urlscan.io logo urlscan.io
SecurityTrails logo

twinklesphotos.exblog.jp Open in urlscan Pro
13.113.111.8  Public Scan

Go To Rescan Add Verdict Report
URL: https://twinklesphotos.exblog.jp/33443971/
Submission: On November 08 via api from DE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 136 IPs in 12 countries across 105 domains to perform 492 HTTP transactions. The main IP is 13.113.111.8, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is twinklesphotos.exblog.jp.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 13th 2025. Valid for: a year.
This is the only time twinklesphotos.exblog.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.113.111.8 16509 (AMAZON-02)
21 3.164.121.26 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
7 54.230.175.52 16509 (AMAZON-02)
2 3.164.121.110 16509 (AMAZON-02)
17 142.250.194.66 15169 (GOOGLE)
1 151.101.193.55 54113 (FASTLY)
3 3.166.242.225 16509 (AMAZON-02)
4 199.232.148.157 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
1 13.32.54.62 16509 (AMAZON-02)
1 3.166.228.74 16509 (AMAZON-02)
2 157.240.31.5 32934 (FACEBOOK)
4 2404:6800:400... 15169 (GOOGLE)
26 142.250.196.98 15169 (GOOGLE)
2 3.173.238.99 16509 (AMAZON-02)
3 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 18.177.178.194 16509 (AMAZON-02)
2 162.159.140.229 13335 (CLOUDFLAR...)
1 3.166.228.104 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.172.31.119 16509 (AMAZON-02)
1 202.232.238.39 2497 (IIJ Inter...)
1 142.250.194.110 15169 (GOOGLE)
9 34.160.89.38 396982 (GOOGLE-CL...)
1 13.115.25.214 16509 (AMAZON-02)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 9 142.250.194.70 15169 (GOOGLE)
2 34.36.200.111 396982 (GOOGLE-CL...)
7 13.225.162.183 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 142.251.42.193 15169 (GOOGLE)
8 57.182.52.186 16509 (AMAZON-02)
6 10 35.213.17.49 15169 (GOOGLE)
3 2a06:98c1:310... 13335 (CLOUDFLAR...)
1 35.201.98.24 396982 (GOOGLE-CL...)
3 124.146.153.169 2514 (INFOSPHER...)
1 5 99.84.141.127 16509 (AMAZON-02)
4 103.132.192.30 138552 (RTBHOUSE-...)
3 103.253.24.96 133210 (ENTECHNOL...)
4 104.18.26.193 13335 (CLOUDFLAR...)
4 207.65.34.76 62713 (AS-PUBMATIC)
2 6 103.43.90.54 29990 (ASN-APPNEX)
4 18.65.125.36 16509 (AMAZON-02)
3 130.211.23.194 396982 (GOOGLE-CL...)
4 172.217.175.34 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.250.194.99 15169 (GOOGLE)
1 52.193.29.172 16509 (AMAZON-02)
6 6 185.184.8.90 204995 (RTB-HOUSE...)
7 34.149.40.38 396982 (GOOGLE-CL...)
1 6 23.108.103.28 59253 (LEASEWEB-...)
3 3.165.11.75 16509 (AMAZON-02)
9 2404:6800:400... 15169 (GOOGLE)
14 44.247.70.22 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
3 142.250.207.8 15169 (GOOGLE)
2 13.113.106.149 16509 (AMAZON-02)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
2 2406:2600:4::22 55569 (CRITEO-AS...)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2600:1901:0:2... 396982 (GOOGLE-CL...)
16 2406:2600:4::2e 55569 (CRITEO-AS...)
2 2406:2600:4::31 55569 (CRITEO-AS...)
2 2406:2600:4:: 55569 (CRITEO-AS...)
3 202.232.238.37 2497 (IIJ Inter...)
2 2 2406:da18:929... 16509 (AMAZON-02)
8 29 142.251.42.162 15169 (GOOGLE)
1 1 34.111.130.7 396982 (GOOGLE-CL...)
1 1 96.16.55.135 20940 (AKAMAI-AS...)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
3 23.192.47.58 20940 (AKAMAI-AS...)
6 2406:2600:4::1f 55569 (CRITEO-AS...)
4 2406:2600:4::25 55569 (CRITEO-AS...)
3 3 35.213.7.90 15169 (GOOGLE)
1 9 18.178.165.190 16509 (AMAZON-02)
6 23.40.192.188 16625 (AKAMAI-AS)
2 7 35.244.159.8 396982 (GOOGLE-CL...)
4 4 184.26.241.115 16625 (AKAMAI-AS)
8 23.40.149.60 16625 (AKAMAI-AS)
2 2 2600:1f10:4ce... 14618 (AMAZON-AES)
3 3 15.197.193.217 16509 (AMAZON-02)
2 35.79.4.173 16509 (AMAZON-02)
2 6 2406:2600:4::13 55569 (CRITEO-AS...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 124.146.153.151 2514 (INFOSPHER...)
1 172.66.0.227 13335 (CLOUDFLAR...)
4 4 3.33.220.150 16509 (AMAZON-02)
1 202.233.84.10 131957 (MICROAD M...)
1 202.233.84.1 131957 (MICROAD M...)
2 207.65.34.81 62713 (AS-PUBMATIC)
1 34.49.1.209 396982 (GOOGLE-CL...)
10 207.65.34.87 62713 (AS-PUBMATIC)
15 22 69.173.158.64 26667 (RUBICONPR...)
2 2600:1901:0:d... 396982 (GOOGLE-CL...)
2 2600:140b:a80... 20940 (AKAMAI-AS...)
1 162.19.138.117 16276 (OVH OVH SAS)
1 2 142.250.199.102 15169 (GOOGLE)
1 1 35.190.0.66 396982 (GOOGLE-CL...)
1 2 2406:2600:4::2f 55569 (CRITEO-AS...)
2 2 3.208.248.227 14618 (AMAZON-AES)
2 2 52.220.197.184 16509 (AMAZON-02)
1 1 52.76.15.13 16509 (AMAZON-02)
1 1 124.146.153.152 2514 (INFOSPHER...)
2 2 35.214.245.4 19527 (GOOGLE-2)
1 1 35.208.249.213 19527 (GOOGLE-2)
1 198.206.157.241 399668 (E-PLANNING-)
2 3 54.255.134.76 16509 (AMAZON-02)
1 1 47.84.104.147 45102 (ALIBABA-C...)
4 5 131.153.206.102 59210 (PHOENIXNA...)
2 4 35.186.253.211 396982 (GOOGLE-CL...)
1 1 87.249.128.56 60068 (CDN77 Dat...)
2 2 52.223.2.229 16509 (AMAZON-02)
1 207.65.34.77 62713 (AS-PUBMATIC)
1 10 103.43.90.117 29990 (ASN-APPNEX)
2 51.79.152.81 16276 (OVH OVH SAS)
1 4 98.82.156.207 14618 (AMAZON-AES)
1 2 67.220.228.201 16509 (AMAZON-02)
1 2620:1ec:50::12 8075 (MICROSOFT...)
1 1 2406:2000:a4:... 10230 (YAHOO-SG ...)
1 3 13.114.90.134 16509 (AMAZON-02)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 1 18.172.52.92 16509 (AMAZON-02)
1 2 54.230.175.58 16509 (AMAZON-02)
4 2620:1ec:bdf::46 8075 (MICROSOFT...)
2 2620:1ec:46::46 8075 (MICROSOFT...)
2 23.106.127.164 59253 (LEASEWEB-...)
8 13 162.19.138.119 16276 (OVH OVH SAS)
1 2001:41d0:701... 16276 (OVH OVH SAS)
2 162.19.138.118 16276 (OVH OVH SAS)
3 18.64.122.124 16509 (AMAZON-02)
6 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 23.220.70.18 20940 (AKAMAI-AS...)
3 9 23.106.50.39 59253 (LEASEWEB-...)
1 1 74.121.143.245 30419 (PAEDAE-INC)
1 1 35.213.183.23 15169 (GOOGLE)
1 3 13.214.62.227 16509 (AMAZON-02)
1 1 51.79.177.11 16276 (OVH OVH SAS)
4 4 82.145.213.8 39832 (NO-OPERA ...)
1 2 162.159.141.246 13335 (CLOUDFLAR...)
1 1 74.214.196.131 19189 (PULSEPOINT)
1 2 52.220.60.217 16509 (AMAZON-02)
1 1 50.57.31.206 19994 (RACKSPACE)
2 2 95.173.218.113 60068 (CDN77 Dat...)
1 203.137.133.153 4694 (IDCF IDC ...)
1 35.78.11.232 16509 (AMAZON-02)
1 2406:2600:4::2d 55569 (CRITEO-AS...)
3 182.161.74.19 55569 (CRITEO-AS...)
2 2 52.196.41.248 16509 (AMAZON-02)
1 107.178.248.96 396982 (GOOGLE-CL...)
1 151.101.193.108 54113 (FASTLY)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 5 162.55.233.29 24940 (HETZNER-A...)
3 8 104.18.27.193 13335 (CLOUDFLAR...)
8 2406:2600:4::2b 55569 (CRITEO-AS...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 211.183.211.30 152199 (KAKAOCORP...)
1 1 80.77.87.163 46636 (NATCOWEB)
1 2 172.66.1.242 13335 (CLOUDFLAR...)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 3.211.135.141 14618 (AMAZON-AES)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
1 1 35.78.8.249 16509 (AMAZON-02)
2 2 34.223.132.3 16509 (AMAZON-02)
1 220.150.223.50 4686 (BEKKOAME ...)
2 2 3.173.238.17 16509 (AMAZON-02)
1 3.166.244.118 16509 (AMAZON-02)
1 35.74.16.224 16509 (AMAZON-02)
1 57.180.143.124 16509 (AMAZON-02)
1 18.180.162.88 16509 (AMAZON-02)
492 136
1    13.113.111.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-111-8.ap-northeast-1.compute.amazonaws.com
twinklesphotos.exblog.jp
21    3.164.121.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-26.nrt12.r.cloudfront.net
s.eximg.jp
2    2404:6800:4004:826::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    54.230.175.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-52.nrt57.r.cloudfront.net
image.excite.co.jp
2    3.164.121.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-110.nrt12.r.cloudfront.net
pds.exblog.jp
17    142.250.194.66 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-bb-in-f2.1e100.net
securepubads.g.doubleclick.net
1    151.101.193.55 (United States)

