivery/ Frame 3191 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=uts78zCtPTLTAfe0gotYDhoCkK7Mc-YCumeCSjwtAlRLa-X4054-uMNV_KnGMOZidLJHKszz5KptBvb6hP_Y74jM9aixrSsf6L9es9jTcMerFqCp_HVI5onH7O5jr2Td6Br0yF_qRDPChsy8Vc5w13bPldlAP0-ani1TsqneYNZR79h_1w8IOkygktwG31OYL0O7OaNxnRzBDNkJ0PLY-qPgLTH1umSuTwfC3eOoaBQPYKl8O8enmjkOX1jMzJ_RuTqa3ZACK3gsSCy98UVB-z33t5V0bFYDuwzUpcekfvZwspNdKcrDGDTfftbEjS5aoht3geG21N38opeilQaWnqioZ9Fia8NHj-5AJtnSA7SqU68eou_jfU1pMDyHgJTNn8PCcitAIMMt_5YOzHUGfwzlO3m2YC8RCR1rU__G5AfRWe7VNz5I7KKAARagTPDbUKs_y2iaoIKdg2GEnEerpV1OcOiBkLgozV80jfMriM9Addf-BX4f1Zz2sFbkcmCBhuJvfc6QCCyM0ahbUX49YgLbXtZ7fiEdDCUo3cJm6V5z_VVl
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::31 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1564538
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
server
Kestrel
sync
sync.fout.jp/ Frame A109 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.fout.jp/sync?xid=fluct
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.37 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 06:01:41 GMT
Content-Type
image/gif
Server
nginx
/
cs.adingo.jp/sync/ Frame A109
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fluct
  • https://x.bidswitch.net/ul_cb/sync?ssp=fluct
  • https://cs.adingo.jp/sync/?from=bidsw&id=435287f2-cb7d-4872-8355-902b772ad7ed
43 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=bidsw&id=435287f2-cb7d-4872-8355-902b772ad7ed
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cs.adingo.jp/sync/?from=bidsw&id=435287f2-cb7d-4872-8355-902b772ad7ed
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D678 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=153257
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame A109
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
pragma
no-cache
x-forwarded-for
146.70.201.135
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 61E0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=fluct&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 08 Nov 2025 06:01:41 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
location
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
server
AkamaiGHost
/
cs.adingo.jp/sync/ Frame A109
Redirect Chain
  • https://ad.as.amanad.adtdp.com/v1/sync/ssp?ssp=5
  • https://cs.adingo.jp/sync/?from=aja&id=s2suidHSCZO7PGM2QKlhmn32N8-gyLxHgCcuqlCwGxONuILS5t4rcN-5wO6vAsBndK_DcjpE29U1
43 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=aja&id=s2suidHSCZO7PGM2QKlhmn32N8-gyLxHgCcuqlCwGxONuILS5t4rcN-5wO6vAsBndK_DcjpE29U1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
6OmZGFxIIKgL6JipWVCo6xW39zQN_mtVybE_3aB-yNc8GU5pj4dtUQ==
date
Sat, 08 Nov 2025 06:01:41 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://cs.adingo.jp/sync/?from=aja&id=s2suidHSCZO7PGM2QKlhmn32N8-gyLxHgCcuqlCwGxONuILS5t4rcN-5wO6vAsBndK_DcjpE29U1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 bb1084139629d83977ea8b21c49ea966.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
0
x-xss-protection
0
x-amz-cf-pop
NRT20-P2
/
cs.adingo.jp/sync/ Frame A109
Redirect Chain
  • https://hrbh3.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D
  • https://hrbh3.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D
  • https://cs.adingo.jp/sync/?from=magnite&id=f9302e1a028a483ca5bebd760dab9cf3
43 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=magnite&id=f9302e1a028a483ca5bebd760dab9cf3
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:42 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

location
https://cs.adingo.jp/sync/?from=magnite&id=f9302e1a028a483ca5bebd760dab9cf3
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 08 Nov 2025 06:01:42 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame A109
Redirect Chain
  • https://y.one.impact-ad.jp/tbs_cs?callback=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dp1%26id%3D%24UID&ex=p1.com
  • https://cs.adingo.jp/sync/?from=p1&id=82626013-c39d-4924-badf-5965e0c41e47
43 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=p1&id=82626013-c39d-4924-badf-5965e0c41e47
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://cs.adingo.jp/sync/?from=p1&id=82626013-c39d-4924-badf-5965e0c41e47
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
pixel
cm.g.doubleclick.net/ Frame A109
Redirect Chain
  • https://cs.adingo.jp/adx/go/?nid=fluct_eb
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbf0d86134963f4a5205ad2b21b441f3
170 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbf0d86134963f4a5205ad2b21b441f3
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbf0d86134963f4a5205ad2b21b441f3
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html; charset=UTF-8
server
nginx
/
cs.adingo.jp/sync/ Frame A109
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=dj0pjjk&ttd_tpi=1
  • https://cs.adingo.jp/sync/?from=tdid&id=20657a5b-463b-4127-b06a-ab3e93a99895&ttl=1765173701
43 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=tdid&id=20657a5b-463b-4127-b06a-ab3e93a99895&ttl=1765173701
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

location
https://cs.adingo.jp/sync/?from=tdid&id=20657a5b-463b-4127-b06a-ab3e93a99895&ttl=1765173701
content-length
213
date
Sat, 08 Nov 2025 06:01:41 GMT
server
Kestrel
fltids
aud.adjust-net.jp/adfrontserver/ Frame A109 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aud.adjust-net.jp/adfrontserver/fltids?val=dbf0d86134963f4a5205ad2b21b441f3
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.73.112.140 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-73-112-140.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
server
nginx
content-length
0
sync
gum.criteo.com/ Frame A109 		56 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
dd7fefb994e22052f611ba65c8023f4ef628a03af1f3322a6728975e488940d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
514023
expires
60
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
id5-api.js
cdn.id5-sync.com/api/1.0/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:a937 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17e84af7ba998526041e90409fec0d80e0bf436fecd99cd94ea4124f1047141
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"9d3ef6e0b1008a729462806417366a8e"
age
11
expires
Sat, 08 Nov 2025 07:01:41 GMT
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/javascript;charset=utf-8
vary
accept-encoding
last-modified
Tue, 04 Nov 2025 08:00:55 GMT
x-amz-id-2
gvx5QQHR0KlOWDlZ3Xr+G6TtbJC9Aaju5X1KTq21INrp96d/61XrUY4z7M4FRA61bLz6APDLKYY=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
PRPEQ4VMKZP2Q3CX
cf-ray
99b2db715c04b1de-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
pmt.js
dmp.im-apps.net/pms/r7RdVKlj/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c23 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
17642f269032d70bd80f65a51b29ff2dfbd2562fab3388a0ff566e5e5ec4f0f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=3640
content-encoding
gzip
etag
"88b28808d3e1b7c043cd159dea364df6"
x-amz-version-id
C5aMNXmeNAE94deWOfnzY1s.dApqvpPr
expires
Sat, 08 Nov 2025 07:02:21 GMT
accept-ranges
bytes
content-length
2442
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 06:01:41 GMT
last-modified
Tue, 28 Oct 2025 06:58:42 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
/
cs.adingo.jp/sync/ Frame A109
Redirect Chain
  • https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&t=.gif
  • https://cs.adingo.jp/sync/?from=scaleout&id=aQ7cxMCo8HcAAMhKxz4AAAAA
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=scaleout&id=aQ7cxMCo8HcAAMhKxz4AAAAA
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

X-SO-LB-Hostname
m-ng14.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:01:41 GMT
Cache-Control
private
Location
https://cs.adingo.jp/sync/?from=scaleout&id=aQ7cxMCo8HcAAMhKxz4AAAAA
X-SO-Cluster-ID
0
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&t=.gif","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7cxMCo8HcAAMhKxz4AAAAA","privacy_sensitive":false,"uid":"aQ7cxMCo8HcAAMhKxz4AAAAA","upstream_id":"m-ad1168"}
X-SO-Upstream-ID
m-ad1168
X-SO-HostName
m-ad1168.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
146.70.201.135
X-SO-Key
aQ7cxMCo8HcAAMhKxz4AAAAA
Content-Length
0
X-SO-Ads-Time
4
X-SO-UID
aQ7cxMCo8HcAAMhKxz4AAAAA
Server
nginx
register-source
measurement-api.criteo.com/ Frame 3191 		2 B
180 B 		Other
General
Check archive.org
Download Go to
Full URL
https://measurement-api.criteo.com/register-source?impressionId=690edcc464c6a76def99ba2769f76430&partner_domain=leopalace21.com&external_uid=c5831fad-9229-4a01-a328-448c42e4131c&partner_id=4652&source_type=event&campaign_id=300734&marketing_objective_type=0&creative_type=1&hashed_external_id=5414317638871888531&hashed_external_id=-4622825294524041652
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html
vary
Accept-Encoding
server
Kestrel
animejs.js
static.criteo.net/animejs/ Frame 3191 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5c9a64eb-3181"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/javascript
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEhaAM9FNMDd4AG3R7UQF0c&google_cver=1&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_...
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEhaAM9FNMDd4AG3R7UQF0c&google_cver=1&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_F9jiO8gopXjSlVdm7NYC3Z2_FIXlxONy7ZPFsC05ZIyHc&google_hm=fP-O5mJJ8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_F9jiO8gopXjSlVdm7NYC3Z2_FIXlxONy7ZPFsC05ZIyHc&google_hm=fP-O5mJJ84GFNhiiQXIFtg
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AXcoOmTjh_leqCTzjJqiP2fPPxm3tkLQzSH-okD8aukTgjwFqVkrVX8sE_F9jiO8gopXjSlVdm7NYC3Z2_FIXlxONy7ZPFsC05ZIyHc&google_hm=fP-O5mJJ84GFNhiiQXIFtg
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_cver=1&google_push=AXcoOmQXMHosfjJj5EqwHyRzncuhU5LxGcRo3UHq_qdCxeXVBUmMILV...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=233e071b17a1ff1&is_secure=true&networkId=14000&version=1&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_cver=1&google_push=AXcoOmQXMHosf...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAKvTVR9bJFuQJM3rTPAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAES...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAKvTVR9bJFuQJM3rTPAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_push=AXcoOmQXMHosfjJj5EqwHyRzncuhU5LxGcRo3UHq_qdCxeXVBUmMILVNi366XL0RZhO9wYXSA_kot-ZblrKAsWGmFJ23fXE-YbZWQTw
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQAKvTVR9bJFuQJM3rTPAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAESEHZ7VyFc_M8Bv1uLCM-c0K4&google_push=AXcoOmQXMHosfjJj5EqwHyRzncuhU5LxGcRo3UHq_qdCxeXVBUmMILVNi366XL0RZhO9wYXSA_kot-ZblrKAsWGmFJ23fXE-YbZWQTw
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
server
nginx
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEKzgWua5GEFXMrxHcYawwn0&google_cver=1&google_push=AXcoOmQCvCaKOBPmnKonYn7nQJ7zyd6nFezYUnrEofmhGuqDsdJoTpAEAINTdO-VvLolXMuxJ_itbyo...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQCvCaKOBPmnKonYn7nQJ7zyd6nFezYUnrEofmhGuqDsdJoTpAEAINTdO-VvLolXMuxJ_itbyo8fBf13HuenoEZQXGyZWhJBw&google_hm=YZdspvpXQvas1pb...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQCvCaKOBPmnKonYn7nQJ7zyd6nFezYUnrEofmhGuqDsdJoTpAEAINTdO-VvLolXMuxJ_itbyo8fBf13HuenoEZQXGyZWhJBw&google_hm=YZdspvpXQvas1pbPTuaIRoc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmQCvCaKOBPmnKonYn7nQJ7zyd6nFezYUnrEofmhGuqDsdJoTpAEAINTdO-VvLolXMuxJ_itbyo8fBf13HuenoEZQXGyZWhJBw&google_hm=YZdspvpXQvas1pbPTuaIRoc
pragma
no-cache
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
302
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CUR OUR NOR"
content-length
0
x-xss-protection
1; mode=block
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmRdv3IMeoKsw6xn_M_TG5LChix6KCwsq99tbufJHqj-CMFoqx6V5d09tWbgFGKb0CD6mJMLeZBWl45r4rcEd0imfgqawmUHjuQ&google_gid=CAESEMb1WrCdS0rGjivgrvAh-Ns&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmRdv3IMeoKsw6xn_M_TG5LChix6KCwsq99tbufJHqj-CMFoqx6V5d09tWbgFGKb0CD6mJMLeZBWl45r4rcEd0imfgqawmU...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmRdv3IMeoKsw6xn_M_TG5LChix6KCwsq99tbufJHqj-CMFoqx6V5d09tWbgFGKb0CD6mJMLeZBWl45r4rcEd0imfgqawmUHjuQ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmRdv3IMeoKsw6xn_M_TG5LChix6KCwsq99tbufJHqj-CMFoqx6V5d09tWbgFGKb0CD6mJMLeZBWl45r4rcEd0imfgqawmUHjuQ
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESENoUcY7rhyJlmw9zrmg0VT0&google_cver=1&google_push=AXcoOmT4jMGXKvTEXA_JdkCavbo_NQF3ujpKIcKshErFn7wEqqakBiXd24CBzu1v4YM...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT4jMGXKvTEXA_JdkCavbo_NQF3ujpKIcKshErFn7wEqqakBiXd24CBzu1v4YMvPM1VpBL4R96_Dqb0Ah8BtpbNWsPEFF9cDnUe
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT4jMGXKvTEXA_JdkCavbo_NQF3ujpKIcKshErFn7wEqqakBiXd24CBzu1v4YMvPM1VpBL4R96_Dqb0Ah8BtpbNWsPEFF9cDnUe
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