ASN54113 (FASTLY, US)
flux-cdn.com
3    3.166.242.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-242-225.nrt20.r.cloudfront.net
c.amazon-adsystem.com
4    199.232.148.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
platform.twitter.com
2    2404:6800:4008:c02::9a (Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.32.54.62 (New York, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-54-62.nrt57.r.cloudfront.net
b.st-hatena.com
1    3.166.228.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-228-74.nrt20.r.cloudfront.net
config.aps.amazon-adsystem.com
2    157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net
connect.facebook.net
4    2404:6800:4004:809::2001 (Australia)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
26    142.250.196.98 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net
pagead2.googlesyndication.com
2    3.173.238.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-99.nrt20.r.cloudfront.net
md.exblog.jp
3    2600:140b:1c00:48::1734:8c3b (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
dmp.im-apps.net
1    18.177.178.194 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-178-194.ap-northeast-1.compute.amazonaws.com
logging.exblog.jp
2    162.159.140.229 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
syndication.twitter.com
1    3.166.228.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-228-104.nrt20.r.cloudfront.net
cdn.nidan.d2c.ne.jp
2    2606:4700:10::ac42:ab85 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
3    2606:4700::6810:aee2 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    18.172.31.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-31-119.nrt20.r.cloudfront.net
yield-manager.browsiprod.com
1    202.232.238.39 (Jingūmae, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
cnt.fout.jp
1    142.250.194.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-bf-in-f14.1e100.net
www.google-analytics.com
9    34.160.89.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
1    13.115.25.214 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-25-214.ap-northeast-1.compute.amazonaws.com
js.api.nidan.d2c.ne.jp
11    2606:4700:10::6814:2f50 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
9    142.250.194.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-bb-in-f6.1e100.net
ad.doubleclick.net
2    34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com
ab.dns-finder.com
7    13.225.162.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-162-183.nrt20.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:20::681a:8a9 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    142.251.42.193 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f1.1e100.net
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
8    57.182.52.186 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
hb.adingo.jp
10    35.213.17.49 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 49.17.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
3    2a06:98c1:3101::6812:22b2 (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    35.201.98.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com
sp.gmossp-sp.jp
3    124.146.153.169 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
d.socdm.com
5    99.84.141.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-141-127.nrt57.r.cloudfront.net
ad.as.amanad.adtdp.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
3    103.253.24.96 (Singapore)

ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG)
shb.richaudience.com
4    104.18.26.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
4    207.65.34.76 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
6    103.43.90.54 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    18.65.125.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-125-36.kix50.r.cloudfront.net
cdn.browsiprod.com
3    130.211.23.194 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    172.217.175.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f2.1e100.net
googleads.g.doubleclick.net
1    2404:6800:4004:800::200e (Australia)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.250.194.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-bf-in-f3.1e100.net
www.google.co.jp
1    52.193.29.172 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-29-172.ap-northeast-1.compute.amazonaws.com
nidan.addlv.smt.docomo.ne.jp
6    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
7    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
6    23.108.103.28 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ads.us.e-planning.net
sync.e-planning.net
u-sin01.e-planning.net
3    3.165.11.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-11-75.nrt12.r.cloudfront.net
pdn.adingo.jp
9    2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    44.247.70.22 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-247-70-22.us-west-2.compute.amazonaws.com
events.browsiprod.com
1    2600:9000:21d2:9a00:a:d2fd:aec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.sx.adingo.jp
3    142.250.207.8 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f8.1e100.net
www.googletagmanager.com
2    13.113.106.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-106-149.ap-northeast-1.compute.amazonaws.com
sh.adingo.jp
2    2406:2600:7:100::32 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.sg1.as.criteo.com
2    2406:2600:4::22 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
1    2600:140b:1c00:48::1734:8c23 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cf.im-apps.net
1    2600:140b:1c00:48::1734:8c1c (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.audiencedata.net
1    2600:1901:0:2dbc:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
atb.im-apps.net
16    2406:2600:4::2e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    2406:2600:4::31 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.jp2.as.criteo.com
2    2406:2600:4:: (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
measurement-api.criteo.com
3    202.232.238.37 (Jingūmae, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
2    2406:da18:929:5a01:4fc2:5464:d31a:9ec2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
29    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
cm.g.doubleclick.net
adservice.google.com
1    34.111.130.7 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 7.130.111.34.bc.googleusercontent.com
pixelfnt-us.dsp-api.moloco.com
1    96.16.55.135 (Santa Clara, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a96-16-55-135.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
2    2604:9e00:1:129::2:a01 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.voisetech.com
1    174.137.133.49 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
3    23.192.47.58 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-192-47-58.deploy.static.akamaitechnologies.com
sync.im-apps.net
6    2406:2600:4::1f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
imageproxy.as.criteo.net
4    2406:2600:4::25 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
client-side-metrics.as.criteo.net
3    35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
9    18.178.165.190 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
6    23.40.192.188 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-188.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
excite-d.openx.net
4    184.26.241.115 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-241-115.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
8    23.40.149.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2600:1f10:4ce4:4a05:6ed4:c031:360e:a1ed (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
hrbh3.publishers.tremorhub.com
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.79.4.173 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-4-173.ap-northeast-1.compute.amazonaws.com
aud.adjust-net.jp
6    2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    2606:4700:10::6814:170d (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    124.146.153.151 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
bid.socdm.com
1    172.66.0.227 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
analytics.twitter.com
4    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    202.233.84.10 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
universe.send.microad.jp
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
2    207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.49.1.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.1.49.34.bc.googleusercontent.com
b.im-apps.net
10    207.65.34.87 (United States)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
22    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
2    2600:1901:0:d959:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
2    2600:140b:a800::17c1:aa7a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
sync6.im-apps.net
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533568.ip-162-19-138.eu
api.id5-sync.com
2    142.250.199.102 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f6.1e100.net
10208769.fls.doubleclick.net
1    35.190.0.66 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    2406:2600:4::2f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    3.208.248.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-248-227.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.220.197.184 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-197-184.ap-southeast-1.compute.amazonaws.com
sync.1rx.io
1    52.76.15.13 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-15-13.ap-southeast-1.compute.amazonaws.com
sync.targeting.unrulymedia.com
1    124.146.153.152 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    35.214.245.4 (Groningen, Netherlands)

ASN19527 (GOOGLE-2, US)
PTR: 4.245.214.35.bc.googleusercontent.com
csync.loopme.me
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
gtracenep.admaster.cc
1    198.206.157.241 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
3    54.255.134.76 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-134-76.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    47.84.104.147 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gw-iad-bid.ymmobi.com
5    131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
sync.a-mo.net
4    35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    87.249.128.56 (Tokyo, Japan)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-87-249-128-56.cdn77.com
id.a-mx.com
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    207.65.34.77 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
10    103.43.90.117 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
sin3-ib.adnxs.com
2    51.79.152.81 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip81.ip-51-79-152.net
onetag-sys.com
4    98.82.156.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-156-207.compute-1.amazonaws.com
s.amazon-adsystem.com
2    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:50::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2406:2000:a4:807:: (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)
ups.analytics.yahoo.com
3    13.114.90.134 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-90-134.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    18.172.52.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-92.nrt20.r.cloudfront.net
live.primis.tech
2    54.230.175.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-58.nrt57.r.cloudfront.net
sync.intentiq.com
syncv4.intentiq.com
4    2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
adsdk.bing.net
2    2620:1ec:46::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdkprod.azureedge.net
2    23.106.127.164 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync.smartadserver.com
13    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
1    2001:41d0:701:1000::1291 (France)

ASN16276 (OVH OVH SAS, FR)
lbs.eu-1-id5-sync.com
2    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    18.64.122.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-122-124.nrt12.r.cloudfront.net
tags.crwdcntrl.net
6    2600:140b:1c00:47::1734:8c8d (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
www.bing.com
1    23.220.70.18 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-220-70-18.deploy.static.akamaitechnologies.com
hb.trustedstack.com
9    23.106.50.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
rtb-csync.smartadserver.com
1    74.121.143.245 (United States)

ASN30419 (PAEDAE-INC, US)
sync.mathtag.com
1    35.213.183.23 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 23.183.213.35.bc.googleusercontent.com
s.ad.smaato.net
3    13.214.62.227 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-214-62-227.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    51.79.177.11 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ads20-sgp.stickyadstv.com
ads.stickyadstv.com
4    82.145.213.8 (Amsterdam, Netherlands)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    162.159.141.246 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
www.temu.com
1    74.214.196.131 (Sunnyvale, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    52.220.60.217 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-60-217.ap-southeast-1.compute.amazonaws.com
rtb.gumgum.com
g2.gumgum.com
1    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
2    95.173.218.113 (Singapore, Singapore)

ASN60068 (CDN77 Datacamp Limited, GB)
PTR: unn-95-173-218-113.datapacket.com
uipapac.semasio.net
1    203.137.133.153 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
aladdin.genieesspv.jp
1    35.78.11.232 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-11-232.ap-northeast-1.compute.amazonaws.com
ad.ad-stir.com
1    2406:2600:4::2d (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
grid-bidder.criteo.com
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
2    52.196.41.248 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-196-41-248.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    107.178.248.96 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.248.178.107.bc.googleusercontent.com
penta.a.one.impact-ad.jp
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.24.18 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
5    162.55.233.29 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
8    104.18.27.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
8    2406:2600:4::2b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    211.183.211.30 (Korea, Republic Of)

ASN152199 (KAKAOCORP-AS-KR Kakao Corp, KR)
serv.ds.kakao.com
1    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    172.66.1.242 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
www.temu.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
1    3.211.135.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-135-141.compute-1.amazonaws.com
i.liadm.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    35.78.8.249 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-78-8-249.ap-northeast-1.compute.amazonaws.com
dynalyst-sync.adtdp.com
2    34.223.132.3 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-132-3.us-west-2.compute.amazonaws.com
ap.lijit.com
1    220.150.223.50 (Japan)