access-control-max-age
86400
x-bytefaas-request-id
2025110806014161A4E4BB314CDB813633
access-control-allow-methods
*
expires
Sat, 08 Nov 2025 06:01:41 GMT
server-timing
inner; dur=62, cdn-cache; desc=MISS, edge; dur=1, origin; dur=174
x-cache
TCP_MISS from a23-223-41-158.deploy.akamaitechnologies.com (AkamaiGHost/22.3.1-beec7c8e6b19d04c9cf512962152fd16) (-)
date
Sat, 08 Nov 2025 06:01:41 GMT
x-akamai-request-id
f11ff03a
x-tt-trace-host
015884b634ba0ad777a3afa1da202a39e6d189a6bff6440805ebfdfa1cfaab1bc4d06fa0d96f583a335732bec36f06dac2513a3da1d15e9ec79f07145bbc778f9e40a970c4edc37dc48718a95d4d923b3488670ea39b458669bc9d3faa3259d596
access-control-allow-headers
*
x-bytefaas-execution-duration
59.33
x-origin-response-time
174,23.223.41.158
cache-control
max-age=0, no-cache, no-store
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmT4jMGXKvTEXA_JdkCavbo_NQF3ujpKIcKshErFn7wEqqakBiXd24CBzu1v4YMvPM1VpBL4R96_Dqb0Ah8BtpbNWsPEFF9cDnUe
pragma
no-cache
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-credentials
true
access-control-allow-origin
*
x-tt-trace-id
00-25110806014161A4E4BB314CDB813633-777F27A5C0AE9C0E-00
content-length
0
x-tt-logid
2025110806014161A4E4BB314CDB813633
server
nginx
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://tracking.prismpartner.smt.docomo.ne.jp/sync/adx?google_gid=CAESEL3FvvxKYS6GA5vApJkbnxk&google_cver=1&google_push=AXcoOmRr6OTIciI8tPazN1BZcQpWc8v81j3uQftH5ZddBGQrH2loJvm2c0Ai6FkfcSkqhVy2jrrb...
  • https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=I_yvvrAhRjmo2VRX4Cw7tQ&google_push=AXcoOmRr6OTIciI8tPazN1BZcQpWc8v81j3uQftH5ZddBGQrH2loJvm2c0Ai6FkfcSkqhVy2jrrb7zmb78HzFKu3R...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=I_yvvrAhRjmo2VRX4Cw7tQ&google_push=AXcoOmRr6OTIciI8tPazN1BZcQpWc8v81j3uQftH5ZddBGQrH2loJvm2c0Ai6FkfcSkqhVy2jrrb7zmb78HzFKu3RzohGrxuQ6RPCCW5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=I_yvvrAhRjmo2VRX4Cw7tQ&google_push=AXcoOmRr6OTIciI8tPazN1BZcQpWc8v81j3uQftH5ZddBGQrH2loJvm2c0Ai6FkfcSkqhVy2jrrb7zmb78HzFKu3RzohGrxuQ6RPCCW5
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 375C
Redirect Chain
  • https://gtracenep.admaster.cc/ju/cs/google?google_gid=CAESELQ6iBUifOL58F0dB36NSTE&google_cver=1&google_push=AXcoOmSnTXPFmH9ztNWA9vfDt4OzLULABnBEgmlgTIXo0ik9UvD87J8rGdUQwdoxSy6ilkUXvyZ3ggspqZQIe3PDj...
  • https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSnTXPFmH9ztNWA9vfDt4OzLULABnBEgmlgTIXo0ik9UvD87J8rGdUQwdoxSy6ilkUXvyZ3ggspqZQIe3PDjnvZgodbmMVV4LvQ&google_hm=05a3810e8dee14a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSnTXPFmH9ztNWA9vfDt4OzLULABnBEgmlgTIXo0ik9UvD87J8rGdUQwdoxSy6ilkUXvyZ3ggspqZQIe3PDjnvZgodbmMVV4LvQ&google_hm=05a3810e8dee14a52blvvj00mhpvmx6w
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSnTXPFmH9ztNWA9vfDt4OzLULABnBEgmlgTIXo0ik9UvD87J8rGdUQwdoxSy6ilkUXvyZ3ggspqZQIe3PDjnvZgodbmMVV4LvQ&google_hm=05a3810e8dee14a52blvvj00mhpvmx6w
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-headers
Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 375C 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JIesxj_rn0SWD2y27mHNzcWyWUkijb7-1bgGxT1zpuH4rjKbugG5M7JaDLFkqpe679Y2kZBSRj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762581700&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762581700375&bpp=1&bdt=782&idt=464&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3538105162288&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31095105%2C95376583%2C95344789&oid=2&pvsid=870617481837885&tmod=1983400641&uas=0&nvt=1&fc=1920&brdim=30%2C30%2C30%2C30%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
text/html
server
HTTP server (unknown)
cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
static.criteo.net/design/dt/4652/4537618/ Frame 3191 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/4652/4537618/cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
063b98aee45fb1fd1e70b83917ad0efe7b1011e2151b3aa49ec6812a9be64f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"648819f3-11d2"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
4562
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/jpeg
last-modified
Tue, 13 Jun 2023 07:25:39 GMT
server
nginx
005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8Whj...
imageproxy.as.criteo.net/v1/ Frame 3191 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8WhjYkZCZlUAm6eaNTouEQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
79d2c8ad1333cac8f8b0358e19d2537973f81832d22286c474dc411c236b0b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=31104000
timing-allow-origin
*
age
140265
cross-origin-resource-policy
cross-origin
x-trace-id
53db02890fd9240390b65f861354654a
expires
Sat, 24 Oct 2026 10:27:15 GMT
accept-ranges
bytes
x-cache
hit
content-length
17506
date
Thu, 06 Nov 2025 15:03:55 GMT
content-type
image/png
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuN0cLorJvPrrRYKiHjHRzBiWKYtHsPrDsVYF9I3Mf9bwH8HJYm4t7t0GqyESxVLXogFLXYbvoKEwqHkBN42WrehFqCKyq4ZB9B12NXSET5RoNdSFE5gxK5C1FmUqVtN9L6w3nbr9HhiMancq3BKGc8L1IzCjByzvoeYmpOOLyyQWjy6u3yDSZ...
imageproxy.as.criteo.net/v1/ Frame 3191 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuN0cLorJvPrrRYKiHjHRzBiWKYtHsPrDsVYF9I3Mf9bwH8HJYm4t7t0GqyESxVLXogFLXYbvoKEwqHkBN42WrehFqCKyq4ZB9B12NXSET5RoNdSFE5gxK5C1FmUqVtN9L6w3nbr9HhiMancq3BKGc8L1IzCjByzvoeYmpOOLyyQWjy6u3yDSZofMsBFTt?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
443e6bf288ee90b8bf09b3d39e6b2b9ce36888c98ba180ad2039aaeeb2af88f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
51527
cross-origin-resource-policy
cross-origin
x-trace-id
7cbbf9557119d292bc8e8f0aa4eff5b3
expires
Fri, 07 Nov 2025 15:57:13 GMT
accept-ranges
bytes
x-cache
hit
content-length
15098
date
Fri, 07 Nov 2025 15:42:53 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuPxYnV6hI9JCAisgjtkfRmz3p9bmazY9rwMQRSywWlMchoiSrFdlBi809g1Oru3nd97fC7E68NYgkxV6sCHs3L6X268ij9ojpbOi5YmyfTbRfPm8PJMHvrQArrfMFXJoV4diStU81EhUc2qr728dbSNmOf36biieKTgkTXt68ilbAic0mlRwb...
imageproxy.as.criteo.net/v1/ Frame 3191 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuPxYnV6hI9JCAisgjtkfRmz3p9bmazY9rwMQRSywWlMchoiSrFdlBi809g1Oru3nd97fC7E68NYgkxV6sCHs3L6X268ij9ojpbOi5YmyfTbRfPm8PJMHvrQArrfMFXJoV4diStU81EhUc2qr728dbSNmOf36biieKTgkTXt68ilbAic0mlRwbTSULgaz8?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
62dd88171414dab003cf9d34149e19b8ffbdfa6b168dd75b0b9d93e15f1192dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
8277
cross-origin-resource-policy
cross-origin
x-trace-id
94200f14da8bfa1312b5684c27a288ff
expires
Sun, 09 Nov 2025 01:58:24 GMT
accept-ranges
bytes
x-cache
hit
content-length
4998
date
Sat, 08 Nov 2025 03:43:43 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
all
client-side-metrics.as.criteo.net/ Frame 3191 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=A4lB9pqT3orBc7TFboZec-p_3xExRz2Izj9YuPEZ-GyeZrq8nJw4Dy6fFUEUsQWjGFV3GB89pT8dUnN70YHDyfK-lPkOtbXGZ6h-ds0rbvqVKaQKGhU3tbEl0Rgb-RC-PF1Pgpv-LaNUOPx2G_jTUdF6A3Ots8bECjzNFufCVp1csjVlh7Cwv3n_0I0NaqJ4uOnSps8eaT170eAN_WsqL5db-Ah4B1Ysy2-P7FIxpa_-MuFJ6G-Vry7hRuzsFb-yrqGECQ&sds=2&rev=102983&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
x-rate-limit-limit
1s
x-rate-limit-reset
2025-11-08T06:01:41.6955810Z
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:01:40 GMT
x-rate-limit-remaining
8573
server
Kestrel
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3191 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"60af9cf7-891"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
privacy.svg
static.criteo.net/flash/icon/ Frame 3191 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e4d1491-646"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
geo
ut.pubmatic.com/ Frame D678 		22 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
usync.js
eus.rubiconproject.com/ Frame 61E0 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
37589a4616b391d7893085171a60ef159a6921d920d69331a623d702f80c3bff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac

Response headers

cache-control
max-age=65079
content-encoding
gzip
expires
Sun, 09 Nov 2025 00:06:20 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11431
date
Sat, 08 Nov 2025 06:01:41 GMT
last-modified
Sat, 08 Nov 2025 00:06:20 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-4b193406eaabf8f83b4d98fe0c691b03-272d8be42fa8b8c8-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
4b193406eaabf8f83b4d98fe0c691b03/2823066353599559880
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=b2f407fd-c927-4a7a-b5a8-edb669396a51
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.202.27.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-202-27-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
khaos.json
token.rubiconproject.com/ Frame 61E0 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
content-length
7
content-type
application/json; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame D678 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=3012596&p=156313&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 Nov 2025 06:01:41 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
destination
www.googletagmanager.com/gtag/ 		322 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10208769&l=itm_dl1&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ccd2d6c85ccf2dd52c6d8a0cb0ada46f2c5b6d2f565d87bcad2c7b24e72d2566
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
report-to
{"group":"ascgsrsghrgc:72:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0"}],}
expires
Sat, 08 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgsrsghrgc:72:0
content-length
118105
x-xss-protection
0
server
Google Tag Manager
beacon.html
cf.im-apps.net/imid/ Frame BB97 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.im-apps.net/imid/beacon.html
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
21d68041de9a1b20d2ac2ba4956903eea7e785c5bbc7b0fddb498827b13a57a6