ASN4686 (BEKKOAME BEKKOAME INTERNET INC., JP)
PTR: 50.223.150.220.in-addr.arpa
sync-dsp.ad-m.asia
2    3.173.238.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-17.nrt20.r.cloudfront.net
cr-p20.ladsp.com
1    3.166.244.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-118.nrt20.r.cloudfront.net
j.zucks.net.zimg.jp
1    35.74.16.224 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-74-16-224.ap-northeast-1.compute.amazonaws.com
i.adingo.jp
1    57.180.143.124 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-180-143-124.ap-northeast-1.compute.amazonaws.com
sh.zucks.net
1    18.180.162.88 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-162-88.ap-northeast-1.compute.amazonaws.com
k.zucks.net
Apex Domain
Subdomains		 Transfer
62 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 261
stats.g.doubleclick.net — Cisco Umbrella Rank: 191
ad.doubleclick.net — Cisco Umbrella Rank: 168
googleads.g.doubleclick.net — Cisco Umbrella Rank: 62
cm.g.doubleclick.net — Cisco Umbrella Rank: 318
10208769.fls.doubleclick.net — Cisco Umbrella Rank: 577720
351 KB
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 212
457 KB
34 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1136
eus.rubiconproject.com — Cisco Umbrella Rank: 700
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 36847
pixel.rubiconproject.com — Cisco Umbrella Rank: 466
37 KB
28 criteo.com
rtb.sg1.as.criteo.com — Cisco Umbrella Rank: 22204
ads.as.criteo.com — Cisco Umbrella Rank: 18236
cat.jp2.as.criteo.com — Cisco Umbrella Rank: 63758
measurement-api.criteo.com — Cisco Umbrella Rank: 2280
gum.criteo.com — Cisco Umbrella Rank: 512
dis.criteo.com — Cisco Umbrella Rank: 832
grid-bidder.criteo.com — Cisco Umbrella Rank: 948
mug.criteo.com — Cisco Umbrella Rank: 4028
ssp-sync.criteo.com — Cisco Umbrella Rank: 857
115 KB
26 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1038
imageproxy.as.criteo.net — Cisco Umbrella Rank: 19852
client-side-metrics.as.criteo.net — Cisco Umbrella Rank: 18328
79 KB
24 adingo.jp
hb.adingo.jp — Cisco Umbrella Rank: 41677
pdn.adingo.jp — Cisco Umbrella Rank: 115119
cdn.sx.adingo.jp — Cisco Umbrella Rank: 114811
sh.adingo.jp — Cisco Umbrella Rank: 96468
cs.adingo.jp — Cisco Umbrella Rank: 4658
i.adingo.jp — Cisco Umbrella Rank: 116931
54 KB
23 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 636
ads.pubmatic.com — Cisco Umbrella Rank: 644
image6.pubmatic.com — Cisco Umbrella Rank: 1062
ut.pubmatic.com — Cisco Umbrella Rank: 1095
image8.pubmatic.com — Cisco Umbrella Rank: 781
31 KB
21 eximg.jp
s.eximg.jp
112 KB
20 browsiprod.com
yield-manager.browsiprod.com — Cisco Umbrella Rank: 4741
cdn.browsiprod.com — Cisco Umbrella Rank: 4810
events.browsiprod.com — Cisco Umbrella Rank: 4450
116 KB
17 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 323
sin3-ib.adnxs.com — Cisco Umbrella Rank: 28952
acdn.adnxs.com — Cisco Umbrella Rank: 793
secure.adnxs.com — Cisco Umbrella Rank: 565
51 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 420
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 786
aax.amazon-adsystem.com — Cisco Umbrella Rank: 571
s.amazon-adsystem.com — Cisco Umbrella Rank: 386
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1222
98 KB
15 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 796
api.id5-sync.com — Cisco Umbrella Rank: 1605
id5-sync.com — Cisco Umbrella Rank: 515
50 KB
13 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 6225
cf.im-apps.net — Cisco Umbrella Rank: 278725
atb.im-apps.net — Cisco Umbrella Rank: 214750
sync.im-apps.net — Cisco Umbrella Rank: 10710
b.im-apps.net — Cisco Umbrella Rank: 111200
audiencedata.im-apps.net — Cisco Umbrella Rank: 41374
sync6.im-apps.net — Cisco Umbrella Rank: 6729
13 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 643
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 623
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 694
ssum.casalemedia.com — Cisco Umbrella Rank: 2527
9 KB
11 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 812
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 843
6 KB
11 openx.net
us-u.openx.net — Cisco Umbrella Rank: 584
rtb.openx.net — Cisco Umbrella Rank: 635
u.openx.net — Cisco Umbrella Rank: 808
excite-d.openx.net
3 KB
11 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 8824
penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 116602
4 KB
11 4dex.io
script.4dex.io — Cisco Umbrella Rank: 5227
mp.4dex.io — Cisco Umbrella Rank: 3109
u.4dex.io — Cisco Umbrella Rank: 2912
26 KB
11 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1142
2 KB
10 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 36312
creativecdn.com — Cisco Umbrella Rank: 592
4 KB
9 flux.jp
a.flux.jp — Cisco Umbrella Rank: 146920
1 KB
8 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3329
sync.richaudience.com — Cisco Umbrella Rank: 1162
3 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 439
4 KB
7 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2809
s.e-planning.net — Cisco Umbrella Rank: 10072
sync.e-planning.net — Cisco Umbrella Rank: 6240
u-sin01.e-planning.net — Cisco Umbrella Rank: 62813
3 KB
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1796
syndication.twitter.com — Cisco Umbrella Rank: 2199
analytics.twitter.com — Cisco Umbrella Rank: 1178
148 KB
7 excite.co.jp
image.excite.co.jp
44 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
765 KB
6 bing.com
www.bing.com — Cisco Umbrella Rank: 51
57 KB
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1118
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1173
sync.crwdcntrl.net — Cisco Umbrella Rank: 929
23 KB
6 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 7764
dynalyst-sync.adtdp.com — Cisco Umbrella Rank: 12395
4 KB
6 exblog.jp
twinklesphotos.exblog.jp
pds.exblog.jp
md.exblog.jp
logging.exblog.jp
44 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 951
sync.a-mo.net — Cisco Umbrella Rank: 1527
3 KB
5 socdm.com
d.socdm.com — Cisco Umbrella Rank: 68263
bid.socdm.com
tg.socdm.com — Cisco Umbrella Rank: 2134
5 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 1045
api.btloader.com — Cisco Umbrella Rank: 1182
33 KB
4 temu.com
www.temu.com — Cisco Umbrella Rank: 710
2 KB
4 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 928
3 KB
4 fout.jp
cnt.fout.jp — Cisco Umbrella Rank: 212825
sync.fout.jp — Cisco Umbrella Rank: 13196
2 KB
4 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10426
10 MB
3 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1688
uipapac.semasio.net — Cisco Umbrella Rank: 120026
1 KB
3 eu-1-id5-sync.com
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1220
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 974
844 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 516
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 722
865 B
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 661
990 B
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 453
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 1216
ups.analytics.yahoo.com — Cisco Umbrella Rank: 491
pbs.yahoo.com Failed
2 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 308
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 64
21 KB
2 zucks.net
sh.zucks.net — Cisco Umbrella Rank: 238296
k.zucks.net — Cisco Umbrella Rank: 252942
2 KB
2 ladsp.com
cr-p20.ladsp.com
863 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 839
805 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 823
cdn.indexww.com — Cisco Umbrella Rank: 1829
2 KB
2 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 9170
780 B
2 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1251
g2.gumgum.com — Cisco Umbrella Rank: 1621
528 B
2 bing.net
adsdk.bing.net — Cisco Umbrella Rank: 3320
41 KB
2 azureedge.net
adsdkprod.azureedge.net — Cisco Umbrella Rank: 2573
35 KB
2 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 2389
39 KB
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1121
syncv4.intentiq.com — Cisco Umbrella Rank: 1636
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 774
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 530
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 865
684 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 577
1 KB
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
2 KB
2 microad.jp
universe.send.microad.jp — Cisco Umbrella Rank: 181962
aid.send.microad.jp — Cisco Umbrella Rank: 35428
1 KB
2 adjust-net.jp
aud.adjust-net.jp — Cisco Umbrella Rank: 421807
2 tremorhub.com
hrbh3.publishers.tremorhub.com — Cisco Umbrella Rank: 807012
654 B
2 voisetech.com
rtb2-useast.voisetech.com — Cisco Umbrella Rank: 5910
967 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 174
www.google.com Failed
adservice.google.com — Cisco Umbrella Rank: 607
63 B
2 dns-finder.com
ab.dns-finder.com — Cisco Umbrella Rank: 1267
233 B
2 d2c.ne.jp
cdn.nidan.d2c.ne.jp — Cisco Umbrella Rank: 203906
js.api.nidan.d2c.ne.jp — Cisco Umbrella Rank: 115507
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 235
76 KB
1 zimg.jp
j.zucks.net.zimg.jp — Cisco Umbrella Rank: 242514
4 KB
1 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 10803
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1477
639 B
1 liadm.com
i.liadm.com — Cisco Umbrella Rank: 629
208 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1426
170 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 816
443 B
1 kakao.com
serv.ds.kakao.com — Cisco Umbrella Rank: 142830
610 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 901
463 B
1 ad-stir.com
ad.ad-stir.com — Cisco Umbrella Rank: 229252
153 B
1 genieesspv.jp
aladdin.genieesspv.jp — Cisco Umbrella Rank: 39588
248 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 752
1 KB
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
495 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 787
310 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1246
916 B
1 trustedstack.com
hb.trustedstack.com — Cisco Umbrella Rank: 1520
405 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1820
563 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
539 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1485
1 KB
1 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 1948
405 B
1 admaster.cc
gtracenep.admaster.cc — Cisco Umbrella Rank: 2846
479 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1302
471 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 4748
547 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4985
490 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 4974
1 KB
1 moloco.com
pixelfnt-us.dsp-api.moloco.com — Cisco Umbrella Rank: 4908
934 B
1 audiencedata.net
cdn.audiencedata.net — Cisco Umbrella Rank: 391768
2 KB
1 docomo.ne.jp
nidan.addlv.smt.docomo.ne.jp — Cisco Umbrella Rank: 150132
104 B
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 18424
63 B
1 gmossp-sp.jp
sp.gmossp-sp.jp — Cisco Umbrella Rank: 103154
593 B
1 st-hatena.com
b.st-hatena.com — Cisco Umbrella Rank: 174884
3 KB
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 142201
165 KB
0 facebook.com Failed
www.facebook.com Failed
0 adtrafficquality.google Failed
ep1.adtrafficquality.google Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 nex8.net Failed
cs.nex8.net Failed
492 105
Domain Requested by
28 cm.g.doubleclick.net 8 redirects twinklesphotos.exblog.jp
googleads.g.doubleclick.net
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
26 pagead2.googlesyndication.com twinklesphotos.exblog.jp
image.excite.co.jp
pagead2.googlesyndication.com
googleads.g.doubleclick.net
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
21 s.eximg.jp twinklesphotos.exblog.jp
s.eximg.jp
17 securepubads.g.doubleclick.net image.excite.co.jp
securepubads.g.doubleclick.net
twinklesphotos.exblog.jp
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
pagead2.googlesyndication.com
16 static.criteo.net ads.as.criteo.com
14 events.browsiprod.com flux-cdn.com
cdn.browsiprod.com
13 id5-sync.com 8 redirects cdn.id5-sync.com
twinklesphotos.exblog.jp
flux-cdn.com
11 ad-delivery.net btloader.com
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 ut.pubmatic.com ads.pubmatic.com
10 y.one.impact-ad.jp 6 redirects twinklesphotos.exblog.jp
flux-cdn.com
9 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
9 pixel.rubiconproject.com 6 redirects twinklesphotos.exblog.jp
9 cs.adingo.jp 1 redirects twinklesphotos.exblog.jp
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
9 ib.adnxs.com 2 redirects flux-cdn.com
twinklesphotos.exblog.jp
acdn.adnxs.com
9 ad.doubleclick.net 1 redirects btloader.com
twinklesphotos.exblog.jp
9 a.flux.jp flux-cdn.com
8 ssp-sync.criteo.com twinklesphotos.exblog.jp
8 eus.rubiconproject.com pdn.adingo.jp
eus.rubiconproject.com
ads.us.e-planning.net
script.4dex.io
8 hb.adingo.jp flux-cdn.com
7 match.adsrvr.org 7 redirects
7 u.4dex.io twinklesphotos.exblog.jp
ads.us.e-planning.net
ssbsync.smartadserver.com
7 aax.amazon-adsystem.com c.amazon-adsystem.com
7 image.excite.co.jp twinklesphotos.exblog.jp
image.excite.co.jp
7 www.googletagmanager.com twinklesphotos.exblog.jp
www.googletagmanager.com
dmp.im-apps.net
6 www.bing.com srcdoc
6 sin3-ib.adnxs.com srcdoc
adsdkprod.azureedge.net
6 gum.criteo.com 2 redirects pdn.adingo.jp
flux-cdn.com
6 ads.pubmatic.com pdn.adingo.jp
ads.us.e-planning.net
script.4dex.io
flux-cdn.com
6 imageproxy.as.criteo.net ads.as.criteo.com
6 creativecdn.com 6 redirects
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 sync.richaudience.com 1 redirects flux-cdn.com
sync.richaudience.com
5 us-u.openx.net 1 redirects twinklesphotos.exblog.jp
excite-d.openx.net
pdn.adingo.jp
5 ad.as.amanad.adtdp.com 1 redirects flux-cdn.com
4 www.temu.com 2 redirects twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
4 t.adx.opera.com 4 redirects
4 s.amazon-adsystem.com 1 redirects twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
4 rtb.openx.net 2 redirects flux-cdn.com
excite-d.openx.net
4 prebid.a-mo.net 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 client-side-metrics.as.criteo.net ads.as.criteo.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 cdn.browsiprod.com flux-cdn.com
cdn.browsiprod.com
4 hbopenbid.pubmatic.com flux-cdn.com
4 prebid-asia.creativecdn.com flux-cdn.com
4 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 blogger.googleusercontent.com twinklesphotos.exblog.jp
4 platform.twitter.com twinklesphotos.exblog.jp
platform.twitter.com
3 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
3 mug.criteo.com twinklesphotos.exblog.jp
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
3 pixel.tapad.com 2 redirects twinklesphotos.exblog.jp
3 match.prod.bidr.io 1 redirects twinklesphotos.exblog.jp
sync.richaudience.com
3 pixel-apac.rubiconproject.com 3 redirects
3 match.sharethrough.com 2 redirects twinklesphotos.exblog.jp
3 x.bidswitch.net 3 redirects
3 sync.im-apps.net cf.im-apps.net
3 sync.fout.jp googleads.g.doubleclick.net
pdn.adingo.jp
3 pdn.adingo.jp twinklesphotos.exblog.jp
securepubads.g.doubleclick.net
pdn.adingo.jp
3 api.btloader.com btloader.com
3 htlb.casalemedia.com flux-cdn.com
3 shb.richaudience.com flux-cdn.com
3 d.socdm.com flux-cdn.com
3 mp.4dex.io flux-cdn.com
3 cdn.jsdelivr.net flux-cdn.com
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
3 dmp.im-apps.net twinklesphotos.exblog.jp
pdn.adingo.jp
dmp.im-apps.net
3 c.amazon-adsystem.com image.excite.co.jp
c.amazon-adsystem.com
3 www.google-analytics.com twinklesphotos.exblog.jp
www.google-analytics.com
www.googletagmanager.com
2 cr-p20.ladsp.com 2 redirects
2 ap.lijit.com 2 redirects
2 ds.uncn.jp 2 redirects
2 uipapac.semasio.net 2 redirects
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 adsdk.bing.net adsdk.microsoft.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
flux-cdn.com
2 ssbsync.smartadserver.com script.4dex.io
2 adsdkprod.azureedge.net srcdoc
2 adsdk.microsoft.com srcdoc
2 aax-eu.amazon-adsystem.com 1 redirects twinklesphotos.exblog.jp
2 onetag-sys.com ads.us.e-planning.net
script.4dex.io
2 eb2.3lift.com 2 redirects
2 u-sin01.e-planning.net ads.us.e-planning.net
2 sync.e-planning.net ads.us.e-planning.net
2 csync.loopme.me 2 redirects
2 sync.1rx.io 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 dis.criteo.com 1 redirects 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
2 10208769.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 sync6.im-apps.net dmp.im-apps.net
flux-cdn.com
2 audiencedata.im-apps.net cdn.audiencedata.net
dmp.im-apps.net
2 image6.pubmatic.com cf.im-apps.net
ads.pubmatic.com
2 aud.adjust-net.jp pdn.adingo.jp
2 hrbh3.publishers.tremorhub.com 2 redirects
2 rtb2-useast.voisetech.com 2 redirects
2 pr-bh.ybp.yahoo.com 2 redirects
2 measurement-api.criteo.com ads.as.criteo.com
2 cat.jp2.as.criteo.com ads.as.criteo.com
2 ads.as.criteo.com googleads.g.doubleclick.net
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
2 rtb.sg1.as.criteo.com googleads.g.doubleclick.net
twinklesphotos.exblog.jp
2 sh.adingo.jp pdn.adingo.jp
2 ads.us.e-planning.net 1 redirects script.4dex.io
2 ab.dns-finder.com btloader.com
2 yield-manager.browsiprod.com flux-cdn.com
cdn.browsiprod.com
2 btloader.com flux-cdn.com
btloader.com
2 syndication.twitter.com platform.twitter.com
twinklesphotos.exblog.jp
2 md.exblog.jp twinklesphotos.exblog.jp
2 connect.facebook.net twinklesphotos.exblog.jp
connect.facebook.net
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 pds.exblog.jp twinklesphotos.exblog.jp
1 k.zucks.net j.zucks.net.zimg.jp
1 sh.zucks.net j.zucks.net.zimg.jp
1 i.adingo.jp pdn.adingo.jp
1 j.zucks.net.zimg.jp pdn.adingo.jp
1 ssum.casalemedia.com pdn.adingo.jp
1 sync-dsp.ad-m.asia pdn.adingo.jp
1 cdn.indexww.com ssum-sec.casalemedia.com
1 dynalyst-sync.adtdp.com 1 redirects