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
gzip
content-length
1381
content-type
text/html
date
Sat, 08 Nov 2025 06:01:41 GMT
etag
"ed9e18514d99c699494df0787acbca6f"
expires
Sun, 09 Nov 2025 06:01:41 GMT
last-modified
Wed, 18 Dec 2024 10:34:56 GMT
p3p
CP="NOI PSD OTR"
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
pageview.js
cdn.audiencedata.net/js/v1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c28 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
76cf7c805375b29f196da2ca5194c23e3e81e6f15cbde447ac9c5f373b2ce27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
PENDING
Cache-Control
max-age=259200
Content-Encoding
gzip
ETag
"192e6646ecb83536f1d67f794080ddb3"
Connection
keep-alive
Expires
Tue, 11 Nov 2025 06:01:41 GMT
Accept-Ranges
bytes
Content-Length
2033
P3P
CP="NOI PSD OTR"
Date
Sat, 08 Nov 2025 06:01:41 GMT
Last-Modified
Thu, 28 Nov 2024 02:55:43 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
x-amz-server-side-encryption
AES256
/
atb.im-apps.net/a/imsync/8266/622274/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atb.im-apps.net/a/imsync/8266/622274/?token=98e0054c7674dd6ac62e58bc78c5af30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2dbc:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
container.html
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 972E 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:40 GMT
expires
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.3686892201834677
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358871
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:41 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db724d1b2644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.3542966326493777
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3442459539251621
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358871
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:41 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db724d1d2644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
dns
ab.dns-finder.com/meta/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.dns-finder.com/meta/dns
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.200.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers
X-Resolver
x-resolver
default
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
text/plain; charset=utf-8
vary
Origin
set
sync.im-apps.net/imid/ Frame BB97 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?no_sync=1
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.175 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-118-175.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 06:01:41 GMT
Content-Type
image/gif
Connection
keep-alive
adview
securepubads.g.doubleclick.net/pagead/ Frame 972E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CZMdFxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLQCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr5ykLqevIdcO55OESw5iGmbtT5Mzoa9XRNO5VD2SyqS4hEjJufrgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA4AKA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXLAoaEhRwdWItMzEzNTk2NjE3Nzg0Mzk5MhiAvRQYDCoKMzAwMDc4Mjc3OFABqhgXCT6Owvtn-rVAEgozMDAwNzgyNzc4GAE&sigh=j7I_2DMKdhY&uach_m=%5BUACH%5D&cid=CAQSoAEAwksa0WmaO0aWjbuo_JuRVw4-UWra4hYdeRMgVC81jeyTVckzy7WOzRbh862lIHBCO36YzwMEA1eDildGHWSnRGAvdt5CvcryJ1uP2P9a1d35Ubqc8OdsNxUIDtGkyRlLw5pjtz814Jv6yenTYE_1ndW8khqUKrjujHpws8sdQ420L7yb1Svh6vmMD6o6aGaJS6nxWuCXUuMI6iz-VyF3GAE
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers
notify
rtb.sg1.as.criteo.com/googleortb/auction/ Frame 972E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.sg1.as.criteo.com/googleortb/auction/notify?profile=14&payload=m76tErr3AawC-gG-ZqqlGwAAAKeCVdJIxvPhIFWQ-XOS09cQxNwOaehSZDvuVN5Io04AABIAAAoOQVFVQkRnRUJEZ1lCRGdpZKdoblFnfHNTHpNTHlhK&wp=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::32 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-length
0
date
Sat, 08 Nov 2025 06:01:40 GMT
server
Kestrel
server-processing-duration-in-ticks
149987
afr.php
ads.as.criteo.com/delivery/r/ Frame 7AF3 		178 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f24b2dfc0dad979fa2e0c8ef3422a0f76c0b0dbe1a0eb69982841802823f5d8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://client-side-metrics.as.criteo.net/heavyad?cppv=3&cpp=5HG39pqT3orBc7TFvjqR3EPQ2VJce2zjNbKs4KkODvnxWypjVOXOl3w0V3VBvjlw5oTKWWPYwmW63hkRLvqthAwdk7jEs-XQGe3FrojlU_9ryjur9GQ8yVIKzNjS60NKvN6rLefFTJY8BJvakcQnPWTK6n1tn9lRoOHssUioUf-ePcexOOOZpJbzgj2Nt2AyXY0g6OLCBRbkemP-7CPbIHXhP8Gs6I6oHfMczCsq4ukxGXb1ceNHhvMW8AS1b7SuP3-b5Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
34117951
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-trace-id
3e545980b2e5390202968368e946106b
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 972E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/window_focus_fy2021.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
6020003950853699975
age
36953
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:45:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:45:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4C93 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
54227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
812
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 14:57:54 GMT
etag
9725182468138058862
expires
Sat, 08 Nov 2025 14:57:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 972E 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11924741404489600640
age
36954
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:45:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:45:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8624
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ Frame 972E 		0
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 972E 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 972E 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
1099
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
geo
ut.pubmatic.com/ Frame D678 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
pixel
cm.g.doubleclick.net/ Frame 4C93
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_cver=1&google_push=AXcoOmQUxrW0Zp2dJvY20e4co71mG-lB50md77UkfSRd1RM5YwTdiHM...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=184507380969219e&is_secure=true&networkId=14000&version=1&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_cver=1&google_push=AXcoOmQUxrW0...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQANEcNLQtWOTQIFNEAOAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAES...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQANEcNLQtWOTQIFNEAOAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_push=AXcoOmQUxrW0Zp2dJvY20e4co71mG-lB50md77UkfSRd1RM5YwTdiHMevYR7ubYF0hs_Ec0xEFOfjIKbwaWk53ApSwiLOAQ71Qzn
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

expires
0
cache-control
no-cache, private, max-age=0, no-store
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AQANEcNLQtWOTQIFNEAOAQEBAQEBAQCbYw9lMQEBAJtjD2Ux&expiration=1762668101&google_cver=1&is_secure=true&google_gid=CAESEBY0EIlvs5sQeQF6vEhP07w&google_push=AXcoOmQUxrW0Zp2dJvY20e4co71mG-lB50md77UkfSRd1RM5YwTdiHMevYR7ubYF0hs_Ec0xEFOfjIKbwaWk53ApSwiLOAQ71Qzn
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
pragma
no-cache
server
nginx
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 4C93 		0
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIu-nqwbTPs4IiBFm-bDW68&google_cver=1&google_push=AXcoOmR8uHbyQV8_Gd2gQ8r8fAQSK3_mmobyh9IaidwgKzX5mdnywO2rd7Vfy0vuDlSRYUTMuMFmwPcRxFLa77rzY1o7x0dTZQIm
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

via
1.1 google
date
Sat, 08 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 4C93
Redirect Chain
  • https://rt.gsspat.jp/lcs?google_push=AXcoOmSyso3xSju7GnBkpznFQrzXo4GZ337s0aqVR6CAEiuDK5dpTvl1tR4TE1EWjG4XCC14xTACsMj2gvJqCk4YOBYT0oDZcfmV&google_gid=CAESEOz_aMxhLFs7z3MWmXu7j9o&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmSyso3xSju7GnBkpznFQrzXo4GZ337s0aqVR6CAEiuDK5dpTvl1tR4TE1EWjG4XCC14xTACsMj2gvJqCk4YOBYT0oDZcfmV
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmSyso3xSju7GnBkpznFQrzXo4GZ337s0aqVR6CAEiuDK5dpTvl1tR4TE1EWjG4XCC14xTACsMj2gvJqCk4YOBYT0oDZcfmV
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=geniee&google_hm=-qEgToWTAz04yRul5nZAwg&google_push=AXcoOmSyso3xSju7GnBkpznFQrzXo4GZ337s0aqVR6CAEiuDK5dpTvl1tR4TE1EWjG4XCC14xTACsMj2gvJqCk4YOBYT0oDZcfmV
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html; charset=ISO-8859-1
server
nginx
pixel
cm.g.doubleclick.net/ Frame 4C93
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=g&google_gid=CAESEKnrPtclratsszWz2nFksuo&google_cver=1&google_push=AXcoOmTknWyWvHuIv9L9oogdaIqwVdX-9DDHnpP06u61J_NvKv9f4PAKsvYN08dyLrifR94zXp5p89xrJqYeWgN7ChT-9E...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=02c2065e6c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D&google_p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=02c2065e6c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D&google_push=AXcoOmTknWyWvHuIv9L9oogdaIqwVdX-9DDHnpP06u61J_NvKv9f4PAKsvYN08dyLrifR94zXp5p89xrJqYeWgN7ChT-9Eyhf4cE
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