1 s.company-target.com 1 redirects
1 i.liadm.com ssum-sec.casalemedia.com
1 tr.blismedia.com excite-d.openx.net
1 cs.admanmedia.com 1 redirects
1 serv.ds.kakao.com 1 redirects
1 ad.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 excite-d.openx.net flux-cdn.com
1 js-sec.indexww.com flux-cdn.com
1 acdn.adnxs.com flux-cdn.com
1 penta.a.one.impact-ad.jp flux-cdn.com
1 u.openx.net 1 redirects
1 grid-bidder.criteo.com flux-cdn.com
1 ad.ad-stir.com flux-cdn.com
1 aladdin.genieesspv.jp flux-cdn.com
1 g2.gumgum.com flux-cdn.com
1 uipglob.semasio.net 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 rtb.gumgum.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 sync.mathtag.com 1 redirects
1 hb.trustedstack.com ads.us.e-planning.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 syncv4.intentiq.com twinklesphotos.exblog.jp
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 sync.a-mo.net twinklesphotos.exblog.jp
1 ups.analytics.yahoo.com 1 redirects
1 px.ads.linkedin.com twinklesphotos.exblog.jp
1 adservice.google.com 10208769.fls.doubleclick.net
1 image8.pubmatic.com ads.us.e-planning.net
1 id.a-mx.com 1 redirects
1 gw-iad-bid.ymmobi.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 gtracenep.admaster.cc 1 redirects
1 tg.socdm.com 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 api.id5-sync.com cdn.id5-sync.com
1 b.im-apps.net cdn.audiencedata.net
1 aid.send.microad.jp cf.im-apps.net
1 universe.send.microad.jp cf.im-apps.net
1 analytics.twitter.com cf.im-apps.net
1 bid.socdm.com 1 redirects
1 cdn.id5-sync.com pdn.adingo.jp
1 dsp.adkernel.com 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 pixelfnt-us.dsp-api.moloco.com 1 redirects
1 atb.im-apps.net twinklesphotos.exblog.jp
1 cdn.audiencedata.net www.googletagmanager.com
1 cf.im-apps.net twinklesphotos.exblog.jp
1 cdn.sx.adingo.jp pdn.adingo.jp
1 nidan.addlv.smt.docomo.ne.jp cdn.nidan.d2c.ne.jp
1 www.google.co.jp twinklesphotos.exblog.jp
1 analytics.google.com www.googletagmanager.com
1 sp.gmossp-sp.jp flux-cdn.com
1 script.4dex.io flux-cdn.com
1 js.api.nidan.d2c.ne.jp cdn.nidan.d2c.ne.jp
1 cnt.fout.jp dmp.im-apps.net
1 cdn.nidan.d2c.ne.jp flux-cdn.com
1 logging.exblog.jp twinklesphotos.exblog.jp
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 b.st-hatena.com twinklesphotos.exblog.jp
1 flux-cdn.com image.excite.co.jp
1 twinklesphotos.exblog.jp
0 www.facebook.com Failed connect.facebook.net
0 ep1.adtrafficquality.google Failed securepubads.g.doubleclick.net
0 dps.jp.cinarra.com Failed excite-d.openx.net
0 cs.nex8.net Failed excite-d.openx.net
0 pbs.yahoo.com Failed twinklesphotos.exblog.jp
0 www.google.com Failed googleads.g.doubleclick.net
492 192
Subject Issuer Validity Valid
*.exblog.jp
Amazon RSA 2048 M03		 2025-04-13 -
2026-05-12		 a year crt.sh
*.eximg.jp
Amazon RSA 2048 M02		 2025-01-09 -
2026-02-07		 a year crt.sh
*.google-analytics.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.excite.co.jp
Amazon RSA 2048 M03		 2024-12-28 -
2026-01-25		 a year crt.sh
*.g.doubleclick.net
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
flux-cdn.com
Certainly Intermediate R1		 2025-11-03 -
2025-12-03		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M04		 2025-10-20 -
2026-11-18		 a year crt.sh
*.twimg.com
R12		 2025-09-20 -
2025-12-19		 3 months crt.sh
*.b.st-hatena.com
Amazon RSA 2048 M04		 2025-07-23 -
2026-08-20		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
*.facebook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-08-17 -
2025-11-15		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2025-01-10 -
2026-01-10		 a year crt.sh
twitter.com
E7		 2025-10-13 -
2026-01-11		 3 months crt.sh
cdn.nidan.d2c.ne.jp
Amazon RSA 2048 M03		 2025-06-29 -
2026-07-27		 a year crt.sh
btloader.com
WE1		 2025-09-27 -
2025-12-26		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2025-04-25 -
2026-05-04		 a year crt.sh
*.browsiprod.com
Amazon RSA 2048 M04		 2025-10-14 -
2026-11-11		 a year crt.sh
*.fout.jp
RapidSSL TLS RSA CA G1		 2025-01-27 -
2026-02-25		 a year crt.sh
a.flux.jp
WR3		 2025-09-15 -
2025-12-14		 3 months crt.sh
js.api.nidan.d2c.ne.jp
Amazon RSA 2048 M02		 2025-07-01 -
2026-07-28		 a year crt.sh
ad-delivery.net
WE1		 2025-10-30 -
2026-01-28		 3 months crt.sh
*.doubleclick.net
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
ab.dns-finder.com
WR3		 2025-10-22 -
2026-01-20		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
script.4dex.io
WE1		 2025-09-11 -
2025-12-10		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M04		 2025-07-16 -
2026-08-14		 a year crt.sh
mp.4dex.io
WE1		 2025-10-16 -
2026-01-14		 3 months crt.sh
sp.gmossp-sp.jp
WR3		 2025-10-05 -
2026-01-03		 3 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2025-09-04 -
2026-09-30		 a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M01		 2025-11-05 -
2026-12-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2025-04-17 -
2026-05-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2025-02-20 -
2026-02-25		 a year crt.sh
casalemedia.com
E8		 2025-10-02 -
2025-12-31		 3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-19 -
2026-03-22		 a year crt.sh
*.adnxs.com
GeoTrust TLS ECC CA G1		 2025-09-25 -
2026-10-26		 a year crt.sh
api.btloader.com
WR3		 2025-09-23 -
2025-12-22		 3 months crt.sh
*.google.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.google.co.jp
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.smt.docomo.ne.jp
Cybertrust Japan SureServer CA G4		 2025-05-27 -
2026-06-14		 a year crt.sh
ads.us.e-planning.net
R12		 2025-09-08 -
2025-12-07		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
sx.adingo.jp
Amazon RSA 2048 M02		 2025-01-30 -
2026-03-01		 a year crt.sh
*.sg1.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-14 -
2026-01-10		 3 months crt.sh
*.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-11-05 -
2026-02-04		 3 months crt.sh
*.audiencedata.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-09-22 -
2026-09-21		 a year crt.sh
atb.im-apps.net
WR3		 2025-09-20 -
2025-12-19		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-16 -
2026-01-18		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-31 -
2026-01-28		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-03 -
2025-12-06		 3 months crt.sh
*.as.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-26 -
2026-01-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.adjust-net.jp
Amazon RSA 2048 M04		 2025-04-14 -
2026-05-14		 a year crt.sh
id5-sync.com
WE1		 2025-09-19 -
2025-12-18		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2025-10-06 -
2026-11-07		 a year crt.sh
b.im-apps.net
WR3		 2025-10-28 -
2026-01-26		 3 months crt.sh
audiencedata.im-apps.net
WR3		 2025-10-16 -
2026-01-14		 3 months crt.sh
*.e-planning.net
R13		 2025-09-08 -
2025-12-07		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
match.prod.bidr.io
Amazon RSA 2048 M02		 2025-05-17 -
2026-06-13		 a year crt.sh
adsdk.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2025-08-01 -
2026-02-01		 6 months crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 07		 2025-10-16 -
2026-04-14		 6 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
eu-1-id5-sync.com
R12		 2025-11-01 -
2026-01-30		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M04		 2025-08-09 -
2026-09-07		 a year crt.sh
adsdk.bing.net
Microsoft Azure RSA TLS Issuing CA 04		 2025-10-10 -
2026-04-08		 6 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 04		 2025-04-23 -
2026-04-18		 a year crt.sh
hb.trustedstack.com
R13		 2025-10-23 -
2026-01-21		 3 months crt.sh
u.4dex.io
WR3		 2025-09-13 -
2025-12-12		 3 months crt.sh
*.one.impact-ad.jp
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-16 -
2025-12-10		 3 months crt.sh
*.sp-adex-prd-eks-1.ggops.com
Amazon RSA 2048 M03		 2025-03-27 -
2026-04-25		 a year crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2025-04-07 -
2026-05-08		 a year crt.sh
*.ad-stir.com
Amazon ECDSA 256 M01		 2025-11-05 -
2026-12-04		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2025-08-12 -
2026-08-19		 a year crt.sh
*.a.one.impact-ad.jp
R13		 2025-09-16 -
2025-12-15		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2025-04-28 -
2026-05-29		 a year crt.sh
indexww.com
WE1		 2025-09-21 -
2025-12-20		 3 months crt.sh
*.temu.com
Go Daddy Secure Certificate Authority - G2		 2025-07-13 -
2026-08-14		 a year crt.sh
tr.blismedia.com
WR3		 2025-11-05 -
2026-02-03		 3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03		 2025-07-01 -
2026-07-29		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-10-30 -
2026-08-04		 9 months crt.sh
sync-dsp.ad-m.asia
R13		 2025-08-25 -
2025-11-23		 3 months crt.sh
j.zucks.net.zimg.jp
Amazon RSA 2048 M04		 2025-07-30 -
2026-08-27		 a year crt.sh
sh.zucks.net
Amazon RSA 2048 M03		 2025-01-31 -
2026-03-01		 a year crt.sh
k.zucks.net
Amazon RSA 2048 M04		 2025-05-09 -
2026-06-07		 a year crt.sh

This page contains 51 frames:

Primary Page: https://twinklesphotos.exblog.jp/33443971/
Frame ID: 89BE087207E52068E28A1E6DF22E31B2
Requests: 214 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Frame ID: A96DAD12B0CD77D86C4F4093633CE17C
Requests: 2 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5727730570625024&upapi=true
Frame ID: 6D9A0B8AE9666B913C21BE229E1BDFB6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 97F3156B6057C55C8661E0203473944A
Requests: 1 HTTP requests in this frame

Frame: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 3EF3C419C377FD8B010B0CDBD4E1F5DE
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
Frame ID: 26103558E11B3D8E2829B8A6A43CE589
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/zrt_lookup_fy2021.html
Frame ID: 7F63EF7DC25CFF0840E6230D99CFC7EC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&adk=433290209&adf=473226989&lmt=1762583951&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950747&bpp=13&bdt=632&idt=470&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6045712550791&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=490
Frame ID: 5AF5C8A4E1EC56312287458C34EE0C5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Frame ID: 9416E7A0DD04AA9B6846B2B3556FA1F6
Requests: 7 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: 5C3CFBCB7B21381F85556A8AA61CBE3D
Requests: 9 HTTP requests in this frame

Frame: https://pdn.adingo.jp/p.js
Frame ID: 4B762DA308B7A5C8E1F713765C9D42CD
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Frame ID: C3A5A26794BB4F345A2EBB9696D53F38
Requests: 2 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Frame ID: 865F771DF685AF620679D0EB6FB5CF45
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85ECCD3A9C152AA458D96A1054DBBB7B
Requests: 9 HTTP requests in this frame

Frame: https://cf.im-apps.net/imid/beacon.html
Frame ID: 506A42372756F823E95F6029D5C5F039
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Frame ID: F1701FD1209EE6DEBA62FDC9D238F6CF
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Frame ID: 4BB6D464987A6633E5A90F2D19630629
Requests: 20 HTTP requests in this frame

Frame: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 371D1CF10DFCA8C6BAB00890F68A8233
Requests: 11 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Frame ID: 188F6106F3EE187FCA5B2AC3F3CA332E
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 33FA40D034163C35757161929F064A78
Requests: 9 HTTP requests in this frame

Frame: https://10208769.fls.doubleclick.net/activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F
Frame ID: DE0468FCEDBF8914568C29632E8F4F0B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Frame ID: 4915CDD98BC81C634E25C298B97F3216
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4ae16427bb6d7c8e%26uid%3D
Frame ID: 8CD12FE2973E2248DD65393BF5A760E5
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 0426809969B18C514BE8FF605ECC685C
Requests: 1 HTTP requests in this frame

Frame: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 4B82E11C14542AE5109DBE78684AABD1
Requests: 10 HTTP requests in this frame

Frame: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 8D2DEAD4DF5FE6BCA857269D7E01B277
Requests: 10 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 32DABBB92F2509E903D1AEEA5B049BBC
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 80C7D0F65F419D4AB662D0BD579EEDCF
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: EEA566E27612169E41EF1FF815BB5C8E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: EB18691D254D077E07149BFD05696182
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: AD88BD57805EFCEF685604977F949FA6
Requests: 6 HTTP requests in this frame

Frame: https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D4ae16427bb6d7c8e
Frame ID: 9E33F1DA7EE1BEAEEBD139873E9ADAD3
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&it=adg-pb-clt&uid=AEUxg6q1TVt7Xcv9
Frame ID: 88DBBA620C7B068D8F81DEF55A9B39FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 04824E4F8E7595EC598EAEF804854142
Requests: 4 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: D4FA88D3E0EBC5236F34CCFF44D66965
Requests: 6 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 46B3AA69745CA4496E868F35F521D4D8
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=106%2C104%2C7%2C168%2C2%2C116&lac=true&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 22C62146A8CF4C70C76C4AF272B70DEF
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 70AD34FB3AB97C435863537D0B0CA673
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 5C095BC5522C3DC38A03653714C74798
Requests: 1 HTTP requests in this frame

Frame: https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Frame ID: B0B204BC2589063762606B2346D793BE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 07C6F02B880A109F6447EC4F0E86A46D
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=twinklesphotos.exblog.jp&gpp=
Frame ID: 5866EFBAACE5592987707A74DCD81061
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A7FA3BDCE2056DEFCFFC402E50905DAE
Requests: 1 HTTP requests in this frame

Frame: https://excite-d.openx.net/w/1.0/pd
Frame ID: 178BDB20F882E30E3F3B3425E61B49AB
Requests: 7 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1915437078&rd=1
Frame ID: E4B1D55E36CC78EF4C459F4F658A1562
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Frame ID: 1C0E7A383BC6FD41DC28BCA7599E2927
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: B9D367281EA9D26CDB8C1D0042000230
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHqqwAyR1FiYEohMkGXRFJMEM63qCAf3QEfPIIY2AHfs5tNRNYImVncAGWDMicmdfla_jKTOu8yjh2VS6707j-yNMwArWBsixXnVqvFs3YztVE4L7vDMaaDOQeC6iR7dKjo_j3Z5mZpdKB526_9Ot7IJIPLY4K6EDR6PnaEzL6lzeNX_fJJaAGfqql65Lhstc48Z7ZO7gx_czVJ-cvoa9gXAsH_mac5F02tF97YvKoQF1qliyrJAYi6Qryjplb8JC9V2sPrk-Q_Pn4e76HQ51P7lUtwdK8k5Lftig1lA-TETgWWx0FkXFIHdHkMdXaumM5URxncFAc6Jphw4U0E-iwQLpoPVPp2gMhzVn_xBSRMln-OjrSeEEs0-_zuKuG0usK8pyOGz_rwhL4sNfwvn5svU9vnQlBfLrH5r4A3cVDWOowIY_823zvzyzlgQ5EOd4&sai=AMfl-YTZAxSw50Wp-H70DW2Hf4j4FzDzybqJQDvIhYEsHPsiIpF-4mGVkqF44C4CEzjVu-P3O0KOpVl-h0882EvinclXe52BALyV1fbJWklUYE2HPpaALrD2oPR3a9GwOc9w1tc6FrzPXf6lj3PYJxf-E6AxfiTbgEkbB8WcmUcHau95my4u02j7lhgXIWwIEVInhS8N3QZKowNSpCue2wzTW4fId1rY8AUHneyKWefgJk_61rMmQdfohd5hoc4n4OpEKyBOLA&sig=Cg0ArKJSzKufoNsvxlnFEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 34040D74197E08A22206F21268B94964
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Frame ID: ED35ACBC9CA9841FE557CE02C1833ADB
Requests: 2 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=193191&cb=https://cs.adingo.jp/sync/%3Ffrom%3Didxex%26id%3D
Frame ID: 883462303005D14B2CCACBFE69B75CB0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfedc30519a303ff07%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ffc2441671e9515da7%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&layout=button_count&locale=ja_JP&sdk=joey
Frame ID: 614212685C8598E3C3C82C5A078C8F02
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