via
1.1 google
cache-control
no-cache, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=02c2065e6c&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D&google_push=AXcoOmTknWyWvHuIv9L9oogdaIqwVdX-9DDHnpP06u61J_NvKv9f4PAKsvYN08dyLrifR94zXp5p89xrJqYeWgN7ChT-9Eyhf4cE
content-length
5
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/plain; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4C93
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESEPMqaZ3xWYMwFBdwxYal8iM&google_cver=1&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4...
  • https://b1sync.outbrain.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEPMqaZ3xWYMwFBdwxYal8iM&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p...
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESEPMqaZ3xWYMwFBdwxYal8iM&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw&google_hm=Njg5NDExYTUtNG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw&google_hm=Njg5NDExYTUtNGU1OS00MTA5LWFlNWEtOThhZGY1MTIxYTgw
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:43 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmRR7yT2g0OhesH9eVlzdQbtvVYTug13J_EPZiC9DJfj1BmzWrsoepcVB0CTqYh7fEoLJ7_p4hxTsxGpZKpF1ecyJSHkZojLfw&google_hm=Njg5NDExYTUtNGU1OS00MTA5LWFlNWEtOThhZGY1MTIxYTgw
pragma
no-cache
expires
Thu, 01 Dec 1994 16:00:00 GMT
p3p
CP="We do not support P3P header."
content-length
262
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 4C93
Redirect Chain
  • https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEMr0YAU9t8eQSVdXlYis008&google_cver=1&google_push=AXcoOmR8mR7A9MybzWwpAKXF9qkXy87D7qrE7xiGX2j9v9C1sQSIIH5emi37milXhSZ_WhOa6b_taWs0VkYKnCEYDinv8G...
  • https://cm.g.doubleclick.net/pixel?google_push=AXcoOmR8mR7A9MybzWwpAKXF9qkXy87D7qrE7xiGX2j9v9C1sQSIIH5emi37milXhSZ_WhOa6b_taWs0VkYKnCEYDinv8GqYlWVYXw&google_nid=whaleco_services_llc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmR8mR7A9MybzWwpAKXF9qkXy87D7qrE7xiGX2j9v9C1sQSIIH5emi37milXhSZ_WhOa6b_taWs0VkYKnCEYDinv8GqYlWVYXw&google_nid=whaleco_services_llc
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=31536000
yak-timeinfo
1762581701644|3
location
https://cm.g.doubleclick.net/pixel?google_push=AXcoOmR8mR7A9MybzWwpAKXF9qkXy87D7qrE7xiGX2j9v9C1sQSIIH5emi37milXhSZ_WhOa6b_taWs0VkYKnCEYDinv8GqYlWVYXw&google_nid=whaleco_services_llc
cf-cache-status
DYNAMIC
content-security-policy-report-only
default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
cf-ray
99b2db72bb53d755-NRT
x-gateway-request-id
1762581701644-00009076110170730000000008565058-20
cip
146.70.201.135
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
server
cloudflare
pixel
cm.g.doubleclick.net/ Frame 4C93
Redirect Chain
  • https://gtracenep.admaster.cc/ju/cs/google?google_gid=CAESEBE80h5SrJEGOqC7ht_7JHs&google_cver=1&google_push=AXcoOmTioAYz9a75oPG7KG2qnDxtKFb8rcBqcyC_CD1IZ5Etrmyklv7_jEZTqrBXptfgLghPkju5jltYVMBSrheUc...
  • https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmTioAYz9a75oPG7KG2qnDxtKFb8rcBqcyC_CD1IZ5Etrmyklv7_jEZTqrBXptfgLghPkju5jltYVMBSrheUc0welDy9mwdlXg&google_hm=05a3810e84983ed92...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmTioAYz9a75oPG7KG2qnDxtKFb8rcBqcyC_CD1IZ5Etrmyklv7_jEZTqrBXptfgLghPkju5jltYVMBSrheUc0welDy9mwdlXg&google_hm=05a3810e84983ed920746500mhpvmx6w
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmTioAYz9a75oPG7KG2qnDxtKFb8rcBqcyC_CD1IZ5Etrmyklv7_jEZTqrBXptfgLghPkju5jltYVMBSrheUc0welDy9mwdlXg&google_hm=05a3810e84983ed920746500mhpvmx6w
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/plain; charset=utf-8
access-control-allow-headers
Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 4C93 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LzpJDfQzBBg_boYoSVVIDiMddFA7AkOZYosGSpRgMVF_oxAXZo_9fbY2a6bnVFXP4Y5usUxZbU
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
text/html
server
HTTP server (unknown)
im-uid.js
dmp.im-apps.net/sdk/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c23 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
db3ae6ff73fea8460f224a488eee66454435d68b2d8d02bcc0adcf7696645ad7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=9385
content-encoding
gzip
etag
"4b1c4bdb22699af828f7e87a97a75eef"
x-amz-version-id
GN0oOyMAQCREmQzkynYHexmbDUQdEVgx
expires
Sat, 08 Nov 2025 08:38:06 GMT
accept-ranges
bytes
content-length
2738
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 06:01:41 GMT
last-modified
Fri, 07 Feb 2025 09:28:46 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
segment
sync6.im-apps.net/6837/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/6837/segment?token=X19pbV9zaWRzMw
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:54::1738:2a Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a2eeed8fe168a445ee74de3a9b9a4747c28fd24c6156f9018a6dee859e2404f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Cache-Control
private, max-age=1800
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
Content-Length
2517
Date
Sat, 08 Nov 2025 06:01:41 GMT
Content-Type
application/json
Vary
Origin
id5-api-js
api.id5-sync.com/analytics/1159/ 		1 KB
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.id5-sync.com/analytics/1159/id5-api-js
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
83de9801a4f07263f867436b33b6a63fd660f2f343dd4467ce19c0ea41e0a313
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=300
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
privacy_small.svg
static.criteo.net/flash/icon/ Frame 7AF3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42ba84-6aa"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 7AF3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42b9ee-759"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
close_button.svg
static.criteo.net/flash/icon/ Frame 7AF3 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"5e46a5e4-134"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
308
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
back_button2.svg
static.criteo.net/flash/icon/ Frame 7AF3 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"626a59dc-125"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
293
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
lg.php
cat.jp2.as.criteo.com/delivery/ Frame 7AF3 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=BciliTCtPTLTAfe0gotYDhoCkK7GOyPPjmIfSqKY1oyer_2G79JT4n1kumkm6forDui7jN6bPDbbGwXxFH-kD5yuGLWunuImsySbeTMoqYCMiu1j8x_N1HfuydPvvmymA8PixmaJHXXdqwnLORsekvDTcNHtAeicWbVgIzQC5fmCBsWMeYUbIGkxJt2QVZ-bi93QN_WIFq5Xpzkm0FwPTBQVJ3GZH3InMLn-qQPi_p03IcJ_UJZqzw9hYepKnSr_XwG-qRqB8zL8c4aZ4hWAfwJmoLIWkJQsIYB8b33p1rqnIcFnGihQQto-C-1Tc_8aUGWvaocjpQxXL7z9xt6DNYnop30SVsSBZcVwtY2KZ5izwXEUAXPufj6dvmbM0lw-PcTU1dXoVqp4qDIcm0i95xDno7KQ_i4vzB-HGeu-LG5LjxJ-aHdPeG0LonFc-xSydldp9LUH5lvtXzMcXMTGr0JKAcyL7AJs6mE1J81ZFnPF8xFYyKWtkb0sHw6GiMknyQ6Vm1VpzKoroRG1qRysbRb0TKCx52cOwbaThjJqdWho3jNp
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::31 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1938143
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 06:01:40 GMT
content-type
image/gif
server
Kestrel
register-source
measurement-api.criteo.com/ Frame 7AF3 		2 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://measurement-api.criteo.com/register-source?impressionId=690edcc531caef765e965925bf3d0ca2&partner_domain=leopalace21.com&external_uid=eaa2a331-aac6-45a5-83c1-594687947d26&partner_id=4652&source_type=event&campaign_id=300734&marketing_objective_type=0&creative_type=1&hashed_external_id=5414317638871888531&hashed_external_id=99311092031915010&hashed_external_id=-553270461203193327&hashed_external_id=1351116016725569187&hashed_external_id=8133718089988950996&hashed_external_id=-7182163816736974671
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html
vary
Accept-Encoding
server
Kestrel
animejs.js
static.criteo.net/animejs/ Frame 7AF3 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5c9a64eb-3181"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/javascript
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 972E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 972E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 972E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52a9a4beff1dd28039c44030d62d189d80de6c7f6fcef6af4df8ee7dbd362db0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
static.criteo.net/design/dt/4652/4537618/ Frame 7AF3 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/4652/4537618/cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
063b98aee45fb1fd1e70b83917ad0efe7b1011e2151b3aa49ec6812a9be64f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"648819f3-11d2"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
4562
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/jpeg
last-modified
Tue, 13 Jun 2023 07:25:39 GMT
server
nginx
005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8Whj...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8WhjYkZCZlUAm6eaNTouEQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
79d2c8ad1333cac8f8b0358e19d2537973f81832d22286c474dc411c236b0b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=31104000
timing-allow-origin
*
age
140265
cross-origin-resource-policy
cross-origin
x-trace-id
53db02890fd9240390b65f861354654a
expires
Sat, 24 Oct 2026 10:27:15 GMT
accept-ranges
bytes
x-cache
hit
content-length
17506
date
Thu, 06 Nov 2025 15:03:55 GMT
content-type
image/png
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuN0cLorJvPrrRYKiHjHRzBiWKYtHsPrDsVYF9I3Mf9bwH8HJYm4t7t0GqyESxVLXogFLXYbvoKEwqHkBN42WrehFqCKyq4ZB9B12NXSET5RoNdSFE5gxK5C1FmUqVtN9L6w3nbr9HhiMancq3BKGc8L1IzCjByzvoeYmpOOLyyQWjy6u3yDSZ...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuN0cLorJvPrrRYKiHjHRzBiWKYtHsPrDsVYF9I3Mf9bwH8HJYm4t7t0GqyESxVLXogFLXYbvoKEwqHkBN42WrehFqCKyq4ZB9B12NXSET5RoNdSFE5gxK5C1FmUqVtN9L6w3nbr9HhiMancq3BKGc8L1IzCjByzvoeYmpOOLyyQWjy6u3yDSZofMsBFTt?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
443e6bf288ee90b8bf09b3d39e6b2b9ce36888c98ba180ad2039aaeeb2af88f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
51527
cross-origin-resource-policy
cross-origin
x-trace-id
7cbbf9557119d292bc8e8f0aa4eff5b3
expires
Fri, 07 Nov 2025 15:57:13 GMT
accept-ranges
bytes
x-cache
hit
content-length
15098
date
Fri, 07 Nov 2025 15:42:53 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuPDbHuD7gxlIEQTSSCHKtH6TkNKGIFRGlAKS8OBk71ryaXbnY6XHCoghaAHrJ9a2bxBJoaYZ6XYQjIqiAwa8LywMaZbLXlcvkZ7kyhqT8n7jXYMVQ9O27ivhtiEBhjaTOKXQnXV63JlCOIEfFnKc1GADaUdugormHJYmHPbvWSwcFJI397Nau...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuPDbHuD7gxlIEQTSSCHKtH6TkNKGIFRGlAKS8OBk71ryaXbnY6XHCoghaAHrJ9a2bxBJoaYZ6XYQjIqiAwa8LywMaZbLXlcvkZ7kyhqT8n7jXYMVQ9O27ivhtiEBhjaTOKXQnXV63JlCOIEfFnKc1GADaUdugormHJYmHPbvWSwcFJI397NauggzXzFFa?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2a9ff82f2f1cb2520dd4c7ebfb31ce5ff1b3fc65284c6283691a72d3f4363fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
52041
cross-origin-resource-policy
cross-origin
x-trace-id
cb146493b72b78adffff9530bfd1c096
expires
Sat, 08 Nov 2025 02:50:10 GMT
accept-ranges
bytes
x-cache
hit
content-length
14522
date
Fri, 07 Nov 2025 15:34:20 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuO79b4RqxAyyFX9hM9EUkqoGl2zvPKmjP0kpHtzyXs1AMLgaaZtbI6HGIJgeFVgS4rd04inRYDUBgDVsHsKAUDGDy9owmFoXPnIiRFgEUD401bOANaxaM2DXUJlxmrDbA0VMJ47K0lhsmy13Gm3XkrBpi1PgGvAONnnH1firmlwIDBwFnmifw...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuO79b4RqxAyyFX9hM9EUkqoGl2zvPKmjP0kpHtzyXs1AMLgaaZtbI6HGIJgeFVgS4rd04inRYDUBgDVsHsKAUDGDy9owmFoXPnIiRFgEUD401bOANaxaM2DXUJlxmrDbA0VMJ47K0lhsmy13Gm3XkrBpi1PgGvAONnnH1firmlwIDBwFnmifwNgd3Rrgp?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
43358bca5c242d4183ccae0d97d2bfbb16b08acb7f4de5d07c99e860487030b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
48875
cross-origin-resource-policy
cross-origin
x-trace-id
d930b2522096ad370c042a6a8cc37cac
expires
Sat, 08 Nov 2025 10:40:08 GMT
accept-ranges
bytes
x-cache
hit
content-length
14358
date
Fri, 07 Nov 2025 16:27:05 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuOTuUEJKHCmVpFL4C1sggweG05UHWJyJ8Gq2AW2cPLejSvZxd5mbOJirhV7YRMTteBui4oE5WlRSczkdgCf81TWU4YiGeGa9sK1PcKDxGiMo0iZ0ECzbVcJPpYDvfJf6FPisyS9SXIxwCf2xLYYUZQnibZGtoWzZiGTH4M1lFVll5tXMklLdj...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuOTuUEJKHCmVpFL4C1sggweG05UHWJyJ8Gq2AW2cPLejSvZxd5mbOJirhV7YRMTteBui4oE5WlRSczkdgCf81TWU4YiGeGa9sK1PcKDxGiMo0iZ0ECzbVcJPpYDvfJf6FPisyS9SXIxwCf2xLYYUZQnibZGtoWzZiGTH4M1lFVll5tXMklLdjcyxYksS9?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
185cc66145e03e14b111edfb67384284d73681c0bf6b304bf463301634e06187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
53871
cross-origin-resource-policy
cross-origin
x-trace-id
2a2ec11cc2abb231aeeb1fd99e9f4825
expires
Sat, 08 Nov 2025 07:09:58 GMT
accept-ranges
bytes
x-cache
hit
content-length
13128
date
Fri, 07 Nov 2025 15:03:49 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuNNjZDcXwB8Lxh0vhmiEmfHAeM1xH9I3GNbavdUvC2buP9SBOtzNDoslQhWmojc1VYVOHpcV43mZHuYBgp7XC7VA4NX92kyqgCxvuYHlW8Hu5VIeD3VSN049F05Tm1oNT9JagclzxgZjGg43c0o6MUp1c7DOf4YijqBzv0dSW2ugcwlSd6oPv...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuNNjZDcXwB8Lxh0vhmiEmfHAeM1xH9I3GNbavdUvC2buP9SBOtzNDoslQhWmojc1VYVOHpcV43mZHuYBgp7XC7VA4NX92kyqgCxvuYHlW8Hu5VIeD3VSN049F05Tm1oNT9JagclzxgZjGg43c0o6MUp1c7DOf4YijqBzv0dSW2ugcwlSd6oPvh5z9dvsI?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
188393024984188198ce350323b76f9d58d754f9613193b3214389889dd8c451
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
51495
cross-origin-resource-policy
cross-origin
x-trace-id
b6755aefe37399f16304f328590b594d
expires
Sat, 08 Nov 2025 00:58:27 GMT
accept-ranges
bytes
x-cache
hit
content-length
10326
date
Fri, 07 Nov 2025 15:43:25 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuPaz7p3AdqN2A2ZzD8zEcEHwHTebH2q3s6vO3Wi40UiFcrImolWJKr3ksL2lVZlRKTmnFIodf0TMgy00NJgTssH0TeB3BMoOsfOMhyIbixkGJOVkJ27sWf7aeBSf8SKYZaRLuEEOwoZ6LgzEZ7v336VF3P85d59iq6XURQwFffKi4lY3zyFDc...
imageproxy.as.criteo.net/v1/ Frame 7AF3 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuPaz7p3AdqN2A2ZzD8zEcEHwHTebH2q3s6vO3Wi40UiFcrImolWJKr3ksL2lVZlRKTmnFIodf0TMgy00NJgTssH0TeB3BMoOsfOMhyIbixkGJOVkJ27sWf7aeBSf8SKYZaRLuEEOwoZ6LgzEZ7v336VF3P85d59iq6XURQwFffKi4lY3zyFDczMhGE8jI?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
697b449557efa4bbdab9b31612e352a156631fbc277f73626d6f67bcd074bcce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
55410
cross-origin-resource-policy
cross-origin
x-trace-id
38ce17b727266a84f975fe67b45be94f
expires
Sat, 08 Nov 2025 09:25:03 GMT
accept-ranges
bytes
x-cache
hit
content-length
16244
date
Fri, 07 Nov 2025 14:38:11 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
all
client-side-metrics.as.criteo.net/ Frame 7AF3 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=5HG39pqT3orBc7TFvjqR3EPQ2VJce2zjNbKs4KkODvnxWypjVOXOl3w0V3VBvjlw5oTKWWPYwmW63hkRLvqthAwdk7jEs-XQGe3FrojlU_9ryjur9GQ8yVIKzNjS60NKvN6rLefFTJY8BJvakcQnPWTK6n1tn9lRoOHssUioUf-ePcexOOOZpJbzgj2Nt2AyXY0g6OLCBRbkemP-7CPbIHXhP8Gs6I6oHfMczCsq4ukxGXb1ceNHhvMW8AS1b7SuP3-b5Q&sds=2&rev=102983&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
x-rate-limit-limit
1s
x-rate-limit-reset
2025-11-08T06:01:41.7515280Z
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-rate-limit-remaining
8113
server
Kestrel
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7AF3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"60af9cf7-891"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
privacy.svg
static.criteo.net/flash/icon/ Frame 7AF3 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxQACvYYCD1rnADXG94F9SROGUofJm10o8Q&u=%7Cdf07B2MyxcEJBQXEcJfVl01T4Ii8wxJqWEqv8uF1QVk%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFL1TglSufPqiK5qD3b0araVuctU3Rt657XBLj7rWATpbfEHdiNej_5vldWVwWQT4nLMfDoZdlU4UiMhRKhCHWsh8lyaq_YgXTpae5Pl0hzdBrHGmAzPmTuI9cGJqhKQpnn1MOOW9ka5xeqpX8-B1H5YlNsILxAplKMvGX2zvqOhQIz7cNQoul-nwu9MMo6007n3gv7dcXmnc2jr9xTk_98KEArBDm_BhzFbJI8D9G7IZiqVKSHFonTFGoGc6B2d6EKMXi5eLn2_pqxZxG2XSbSIDlVvtORL1QIPmaawYYXft8CXZ24BweUvIIQ1qJuGc7w8BWIOu3JoMQusDU8Xcw-T-I73JdMNiG--dr9MqCFo8JQKOK6q16wtywJRsX1CjpVqaMjn5CaBy_PhMDm-Vb22tXM4iHhQtKrLKF-lEgkAcyJMt4fK-WR3UUYQm0KqGDrfIXALVk4pkiD9NAQtVEPMWnqYfwF2JhMaTGvabTBCyUo9qZg3odhK6f_HLS57FMrBJRaZS0BlPPAA3ORThUQqfw-YEPpFYOLSDgw64Iqti99SUs0fr53VWRUlTBsIbtmVPH_EqadMahnUlKaPCTatVKw5Pi6t3BEtmLfEXVaEBEihG1CwzZiYzpR3tYyApfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCurGbxdwOaYb7Cue1vcAP943X4Q3Rvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9Dr6y2abQWWyaI-Ep-d4fe-2HXwvc4GdtCYJbsiuPLMzYSakv_0qgZDNI_ZCqW4ub7Of-atyVDYOdVY7HtnfUOrcDkB9qCNBwi0wSHKaf7iIPPOYbRZUoc968ugCOO3ybUhglvdRByZIqaM8hhXy0BMBWoDuYNeJ6T6YvJ0SpLLusPh9m4U8wRlkl7Okb5rIuSyG5STGKOg9G2KgeXLJSh-jP-2L1d-qdZ-YRlHtcaRIt9DhUNZW5hbLdpOoVu6tuQjkvs31nZTbNnJKZUgixLknNXdEc7uEZgulO-Fbv4HIKORZpA0rE1hU2TLZ6roVKjuVy9aX4ztUWCT-kI1yLnK6caNLWu-X_2s8khGr96mDjVb4WxfICipnNo_z5ozQrs6j7fdsh_kgctF5Yigcqxq6D0l0G7gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliTnr3B8OGQA_oLAggBgAwBqg0CSlDiDRMI__C9wfDhkAMV51oPAh33xjXc6g0TCKe_vsHw4ZADFedaDwId98Y13IgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJPo7C-2f6tUASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_2huRixWk_I9gcE22SSUFoeG_GkWw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e4d1491-646"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:01:41 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/svg+xml
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 972E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
set
sync.im-apps.net/imid/ Frame BB97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm
  • https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEMGX5UvqpqNqi20cHHwet04&google_cver=1
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEMGX5UvqpqNqi20cHHwet04&google_cver=1
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Server
23.50.118.175 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-118-175.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 06:01:41 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
no-cache, must-revalidate
location
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEMGX5UvqpqNqi20cHHwet04&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
305
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
adsct
analytics.twitter.com/i/ Frame BB97 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=980&p_user_id=W2BsMLRpT0GUoF_PB1njzQ
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=631138519; includeSubdomains
x-transaction-id
34feb652535e621d
cache-control
no-cache, no-store, max-age=0
origin-cf-ray
99b2db735dfae35f-NRT
cf-cache-status
DYNAMIC
cf-ray
99b2db735dfae35f-NRT
x-response-time
6
content-length
43
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare envoy
x-served-by
t4_p
set
sync.im-apps.net/imid/ Frame BB97
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1
  • https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=20657a5b-463b-4127-b06a-ab3e93a99895
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=20657a5b-463b-4127-b06a-ab3e93a99895
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Server
23.50.118.175 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-118-175.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 06:01:41 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

location
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=20657a5b-463b-4127-b06a-ab3e93a99895
content-length
215
date
Sat, 08 Nov 2025 06:01:41 GMT
server
Kestrel
tr
universe.send.microad.jp/ Frame BB97 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universe.send.microad.jp/tr?service_id=10193&cbt=018874&kv_set=%5B%7B%22unv_member_id%22%3A%22W2BsMLRpT0GUoF_PB1njzQ%22%7D%5D
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=86400;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=86400;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
1; mode=block
content-type
image/gif
server
nginx
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
asr
aid.send.microad.jp/ Frame BB97 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/asr?v=1&code=9KxCwSzdigA&format=pixel&enc_params=W2BsMLRpT0GUoF_PB1njzQ
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Strict-Transport-Security
max-age=3600
Connection
close
Access-Control-Allow-Origin
*
Content-Length
43
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Date
Sat, 08 Nov 2025 06:01:41 GMT
Content-Type
image/gif
Server
Apache
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame BB97 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fb6.im-apps.net%2F1007854%2Fmap%2F%23PM_USER_ID
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/html; charset=UTF-8
container.html
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 1D5F 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:40 GMT
expires
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bh.json
b.im-apps.net/ 		38 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.im-apps.net/bh.json?d=twinklesphotos.exblog.jp
Requested by
Host: cdn.audiencedata.net
URL: https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.1.49.34.bc.googleusercontent.com
Software
/
Resource Hash
a09762026ec520a31e93196fcb5872c7c555da62af9779a85becb8b26689cf62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
access-control-allow-credentials
true
container.html
bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame ED53 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:40 GMT
expires
Sat, 08 Nov 2025 06:01:40 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 1D5F 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 1D5F 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
3283
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMgFYOE6fKsPDr%2Bty8nGsEuiF4%2BEm8n2f9a0HQ75w7ivAa9COg9lgGNpjU%2FRI3kRPX728vnb9qUD%2FZHC%2Bjv3gIs2dc0AAVd4d6IDgl2MiQg7Za9xP8xBFpuljL5Ubj3Yk1KUOqPHYLWI2XwJw84%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b2db73b896ae95-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1D5F 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
1099
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 1D5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhfDl9xCvZlq8WL6x95ay89qO3pkTrFUnvbV62noKUWIC1IR505WhZl2K4i6NdtP4VVH8GNF77vVTyc1VVVp2OpRP273GCj3VTRK2v_ho7dVNVYhI-Xhfz2UjWBaO59VXJ9MSf7XsklGl7TvLy8Q07LTRlhY-z-8HRKwiMweDE3NAUKJwRhIH7wEIZ331PHGtPTJEaJ-CP0yZ11_9lnXSdJI4SfQwE0xggNVfVqPMRhmzWtMSjzKgMYx05t97wqSzLXS_6nt7YmZ1LawqB6iW4KglRWc-muCTWdQ_RWvTc0WstZVgD-KxYfE-alyoyge_DlKKtOTYQbPf8Khm1yS8jjEpvSVDfy2Q6E8q53G_SBQqEP7H-fll8EdTC9smLLRvoEMdRSVCataso3LqDHwjTyrRAlGvY9_hyis3b96UiNd7pzAvehOH3ySEuj7_1IRriihdMC_2HSnhVTMn-2A5zZpE&sai=AMfl-YR2jDtjwqhKDIxn3c_77Lg_G6B15U-TEBOyo6dLTPfWZsKQ4NZmBo5zXjHXsQDLrVyAYuT8u2_M3qp5maLfv0mSTMnNLwFHRLh_R8cNLE-d1omAD9zTJdG7ze0Rcc5_xNIvL5izNdsP89Qc1Ddf49wOec1ypt2H1Ye5BpM-jA7EyOXbn4YyCTtR0cMiuiANVc5VyDvGMXB4h1T14VPua5jY6fmFrtkJ-YYNO99PaaHI7RWpDm2B_LrJRad-S4TNREkvWjQ&sig=Cg0ArKJSzIPqnYolVe0PEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pageview
audiencedata.im-apps.net/ 		0
195 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/pageview
Requested by
Host: cdn.audiencedata.net
URL: https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d959:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
access-control-allow-credentials
true
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7011079050359884
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358871
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:41 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db73ce522644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame ED53 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame ED53 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
3283
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tMgFYOE6fKsPDr%2Bty8nGsEuiF4%2BEm8n2f9a0HQ75w7ivAa9COg9lgGNpjU%2FRI3kRPX728vnb9qUD%2FZHC%2Bjv3gIs2dc0AAVd4d6IDgl2MiQg7Za9xP8xBFpuljL5Ubj3Yk1KUOqPHYLWI2XwJw84%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b2db73b896ae95-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame ED53 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
1099
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame ED53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgbU8h1BgrlAolWbanAk64tBGhHgT_mmGAfE22QFkMh5LPDjGPbbcxzaTgPoIlsIadNicOAo0nbVEX34YdVoOQwt8YThCBoAsSebXK6d7pC8AGoF9s6guuegNNgIzm6jU3n3f-3dQjtLzQLcedeKVevWSzWOhD--wxAFKiMbQwfXsiMFZs5mEBSuKMsrvvVOHZPiRyqAp-GULRzkELtK-huSXQz4ZPubP37D8brGl7sHc2XEfpqhmTfmHtjJmxwKUSPbe9DMZ_-nSd-xIWFwu6Uv7AgUPHCUOFeevyNRaSvvykPz1j4BcwTwCUReKUdpnSRDCujGxZPwxIE4XUkJ-Jw23319PjzouyRReT1R_vxg_R0yjT24nhiARYcFI6iak4S4GnFWvS_gopB77RrgxguJD9Vm-i_Zqb_kpKd7jZ3YlDuCj6Dn9UAl9NuqieEcH7JhD3K4IfZ9gU9uLGuvbO8oTqpg&sai=AMfl-YQASF35lSU8W_UrY-PDk_Xw_ZibPGj7kME7UL4lzhMH-4oGAK0pCkAJxNk8aByn4jVbpr5Az6hKmBFjt1Iy7Lajn5THWtQ2osElhnpLOrV_OymejPug0c89ZadVHBXa772stttcxYYZI9PYhmBvsBmMgX4R9nv6y7HV2sq5WDWJmbp-LnSDeDabGa3QcHF0jr-LJxISTrjmgmG8sPK8xtK0-LEpd3UtzFcOrANnjz8yZAJkMO2QURV5igOd9fSo8PKuKg&sig=Cg0ArKJSzK15uL3PnciAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
URL: https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sync
cs.adingo.jp/ Frame 61E0
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=fluct&khaos=MHPVMX4Y-1C-7DVJ
  • https://cs.adingo.jp/sync?from=rubicon&id=MHPVMX4Y-1C-7DVJ
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync?from=rubicon&id=MHPVMX4Y-1C-7DVJ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
52.69.229.53 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-69-229-53.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:01:42 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cs.adingo.jp/sync?from=rubicon&id=MHPVMX4Y-1C-7DVJ
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
550b0c1400f70e56269f7c1848fb3166
content-length
0
Content-Type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame ED53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-f0bceb715819ea813b4d98fe0c691c8f-830808cb368763a6-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
f0bceb715819ea813b4d98fe0c691c8f/9441806287668470694
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1D5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame ED53 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9f5a8f420386f16c66168ee619b790fc8ed63fe4c8678740dd3100caf46d61e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 1D5F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
851631a2c59fa0a417a165c3bb39f6b170d9a8ea2736b0c76ab9b5d9a1c956e3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 8EE6 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T060141Z-r18f5df8b775ssqrhC1TYO0nas0000000d3000000001kyzw
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
bb46bb74-c01e-0044-20db-4d3142000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:01:41 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame 8EE6 		153 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T060141Z-r18f5df8b77gh7qxhC1TYOzgd00000001330000000005b7y
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
83639624
x-ms-request-id
d7c21a30-001e-00b3-414b-4e52c2000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 06:01:41 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
it
sin3-ib.adnxs.com/ Frame 8EE6 		0
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443959%252F&e=wqT_3QLjCKBjBAAAAwDWAAUBCMS5u8gGELWd27mqy4aWCxgAKjYJAACAgLDhpz8RAA0JJBkAAADgo3DlPyERGwApEQn0FwQxAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeN_UBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTkvgAMAiAMBkAMAmAMXoAMBqgPkAwr5Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTczOGFjODcwLTMzZjctNDMxMS04Mzk0LTUyNGQ0OTNjYzY5YiZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1SU1YmaW1wSWQ9ODA1MDQ3NDEwMDQ3MjQxOTA5Jm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NzVmMDZlM2QtZTc1NC00ZTRhLWJiMjUtNGFlNTQ3MTQ0YzFmJnJlZ2lvbj1hcGFjJnJ0eXBlPW51cmwmdGFnSWQ9MzUwOTE0MTAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJnViZXJHcm91cD1ob3JlXzNjJnViZXJTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSODA1MDQ3NDEwMDQ3MjQxOTA5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESXlOVGMyTWpZM056YzVNVE1qTWpNek5EQTFOekF5T0RNek5EUXhOdz09SADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdSz8bH-7vSADMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcrXqwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAff1AXSBw8JAAAAAAAAAAAQABgAIADaBwYIABAAGADgBwDqBwIIAPAH69oEighHCkMAAAGaYg5doAssGlqnNs61wYrxiDN25X5ZrDqjpVxhV0gf624mVYstk19-JbEA-liv8joIXYqXlGS2A1_57TW7CKnfEAGVCAAAgD-YCAHACPxD0ggLCPP_37uAHhAAGADaCAQIACAA4AgA6AgA&s=1943d583ca4f1560adeaa71c4f2a73877b93cf0b
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.51 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
15bda766-bf68-4ecd-a2b2-f9bf2acc7e93
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 4CA3 		128 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T060141Z-r18f5df8b775ssqrhC1TYO0nas0000000d3000000001kyzw
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
bb46bb74-c01e-0044-20db-4d3142000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:01:41 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame 4CA3 		153 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::69 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T060141Z-r18f5df8b77gh7qxhC1TYOzgd00000001330000000005b7y
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
83639624
x-ms-request-id
d7c21a30-001e-00b3-414b-4e52c2000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 06:01:41 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
c.gif
www.bing.com/aes/ Frame 4CA3
Redirect Chain
  • https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443959%252F&e=wqT_3QKcCqAcBQAAAwDWAAUBCMS5u8gGEMiHt6i7gMDOcRgAKjYJ368fg4bdtD8R3w0JJBkAAAAgXI_qPyE...
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=def5dd8d-ef1a-4698-a9eb-0155a16fa06a&bidId=2&bidderId=4&cmExpId=RSV&impId=8186699713551909832&oAdUnit=391466&publisherId=162645330&...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=57ed8897cc2b447f9c4b74ae603047a8&SNR=1&GV=2&med=10
0
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=57ed8897cc2b447f9c4b74ae603047a8&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Server
2600:140b:1c00:47::1734:8cc2 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.84813417.1762581702.de58b9b
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0D9D5AAC805E4870A004C18CDE6A51E2 Ref B: TYO201151003023 Ref C: 2025-11-08T06:01:42Z
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
vary
Origin

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=57ed8897cc2b447f9c4b74ae603047a8&SNR=1&GV=2&med=10
x-cdn-traceid
0.84813417.1762581702.de58b6a
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1B1F418A03204909B7B7DEE07896DCE8 Ref B: TYO201151002042 Ref C: 2025-11-08T06:01:42Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
150
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
text/html; charset=utf-8
vary
Origin
get
audiencedata.im-apps.net/imuid/ 		34 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6837&vid=01K9H0WS15XXMZN22M2YHB9H4D
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d959:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ba152663823b88e71145fc3f8da496e77baed6e32e1cffba1c1f20c246823243

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
access-control-allow-credentials
true
activity;dc_pre=CMa778Hw4ZADFeVBDwId1pUFcg;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F334...
ad.doubleclick.net/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2...
  • https://ad.doubleclick.net/activity;dc_pre=CMa778Hw4ZADFeVBDwId1pUFcg;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwi...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/activity;dc_pre=CMa778Hw4ZADFeVBDwId1pUFcg;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F?
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/activity;dc_pre=CMa778Hw4ZADFeVBDwId1pUFcg;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33...
10208769.fls.doubleclick.net/ Frame 44A5
Redirect Chain
  • https://10208769.fls.doubleclick.net/activityi;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2...
  • https://10208769.fls.doubleclick.net/activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%...
890 B
640 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10208769.fls.doubleclick.net/activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10208769&l=itm_dl1&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.77.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrtb-ac-in-f6.1e100.net
Software
cafe /
Resource Hash
22b8636f365187b34d5de96474eb62f4bb2e64e26195f7a5ea58f112446d59ac
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
530
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:42 GMT
expires
Sat, 08 Nov 2025 06:01:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10208769.fls.doubleclick.net/activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tap.php
pixel.rubiconproject.com/ Frame 61E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=OQlG2gmgejiat6J1UZIWCcn5EUdSAgOZEtemQ7w0kco&csrc=
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=OQlG2gmgejiat6J1UZIWCcn5EUdSAgOZEtemQ7w0kco&csrc=&verify=true
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5CG0.qtE2oJhjw351q3yYC261RSwumlqQ189FQ--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5CG0.qtE2oJhjw351q3yYC261RSwumlqQ189FQ--~A
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4290507b7388fb86809e552482e2fff0
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-5CG0.qtE2oJhjw351q3yYC261RSwumlqQ189FQ--~A
age
0
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
text/html
server
ATS
tap.php
pixel.rubiconproject.com/ Frame 61E0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN55ktsm0k61Eq6FmAhmwKo&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN55ktsm0k61Eq6FmAhmwKo&google_cver=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN55ktsm0k61Eq6FmAhmwKo&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Sat, 08 Nov 2025 06:01:41 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
dcm
s.amazon-adsystem.com/ Frame 61E0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
HT6Q794FX6K1K1K8FR77
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:01:42 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
R3YSNP6PGGE6C1NBQDNT
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:01:42 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
pixel
cm.g.doubleclick.net/ Frame 61E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTZlMjJjMmJmNWE3ZDM0YzRiMGE3NTM2OWVjZjNmNmI2NDE5ZTA4Yw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTZlMjJjMmJmNWE3ZDM0YzRiMGE3NTM2OWVjZjNmNmI2NDE5ZTA4Yw
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTZlMjJjMmJmNWE3ZDM0YzRiMGE3NTM2OWVjZjNmNmI2NDE5ZTA4Yw
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Pragma
no-cache
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 61E0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20657a5b-463b-4127-b06a-ab3e93a99895&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20657a5b-463b-4127-b06a-ab3e93a99895&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=20657a5b-463b-4127-b06a-ab3e93a99895&gdpr=0&gdpr_consent=&expires=30
content-length
289
date
Sat, 08 Nov 2025 06:01:41 GMT
server
Kestrel
ecm3
s.amazon-adsystem.com/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=MHPVMX4Y-1C-7DVJ&ex=d-rubiconproject.com&status=ok
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MHPVMX4Y-1C-7DVJ&ex=d-rubiconproject.com&status=ok
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Server
98.82.156.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-107.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
CYTMDM8AXXHXXVFX78CE
Content-Length
43
Date
Sat, 08 Nov 2025 06:01:42 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MHPVMX4Y-1C-7DVJ&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
content-length
0
Content-Type
text/html
setuid
px.ads.linkedin.com/ Frame 61E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPVMX4Y-1C-7DVJ
0
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPVMX4Y-1C-7DVJ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: DC4AB3E66B9C4F6FBD6A2FC9C3073B41 Ref B: TYBEDGE0315 Ref C: 2025-11-08T06:01:42Z
x-li-fabric
prod-lor1
x-li-uuid
AAZDDwg/r3h/CBlPpfeRXg==
x-li-proto
http/2
alt-svc
h3=":443"; ma=86400
x-cache
CONFIG_NOCACHE
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPVMX4Y-1C-7DVJ
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
7d5ff5cea86970f029093dfe0a29d015
Pragma
no-cache
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 61E0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
ZTGZMN94EB4Z92WZYMXG
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:01:42 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
409ENC637T7A932XDBTJ
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:01:42 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
usersync
sync.springserve.com/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=52948
  • https://sync.springserve.com/usersync?aid=1000025&uuid=MHPVMX4Y-1C-7DVJ
43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.springserve.com/usersync?aid=1000025&uuid=MHPVMX4Y-1C-7DVJ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
100.29.93.34 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-29-93-34.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-allow-origin
*
content-length
43
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/gif
server
nginx
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.springserve.com/usersync?aid=1000025&uuid=MHPVMX4Y-1C-7DVJ
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
Pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 61E0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUhQVk1YNFktMUMtN0RWSg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEM7q15YSsAR92Vz3sPouBxs&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQVk1YNFktMUMtN0RWSg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQVk1YNFktMUMtN0RWSg==&google_push=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQVk1YNFktMUMtN0RWSg==&google_push=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
content-length
0
Content-Type
text/html
rp
match.prod.bidr.io/cookie-sync/ Frame 61E0 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.181.74 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-181-74.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
Server
gunicorn
setuid
pbs.yahoo.com/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
0
0
setuid
ib.adnxs.com/prebid/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
146.70.201.135; 146.70.201.135; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
0f912db0-dc49-45c3-9205-bdc77ea9793a
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.25.5

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPVMX4Y-1C-7DVJ
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
content-length
0
Content-Type
text/html
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MHPVMX4Y-1C-7DVJ
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPVMX4Y-1C-7DVJ
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPVMX4Y-1C-7DVJ&ckls=true&ci=Y1MSyYjRLD&nc=false&trid=-937318272
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPVMX4Y-1C-7DVJ&ckls=true&ci=Y1MSyYjRLD&nc=false&trid=-937318272
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
54.230.175.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-123.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 ed4fd35fc2f0e41345112708487b121c.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/gif
x-amz-cf-pop
NRT57-P9
x-amz-cf-id
gG4Szh97i_Gw9BMRmsMEdVmbuPw6VDnMVf-l1hSSjl7IpTevpDfdog==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPVMX4Y-1C-7DVJ&ckls=true&ci=Y1MSyYjRLD&nc=false&trid=-937318272
pragma
no-cache
via
1.1 bbc3cea1561b58f968326ca77586dda0.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/gif
x-amz-cf-pop
NRT57-P9
x-amz-cf-id
zyIpRyEVwZWRlb_tb4cxzQNs5sZP60bRtVzfrDkwkCwlzLlKXVIMFA==
magnite
sync.a-mo.net/setuid/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://sync.a-mo.net/setuid/magnite?uid=MHPVMX4Y-1C-7DVJ
0
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/magnite?uid=MHPVMX4Y-1C-7DVJ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
131.153.206.103 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 08 Nov 2025 06:01:42 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.a-mo.net/setuid/magnite?uid=MHPVMX4Y-1C-7DVJ
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
content-length
0
Content-Type
text/html
pixel
capi.connatix.com/us/ Frame 61E0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=MHPVMX4Y-1C-7DVJ&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=MHPVMX4Y-1C-7DVJ&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Server
172.64.146.152 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
99b2db7a2f75db50-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://capi.connatix.com/us/pixel?puid=MHPVMX4Y-1C-7DVJ&pId=11&gdpr=&gdpr_consent=&us_privacy=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
content-length
0
Content-Type
text/html
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-4fce6d32bf330bdc3b4d98fe0c6919ef-548d5a1d37822bdf-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
4fce6d32bf330bdc3b4d98fe0c6919ef/6092624952433978335
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7252 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=153257
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 798A 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=153257
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 45DA 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=153257
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:01:41 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.8537447228070393
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358871
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:41 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db750f512644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
geo
ut.pubmatic.com/ Frame 7252 		22 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 798A 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 45DA 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.6311628746394798
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
app.js
adsdk.bing.net/viewability/ Frame 8EE6 		186 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T060142Z-r18f5df8b77pwgfhhC1TYOvz0800000013vg00000000cspy
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:01:42 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
c.gif
www.bing.com/aes/ Frame 8EE6 		0
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7d5bc6bc283e4b0db9c03259979b6e56&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8cc2 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.84813417.1762581702.de58a28
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C1FB9B2E8D91427BB02BD4E4F0BE4625 Ref B: TYO201151002025 Ref C: 2025-11-08T06:01:42Z
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame 8EE6 		0
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=738ac870-33f7-4311-8394-524d493cc69b&bidId=1&bidderId=4&cmExpId=RSV&impId=805047410047241909&oAdUnit=391466&publisherId=162645330&rId=75f06e3d-e754-4e4a-bb25-4ae547144c1f&region=apac&rtype=miFeedbackURL&tagId=35091410&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&uberGroup=hore_3c&uberSubGroup=erfreir&sdkv=1.100.42&aid=805047410047241909
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8cc2 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.84813417.1762581702.de58a27
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8A4CABD42AAA46CBADEBEAE922224705 Ref B: TYO201151005052 Ref C: 2025-11-08T06:01:42Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
vary
Origin
th
www.bing.com/ Frame 8EE6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1324911648712123_1P541VDL67G95MV&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8cc2 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
dd4b50819e97653ec05476bf1cb23456d7e536d863bdbe05a01ab4230c295433

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.84813417.1762581702.de58a26
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
23609
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/jpeg
access-control-allow-headers
*
app.js
adsdk.bing.net/viewability/ Frame 4CA3 		186 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T060142Z-r18f5df8b77pwgfhhC1TYOvz0800000013vg00000000cspy
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:01:42 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
tracking
www.bing.com/api/v1/mediation/ Frame 4CA3 		0
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=def5dd8d-ef1a-4698-a9eb-0155a16fa06a&bidId=2&bidderId=4&cmExpId=RSV&impId=8186699713551909832&oAdUnit=391466&publisherId=162645330&rId=f5358965-e3d4-4b1a-8e04-01b4582344c2&region=apac&rtype=miFeedbackURL&tagId=35091406&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_knaqe_cnlzrag_qvfpercnapl_5&uberGroup=hore_3c&uberSubGroup=pbageby_5&sdkv=1.100.42&aid=8186699713551909832
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8cc2 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.84813417.1762581702.de58a2a
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 92A1E9F1072D451CB51F3CC6C1E4CE74 Ref B: TYO201151004060 Ref C: 2025-11-08T06:01:42Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
vary
Origin
th
www.bing.com/ Frame 4CA3 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1323812133416858_1CAB0H2ON5UMQE3&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8cc2 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
b9bc35ecb72a299c8a9713a10a1cffe06674b102647d95156c0842c6f8a97a6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.84813417.1762581702.de58a2b
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
22207
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/jpeg
access-control-allow-headers
*
rd_log
sin3-ib.adnxs.com/ Frame 8EE6 		0
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCMS5u8gGELWd27mqy4aWCxgAKjYJAACAgLDhpz8RAA0JJBkAAADgo3DlPyERGwApEQn0DgExAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeN_UBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTkvgAMAiAMBkAMAmAMXoAMBqgMCSADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEBfdYiAUBmAUAoAXUs_Gx_u70gAzABQDJBQAFARTwP9IFCQkFC_BAAAAA2AUB4AUB6gUMCghUV0lOS0xFUxIA6gUNCgnjg5bjg63jgrASAPAFyterAfoFBAgAEACQBgCYBgC4BgDBBgABQjAA8D_QBsKNBNoGFgoQBREdAXwQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB9_UBdIHDxWIASkQIADaBwYBY_B7GADgBwDqBwIIAPAH69oEighHCkMAAAGaYg5doAssGlqnNs61wYrxiDN25X5ZrDqjpVxhV0gf624mVYstk19-JbEA-liv8joIXYqXlGS2A1_57TW7CKnfEAGVCAAAgD-YCAHACPxD0ggGCAAQABgA2ggECAAgAOAIAOgIAA..&s=cf8ffa3897d8072fb488e7159f6473bdde869b4a&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2Fbb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.51 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
9b1b6baa-fd0a-409c-9f85-9ea496b32e04
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
bounce
id5-sync.com/ 		29 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="CAO PSA OUR"
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
text/plain;charset=utf-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::50d8 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
a5d72524b99fd94d40498ede35915fec7885ad9c0c2a4a905d1f7cf62d372273

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
54
date
Sat, 8 Nov 2025 06:01:42 GMT
content-type
application/json
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
343 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
d737390f4ccb796e4d16755c57a7b7edf0918318c6da622212726ac57f399266
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-encoding
gzip
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
rd_log
sin3-ib.adnxs.com/ Frame 4CA3 		0
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCMS5u8gGEMiHt6i7gMDOcRgAKjYJ368fg4bdtD8R3w0JJBkAAAAgXI_qPyERGwApEQn0DgExAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeKjUBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTkvgAMAiAMBkAMAmAMXoAMBqgMCSADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEBfdYiAUBmAUAoAWH7uLUoui3wkzABQDJBQAFARTwP9IFCQkFC_BAAAAA2AUB4AUB6gUNCgnjg5bjg63jgrASAOoFDAoIVFdJTktMRVMSAPAFyterAfoFBAgAEACQBgCYBgC4BgDBBgABQjAA8D_QBsKNBNoGFgoQBREdAXwQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB6jUBdIHDxWIASkQIADaBwYBY_B7GADgBwDqBwIIAPAH69oEighHCkMAAAGaYg5doHGdAAO1DcPIM1-UJVGlXCbVFh7jL31e_B20BzgNsI36_ERPHtNBXmskbXaOYcVXprrLa1IvWHqyhaQoEAGVCAAAgD-YCAHACPxD0ggGCAAQABgA2ggECAAgAOAIAOgIAA..&s=9a6271e56cce2385f58c467cc31a83619ce37a87&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2Fbb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.51 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
7426ddcc-898b-4664-b417-e7da2b2d04cc
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
geo
ut.pubmatic.com/ Frame 7252 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 798A 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 45DA 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:01:41 GMT
content-type
application/json
dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=*;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame 44A5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=*;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F
Requested by
Host: 10208769.fls.doubleclick.net
URL: https://10208769.fls.doubleclick.net/activityi;dc_pre=CN-g8MHw4ZADFdKYuQUdecMtlw;src=10208769;type=invmedia;cat=im8db0;ord=6243360734466;npa=0;auiddc=1171246322.1762581702;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~105391252~115480709~115583767~115938466~115938468~116217636~116217638;epver=2;dc_random=1762581701_w5NAi1M43XrRn2vWkWAwNrbevuuNZgL1eA;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lckixa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://10208769.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
px.gif
ad-delivery.net/ 		43 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.8429309617999255
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358872
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:42 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db77c9bd2644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
all
client-side-metrics.as.criteo.net/ Frame 3191 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=A4lB9pqT3orBc7TFboZec-p_3xExRz2Izj9YuPEZ-GyeZrq8nJw4Dy6fFUEUsQWjGFV3GB89pT8dUnN70YHDyfK-lPkOtbXGZ6h-ds0rbvqVKaQKGhU3tbEl0Rgb-RC-PF1Pgpv-LaNUOPx2G_jTUdF6A3Ots8bECjzNFufCVp1csjVlh7Cwv3n_0I0NaqJ4uOnSps8eaT170eAN_WsqL5db-Ah4B1Ysy2-P7FIxpa_-MuFJ6G-Vry7hRuzsFb-yrqGECQ&sds=2&rev=102983&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7cxAANpsAHewdoAAFn0bzNKie-LAsPj47n5g&u=%7CyZLyHe02764sXomA%2B%2BjOg2oXJXB5C%2FRHvR7zp3idbwM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFOXvXEpWV61FwuN2mBzI2u1qH6LpdChlVrtB5XSxY19KbNIR2T8mqtFU_mbWOgtHc8ng5Ycm_EPzFz7Kp08fYBKL1wsUgTlUB3jBr4W6uMtvHUrrvpRQoeTIK1fLXGKAuTbknoBg9SdDtCKVJ9YQQ7YKpCcurDwUveB2M5mUkLMEBxSb7UHd74IhZICkjdjf5fsHPV29qyrdMGxK1Jzr0-eAVuJ_hiSYk4QdIXI84nq2cGEoycZIQUnVXFU-IwXqQaqaCDPpa1gEXxOLjpPc9FGbVA0RDX4An1iflwXHwKWioepntun6r4eDwVIyV0RCgVkyQO-7oA0CKeNpqOpKvXlI2Hp4ZqAE7SetwTemOeJ01Fpb91k17ekPkmODLalY9oJ_03aijboCsgNHQ52nBBDW5dLonGfwfbDpTspIZbRBh7EEO4Y0vbn0gRWV5kVSLTW6rPsjXxSwN-LrwyWjLgmOnrPzcDjC2vLwapyuAo1zuBorT7wSkMYK2GBVVwS0O1Lbo8N8__Cjo2k3bYjhOyefXvXorZCCxqn3wNC00m5yEyHzBUDNya-eKb8V1HIztP8wCgRl6675dn8USYlIa0cz65aIm1EA8qNddwD_xYQZmWehrsTwTBVXK7lLmHAiIA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCk0O1xNwOacDNNuiO7OsP0c-FyA3Rvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9Dhg2oqtm8HhP2So7JoeH0cFHPqRsUK_fsiPSZSPkwkZa57wYdPWlHPFxrYY6xZsR_NBDSqZQuR5ogg6r4LfTUVxJHEjHISWHQwvRdDm687PKwwriGT-ZJ6ax-CgVanlmdS7DTt7-ZWwzNDafxz1ibHYRrznpsDRnvqVPXg72auqphIv0LoDlwtYvPZJrNrUYtnZcgEmn93Xol5uK108GQi-O6rxF9j2HhbWG-0LcJO6mYnIRjGAJXGqvd8up8WXd4r8NnDTCmstw-k0QfQbQMHVtj9fx8TCRRrTUuP6rsGKyfeoxroeIWi6IR9y8lw5d2dfB6Lyfaty6FwS4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WLuercHw4ZAD-gsCCAGADAGqDQJKUOoNEwid6rzB8OGQAxVoB3sHHdFnAdmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCcIqXo0AyrhAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2nGgo5RNPwp6H7paw5iq0i5Pz1yQ%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
x-rate-limit-limit
1s
x-rate-limit-reset
2025-11-08T06:01:43.0911803Z
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:01:41 GMT
x-rate-limit-remaining
9326
server
Kestrel
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.48337873209467774
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
vevent
sin3-ib.adnxs.com/ Frame 8EE6 		0
895 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&e=wqT_3QLjCKBjBAAAAwDWAAUBCMS5u8gGELWd27mqy4aWCxgAKjYJAACAgLDhpz8RAA0JJBkAAADgo3DlPyERGwApEQn0FwQxAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeN_UBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTkvgAMAiAMBkAMAmAMXoAMBqgPkAwr5Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTczOGFjODcwLTMzZjctNDMxMS04Mzk0LTUyNGQ0OTNjYzY5YiZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1SU1YmaW1wSWQ9ODA1MDQ3NDEwMDQ3MjQxOTA5Jm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9NzVmMDZlM2QtZTc1NC00ZTRhLWJiMjUtNGFlNTQ3MTQ0YzFmJnJlZ2lvbj1hcGFjJnJ0eXBlPW51cmwmdGFnSWQ9MzUwOTE0MTAmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJnViZXJHcm91cD1ob3JlXzNjJnViZXJTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoSODA1MDQ3NDEwMDQ3MjQxOTA5IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESXlOVGMyTWpZM056YzVNVE1qTWpNek5EQTFOekF5T0RNek5EUXhOdz09SADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBdSz8bH-7vSADMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcrXqwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAff1AXSBw8JAAAAAAAAAAAQABgAIADaBwYIABAAGADgBwDqBwIIAPAH69oEighHCkMAAAGaYg5doAssGlqnNs61wYrxiDN25X5ZrDqjpVxhV0gf624mVYstk19-JbEA-liv8joIXYqXlGS2A1_57TW7CKnfEAGVCAAAgD-YCAHACPxD0ggLCPP_37uAHhAAGADaCAQIACAA4AgA6AgA&s=1943d583ca4f1560adeaa71c4f2a73877b93cf0b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=6804198281467402834&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091410&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.51 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
an-x-request-uuid
963222b4-f8ff-47ce-a7fa-36403f6a369f
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame ED53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssce_RpGE0_P0TXQT5jbgIam0KHZ_nZfgdvAdK2aD8QkdSpJ2BSV2eSUa8oGwH1kDRP9b-ZistCA2WLXZLzj2Icpt-KsFIlnU2wjs-mOJzjjBtS2NKrrJUdOKCWh4d6wXDkGGM9SS2w7Gm0_GK3Qbd3h_6FfnQ8gjNLSEaF7xLNqjWuURDO7AYL4FECM2-ez5VDBt_X8ztHBdX2_VPa6yG-OTC4x2pNLUwKoG7G-ZV8i0xfNXR976FYV1IVGolpr8_DVoT1HHUEBZtj9W_PRaDpeSNJGeq1w_0dUcg4MAJlKNpaeE0BvfQ34PRQpwXHPlTYavsE8hNmN88ZikulGs0WQr86eQPsOpoGtjSg9fKpAQsouASfWmhyHUlPj5QeCOBrm15vHGOCi1Z5dXH1B91fekg-jXDpv5CBKD-JYWCfRSyFcGPRBQawoJRzskvOzAjQ4aSY_lVhq1eqyDzn0KcURkSyiktH&sai=AMfl-YQa7oIUi3jYVG5tK4W8mHDhloTP2jLE1lOiscZgh4CS2sduaHnjr1_du-4vFDQcJ4et46U87guscak4tVm0PJAKX9K3UWRqB-DeCxRMVjpHcQrHP_TEN7wGKP9qLxG2dmGSeGTkU-6Ivav4yxl-ncaYKQfR4_H_H20Eulk2kLOkV6byYOeiwahAmVJ43_7C4v8vxPsQ7HE0hZJgxrcHbJqozc6X8iVmEOKbH51EPrRhLnRgXMHAub2u85wP8NzEY-j4vw&sig=Cg0ArKJSzAK4wXokZF0FEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:42 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
vevent
sin3-ib.adnxs.com/ Frame 4CA3 		0
895 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&e=wqT_3QKcCqAcBQAAAwDWAAUBCMS5u8gGEMiHt6i7gMDOcRgAKjYJ368fg4bdtD8R3w0JJBkAAAAgXI_qPyERGwApEQn00AQxAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeKjUBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTkvgAMAiAMBkAMAmAMXoAMBqgOdBQqxBGh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWRlZjVkZDhkLWVmMWEtNDY5OC1hOWViLTAxNTVhMTZmYTA2YSZiaWRJZD0yJmJpZGRlcklkPTQmY21FeHBJZD1SU1YmaW1wSWQ9ODE4NjY5OTcxMzU1MTkwOTgzMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWY1MzU4OTY1LWUzZDQtNGIxYS04ZTA0LTAxYjQ1ODIzNDRjMiZyZWdpb249YXBhYyZybGluaz1odHRwcyUzQSUyRiUyRnd3dy5iaW5nLmNvbSUyRmFlcyUyRmMuZ2lmJTNGREklM0QwJTI2RElTJTNEU0JfMi0xLTAlM0YlMjZSRyUzRDU3ZWQ4ODk3Y2MyYjQ0N2Y5YzRiNzRhZTYwMzA0N2E4JTI2U05SJTNEMSUyNkdWJTNEMiUyNm1lZCUzRDEwJnJ0eXBlPW51cmwmdGFnSWQ9MzUwOTE0MDYmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD16emYlM0FrbmFxZV8zY19rbmFxZV9jbmx6cmFnX3F2ZnBlcmNuYXBsXzUmdWJlckdyb3VwPWhvcmVfM2MmdWJlclN1Ykdyb3VwPXBiYWdlYnlfNSZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzgxODY2OTk3MTM1NTE5MDk4MzIiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJek9UVXdOalF3TlRFeU1qQWpNak16TkRFNU5EUTJOek13TlRBek9RPT1IAcAD2ATIAwDYA4fqNOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDYuNzAuMjAxLjEzNagEALIEEggAEAEYrAIg-gEoADAAOAJCALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFh-7i1KLot8JMwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyterAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB6jUBdIHDwkAAAAAAAAAABAAGAAgANoHBggAEAAYAOAHAOoHAggA8Afr2gSKCEcKQwAAAZpiDl2gcZ0AA7UNw8gzX5QlUaVcJtUWHuMvfV78HbQHOA2wjfr8RE8e00FeayRtdo5hxVemustrUi9YerKFpCgQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=6bf0dc2dff54282f44cbdd1a443343db0204df08&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=6804198281467402834&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091406&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.51 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 1048.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com
an-x-request-uuid
7cd9c586-d8b6-4308-ab1a-ef2ad64ec72d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame 1D5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubelRcb616fx8jyCv2hrdpbmOf6UR4_BuTZ_7L-JTohW5_F8aW_wsEY4HJ21-JIUUF8nyLa9o1y3IqBaNJPsBI4ur5ZalUjS1NAcVzffx_teDED63m46u2akdjEXwim-nhnNf268Kklq01_giC0n1EmP-D4tExi8B5gg8pSg7PMY7k7UFmp8kC2nf1d7tIiXcn4921rRIG3hr9MZBcxF9HgjdpjRs3JVlimeM5iGGglAosQGzKZxZthJbcAbhk9yXZlDaB8L7vPwHzGYvML6ruuiUNq9Kgq09BFopSB3hT7X8SPmrjBIu5kDmAifUIO_bcpcAYZhJCPKrj12omcz4vsjIR-rkN7U8XCnKnTvIn1dLNB8GgvI_XMX_cQuz8N8HHdtOvcP4sax6tAxIgLeM9ENtFFLw6kjdYN3K-6_EZBcpxWr_Fx4X--hNFih-N4k2cwbfklYKd5R8R0rdIO7o-yVOXpQ&sai=AMfl-YQ8VhbNOShUhMNUXIcBH9OZGv3ItJdKc6taeFQPVuABbtITegFbPDzV22nofoRMtVcnWhr95KOY7DlW_48bvAZQy17KpX7E2R79X6MH4iZXui8e-SvjhVNHq5dmmpB3_YIgENZZP_lFhaTpSlrrLIeGJvrsqg_MQFi4cJAdRx5YrzHFUGn8egIfUDYWztBjW6_tbs-NkVXsSpnCFXJAtKlz3XtqdG44V55o9XuzJE6yNM59vZ9p5y3TJuK4bcsrz0Q1z0o&sig=Cg0ArKJSzB-ZOcjayr9fEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:01:42 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:01:42 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.8860692151972603
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358872
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:42 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:42 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db7a5b9d2644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=71e42f7de5cdfbc17119c1e1ce2e3a7
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=71e42f7de5cdfbc17119c1e1ce2e3a7
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 06:01:43 GMT
vary
Origin, Accept-Encoding

Redirect headers

Cache-Control
no-cache
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=71e42f7de5cdfbc17119c1e1ce2e3a7
Pragma
no-cache
x-sticky-vk
1762581703043055-10
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 08 Nov 2025 06:01:43 GMT
Server
nginx
/
onetag-sys.com/usync/ Frame 7081 		2 KB
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.76 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip76.ip-51-79-152.net
Software
/
Resource Hash
d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
br
content-length
750
content-type
text/html
strict-transport-security
max-age=15552000
v3
id5-sync.com/gm/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
7bae04cac7598a38f8f54bbfcd9056a07539505eff16098f968cf61173da8880
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="CAO PSA OUR"
date
Sat, 08 Nov 2025 06:01:43 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.007032584703582256
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:01:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:01:43 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
c.gif
www.bing.com/aes/ Frame 1D5F 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=57ed8897cc2b447f9c4b74ae603047a8&tids=2&med=10
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.59.252.162 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-59-252-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.9efc3b17.1762581703.541b0ed
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C2AAC081D8DC4FB485EBEB3FE86BA84B Ref B: HKG201051219042 Ref C: 2025-11-08T06:01:43Z
quic-version
0x00000001
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 06:01:43 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame 1D5F 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=def5dd8d-ef1a-4698-a9eb-0155a16fa06a&bidId=2&bidderId=4&cmExpId=RSV&impId=8186699713551909832&oAdUnit=391466&publisherId=162645330&rId=f5358965-e3d4-4b1a-8e04-01b4582344c2&region=apac&rtype=mvFeedbackURL&tagId=35091406&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_knaqe_cnlzrag_qvfpercnapl_5&uberGroup=hore_3c&uberSubGroup=pbageby_5&sdkv=1.100.42&aid=8186699713551909832
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443959/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.59.252.162 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-59-252-162.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://bb7eb3848ff14940f0135608f1f1cc76.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.9efc3b17.1762581703.541b0ee
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C8E0C85CA71C45A4A70778E57313CB03 Ref B: HKG201051221052 Ref C: 2025-11-08T06:01:43Z
quic-version
0x00000001
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 06:01:43 GMT
vary
Origin
px.gif
ad-delivery.net/ 		43 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.4564630499867167
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
1358873
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:01:43 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:01:43 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b2db7ced732644-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
sodar
ep1.adtrafficquality.google/getconfig/ 		18 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202511040101&st=env&sjk=870617481837885
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
adfaa4b63dbe880e5519245240bc5197cf69361d7fc9ffe47c337896ae16169a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13636
date
Sat, 08 Nov 2025 06:01:43 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
share_button.php
www.facebook.com/v22.0/plugins/ Frame CBD9 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3c69f38404cb44ef%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ff08387238f28e4909%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443959%2F&layout=button_count&locale=ja_JP&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=65413a4dc2da38c444765d7ca7ab925c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
833435075c6172d5cf6e280d2071942e422671c143cda547da03368402b577e4
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-rlDpgVDQ' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.teno