What are ESG Cryptocurrencies? : TWINKLES

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

492
Requests

82 %
HTTPS

23 %
IPv6

105
Domains

192
Subdomains

136
IPs

12
Countries

13176 kB
Transfer

20701 kB
Size

177
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279398&cb=36295821122&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=4aa58906817443&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=36295821122&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=4aa58906817443&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 102
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279400&cb=66407134615&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=34badef6af501ef8&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=66407134615&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=34badef6af501ef8&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 113
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279402&cb=97967259818&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=540e4dd796c7d638&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=97967259818&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=540e4dd796c7d638&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 135
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=PuSwx3byyDBmcMZub-cECvpOlrwQxEM0godqdPydZCQ&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 136
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Request Chain 176
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH5ly4mqwNoNVSibhs6lYxo&google_cver=1&google_push=AXcoOmQFDueSrfBj1-I_QbuFr3cj0dCWkYPApRsycF1iK7LG6ty6OqzN9kiafXbTepL7f4ldbY5uY-pBVRAXXnExVztUyWo2DZ52jO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFDueSrfBj1-I_QbuFr3cj0dCWkYPApRsycF1iK7LG6ty6OqzN9kiafXbTepL7f4ldbY5uY-pBVRAXXnExVztUyWo2DZ52jO4&google_hm=eS1TdnVUVWVkRTJwRzZvVERvaDgwSkJpeWowMk1DSmExYn5B
Request Chain 177
  • https://pixelfnt-us.dsp-api.moloco.com/v1/cm/adxpm?google_gid=CAESEKl8Kfa2xAfaL5DGo7J_-4Q&google_cver=1&google_push=AXcoOmRHIr0b-ACFmnrz0RZni6w1yVVwg3vj7IlSS2H9RvTOmvfTBN1RuOrMf9B0MqRVULa9hAV-oXRmpT5P4raRVc3n92OIhKVNzLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=moloco_ads&google_hm=v8auusqkQB2b2XMbh-8CtQ&google_push=AXcoOmRHIr0b-ACFmnrz0RZni6w1yVVwg3vj7IlSS2H9RvTOmvfTBN1RuOrMf9B0MqRVULa9hAV-oXRmpT5P4raRVc3n92OIhKVNzLw
Request Chain 178
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_3V0YHBSYLxQ-b8ApIqmHcx9Q-gfERLqqnq5cD7w HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_3V0YHBSYLxQ-b8ApIqmHcx9Q-gfERLqqnq5cD7w&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_3V0YHBSYLxQ-b8ApIqmHcx9Q-gfERLqqnq5cD7w&tc=1
Request Chain 179
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVviGbY0-ZsRRdIJAHthtXfUwtE-YMh2JViDDFdwRh HTTP 302
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVviGbY0-ZsRRdIJAHthtXfUwtE-YMh2JViDDFdwRh&tc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVviGbY0-ZsRRdIJAHthtXfUwtE-YMh2JViDDFdwRh&tc=1
Request Chain 180
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKyi5YCkTYeySKzizuBjVzA&google_cver=1&google_push=AXcoOmQ5mNNwzCaP4Qi6bBM1nVI97vVhMkbyTUSTKVcqHJ12ss0aBNuPZPS5XewFIR-iJmJfdGZr8RhgYGBpE9nAZeaoCPKMJ8uy_vzt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQ5mNNwzCaP4Qi6bBM1nVI97vVhMkbyTUSTKVcqHJ12ss0aBNuPZPS5XewFIR-iJmJfdGZr8RhgYGBpE9nAZeaoCPKMJ8uy_vzt
Request Chain 181
  • https://rtb2-useast.voisetech.com/sync?exchange=1215&google_gid=CAESEHsoI45GxNMMZ6PgHXvV2PU&google_cver=1&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGlIHZSB26qZXtA4yQMnyjiUi HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.voisetech.com%2Fsync%3Fexchange%3D1215%26google_gid%3DCAESEHsoI45GxNMMZ6PgHXvV2PU%26google_cver%3D1%26google_push%3DAXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGlIHZSB26qZXtA4yQMnyjiUi HTTP 302
  • https://rtb2-useast.voisetech.com/sync?adkuid=A4850442030796439405&exchange=1215&google_gid=CAESEHsoI45GxNMMZ6PgHXvV2PU&google_cver=1&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGlIHZSB26qZXtA4yQMnyjiUi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=voise_tech_limited&google_hm=QTQ4NTA0NDIwMzA3OTY0Mzk0MDU&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGlIHZSB26qZXtA4yQMnyjiUi
Request Chain 192
  • https://x.bidswitch.net/sync?ssp=fluct HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fluct HTTP 302
  • https://cs.adingo.jp/sync/?from=bidsw&id=acc09442-dbda-4440-8b05-7d5813474fe6
Request Chain 194
  • https://us-u.openx.net/w/1.0/cm?id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
Request Chain 195
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=fluct&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Request Chain 196
  • https://ad.as.amanad.adtdp.com/v1/sync/ssp?ssp=5 HTTP 303
  • https://cs.adingo.jp/sync/?from=aja&id=s2suidlFuzKsHuVUT6xdcsDvxj_A6wSGCNCm4TzseVA5cYCgpoJwGT2Zb7NaPqn9mKRA4sNagGA1
Request Chain 197
  • https://hrbh3.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D HTTP 302
  • https://hrbh3.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D HTTP 302
  • https://cs.adingo.jp/sync/?from=magnite&id=a987283e396f463091dd9275008c0f2b
Request Chain 198
  • https://y.one.impact-ad.jp/tbs_cs?callback=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dp1%26id%3D%24UID&ex=p1.com HTTP 302
  • https://cs.adingo.jp/sync/?from=p1&id=30a3fe2e-86d0-48a5-b28e-d04e35c11d22
Request Chain 199
  • https://cs.adingo.jp/adx/go/?nid=fluct_eb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbe01e22ad73cc152c485adc199d4732
Request Chain 200
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
  • https://cs.adingo.jp/sync/?from=tdid&id=e310444e-8519-409a-883e-3e55081e4e6a&ttl=1765175951
Request Chain 205
  • https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&t=.gif HTTP 302
  • https://cs.adingo.jp/sync/?from=scaleout&id=aQ7lj8Co8IoAAE8c1YAAAAAA
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm HTTP 302
  • https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESECJEjOtU5EEXEq9t3dGgf-A&google_cver=1
Request Chain 210
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1 HTTP 302
  • https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=e310444e-8519-409a-883e-3e55081e4e6a
Request Chain 240
  • https://ad.doubleclick.net/activity;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CKmI5_L44ZADFUJ2DwIdpCwuQw;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F
Request Chain 241
  • https://10208769.fls.doubleclick.net/activityi;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F HTTP 302
  • https://10208769.fls.doubleclick.net/activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F
Request Chain 248
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEeN8Aue0Ie_J_xy5yEJgyg&google_cver=1&google_push=AXcoOmSAfsQK6cR3fr0m7_UYV36wy2NGkk9vjk_RUbX_7aONfhVssxvWrw5A8l1Pj8bKA6uR75G3IPP6fYRrVnkyFypKqlrWay4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zYFYeEA7RykQ7UMdlcz0Ng&google_push=AXcoOmSAfsQK6cR3fr0m7_UYV36wy2NGkk9vjk_RUbX_7aONfhVssxvWrw5A8l1Pj8bKA6uR75G3IPP6fYRrVnkyFypKqlrWay4
Request Chain 250
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB0wHiq0Q6akkIjYGFAxoNU&google_cver=1&google_push=AXcoOmRfXO5JhrxYg0g1x5uV6kB-Lqt-jQbsJZ5sKNPQ9IQvPwZ6XJ7ELUG_Tstw4FjthZ5uvZcEIxdpHC3XWgpQwdbmRi21GA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3F4qtkgCXkBiNGYglJBs35JGyYc&google_push=AXcoOmRfXO5JhrxYg0g1x5uV6kB-Lqt-jQbsJZ5sKNPQ9IQvPwZ6XJ7ELUG_Tstw4FjthZ5uvZcEIxdpHC3XWgpQwdbmRi21GA
Request Chain 251
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESELTONHNadnuhEsJZeLi5F7c&google_cver=1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1762583952273 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-c61e77dc-74f9-4e20-aeb1-11dba61f495d-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU%26google_hm%3DBMYed9x0-U4grrER26YfSV0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU&google_hm=BMYed9x0-U4grrER26YfSV0
Request Chain 252
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECvXi-e_DGJyhVB2PijtNZ8&google_cver=1&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqGxLq9jwTj_qakw0Po54X6KM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqGxLq9jwTj_qakw0Po54X6KM&google_hm=YVE3bGo4Q284SW9BQUU4YzFZQUFBQUFB
Request Chain 253
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEEXLFutw_CbKZv-2u7U9NHE&google_cver=1&google_push=AXcoOmRc7H5s67vlGjs9V0_L4rw5RkHXn5e9lFqovMfukFNqesXu3Jis3hsdws_pU2jBiPmA7125gkZLKGtnnXve2fxib9eJT1c HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=0e8457b0-549d-4cc2-abeb-bd1bd8125c14&google_cver=1&google_gid=CAESEEXLFutw_CbKZv-2u7U9NHE&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRc7H5s67vlGjs9V0_L4rw5RkHXn5e9lFqovMfukFNqesXu3Jis3hsdws_pU2jBiPmA7125gkZLKGtnnXve2fxib9eJT1c&gdpr=${GDPR}
Request Chain 254
  • https://gtracenep.admaster.cc/ju/cs/google?google_gid=CAESEBrxW6pQQzNrZGWl_hGUtgQ&google_cver=1&google_push=AXcoOmSdeVFq7lFobpD-VBicw-klR--4-1wEXHsAB3rSaz-3Xk-guaZk9jEkkOiG7VhWLY9L5RPArXj0ujpsLdt62WTndno0ndzL HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSdeVFq7lFobpD-VBicw-klR--4-1wEXHsAB3rSaz-3Xk-guaZk9jEkkOiG7VhWLY9L5RPArXj0ujpsLdt62WTndno0ndzL&google_hm=05a3810ea5c7658b29xhv300mhpwz5tj
Request Chain 263
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=29e0fafc-334f-4ab8-a703-99e21489b574&dc=769fefa8321c94fb&iss=1
Request Chain 264
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D4ae16427bb6d7c8e HTTP 302
  • https://u-sin01.e-planning.net/um?uid=ym_user_38e58593-3f07-4fd6-b0c0-d152d39b897b&dc=dbfd729d40c9c3fc&fi=4ae16427bb6d7c8e
Request Chain 265
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26fi%3D4ae16427bb6d7c8e HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/0/34512?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&bidder=openx&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%3D%3D&uid=f839d844-5bc7-403a-9603-277691c117f1 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&F=0 HTTP 302
  • https://prebid.a-mo.net/cchain/1/34512?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&bidder=amx_com&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%3D%3D&uid=a4d458aa-c7ea-40bc-b095-a2053fd9c626 HTTP 302
  • https://eb2.3lift.com/getuid?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Dtriplelift%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/2/34512?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&bidder=triplelift&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%3D%3D&uid=4686390697529908047944 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D%23PMUID
Request Chain 266
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4ae16427bb6d7c8e%26uid%3D%24UID HTTP 302
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=4ae16427bb6d7c8e&uid=3458273064371662731
Request Chain 274
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Request Chain 290
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=fluct&khaos=MHPWZ5LU-19-H8C6 HTTP 302
  • https://cs.adingo.jp/sync?from=rubicon&id=MHPWZ5LU-19-H8C6
Request Chain 303
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=12186&khaos=MHPWZ5LU-19-H8C6 HTTP 302
  • https://sync.e-planning.net/um?uid=MHPWZ5LU-19-H8C6&dc=9bcc91305985f0db&iss=1
Request Chain 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MHPWZ5LU-19-H8C6&ex=d-rubiconproject.com&status=ok
Request Chain 308
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDE2OTA2NjA2OWY2YjA0ZGQ0MWMzM2Y5ZGQ5ZjM5MTg4YjI1OWUxYg
Request Chain 309
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e310444e-8519-409a-883e-3e55081e4e6a&gdpr=0&gdpr_consent=&expires=30
Request Chain 310
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpBVRjEV9J_VjRtzkF7xGE&google_cver=1
Request Chain 312
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPWZ5LU-19-H8C6
Request Chain 313
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 314
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUhQV1o1TFUtMTktSDhDNg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUIN824dyXBAFjZsDUC70o&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQV1o1TFUtMTktSDhDNg==&google_push=
Request Chain 315
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=n_lMc-oxHRdmk_am2o4ahsn5EUdSAgOZEtemQ7w0kco&csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yw7zhxNE2oIrXBQKsLjO64KP19vHEtTRFU.PQA--~A
Request Chain 317
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange HTTP 302
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
Request Chain 318
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MHPWZ5LU-19-H8C6 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MHPWZ5LU-19-H8C6
Request Chain 319
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
Request Chain 320
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=MHPWZ5LU-19-H8C6
Request Chain 321
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MHPWZ5LU-19-H8C6 HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPWZ5LU-19-H8C6 HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPWZ5LU-19-H8C6&ckls=true&ci=bE0uK3jJEt&nc=false&trid=1371672673
Request Chain 322
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHPWZ5LU-19-H8C6
Request Chain 361
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTU1OTI3MjQ2NzI1ODM5NjQyNA==&gdpr=0&gdpr_consent=
Request Chain 362
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329a690e-e591-4400-be41-554bb8e87b08&gdpr=0&gdpr_consent=
Request Chain 363
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b984b7cb30
Request Chain 364
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=de65bf13-ecfc-47f7-8942-73716319e686&gdpr=0&gdpr_consent=
Request Chain 376
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 378
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=be2ca9f4e5b0d175d57f07adc644fd
Request Chain 382
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTU1OTI3MjQ2NzI1ODM5NjQyNA==&gdpr=0&gdpr_consent=
Request Chain 383
  • https://t.adx.opera.com/pub/sync?pubid=pub10682794419520&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=c4761457d3f6f802&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10682794419520%26gdpr%3D0%26consent%3D%26us_privacy%3D HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub10682794419520&gdpr=0&consent=&us_privacy= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=163&partneruserid=OPU5fd303c2c5024b089743bbcd127d2f6c&gdpr=0&gdpr_consent=
Request Chain 384
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=MTqnzdoMwusI&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 385
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=160&partneruserid=1&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MTU1OTI3MjQ2NzI1ODM5NjQyNA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESENiYv-kafKmzXD34E-kANso&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 386
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=MHPWZ5LU-19-H8C6 HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
Request Chain 388
  • https://id5-sync.com/i/1159/8.gif?o=api&id5id=ID5*xcOjSkZrnZVPBXJKh2ktleiJBCHb6h0zD0lTUUzosVj__2kO5ZFaAAEBCmkO5ZEAYDwMMNDA2grw-hc4-UWe_w&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/108/7/2.gif?puid=55de9787-cfa7-4e81-9259-60bd5a82580e&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F441%2F6%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/441/6/3.gif?puid=a_1caaf9a0-45d9-4efc-a945-3bd3d28b0bd6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1159/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/2/5/4.gif?puid=3458273064371662731&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=e310444e-8519-409a-883e-3e55081e4e6a&ttl=%%TTL%% HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F821%2F3%2F6.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 307
  • https://id5-sync.com/c/1159/821/3/6.gif?puid=0e8457b0-549d-4cc2-abeb-bd1bd8125c14&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid=ID5-10cbsphdvbv2smJzmu29HHrECS8Z3Rv7upN5uBtxcA&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=MHPWZ5LU-19-H8C6&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/1/8.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/19/1/8.gif?puid=cb364714ad7c1fe5f69f492647f0b47d&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipapac.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F112%2F0%2F9.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1159/112/0/9.gif?puid=E4D58F743C71325E&gdpr=0&gdpr_consent=
Request Chain 409
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26it%3Dadg-pb-clt%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&it=adg-pb-clt&uid=4ded531e-3530-411b-b126-da44cb18dc94
Request Chain 410
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 418
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&domain=twinklesphotos.exblog.jp&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ejeC-HxHS3NRcStUQjlUVkxyMUhQUEdMWmJ4NkhXZUM1KzdkYXI0dmxHQmhzcityb2VwbjgrUm1iNENZRFlHelh0L1FKL3Q3THAwdHpNMFl6Q0lRTlBFaTZ0eTg2c1hyb3dvUkxhV0VSbWQ2T1hiNm9SRG8rVE9YdXhycXp2aU5QRDVkNXBXcmFlQjAxQnB1VDkvZ05Oc0NNSDFsRWpSSmFOWkI4V0F5citVN0NSKzQ2d0Fjd0NHVlFJTjJONTlXQkphOFZvdkYybUIwWi9Zcmhnd3Q3N2dlTjVoeTB6bko1MGJSYnZHZ29LaGdHV2srb2xyeTJRU0gxRzBLYnZmWENObERKeTBUemQvWVoyTUtXajlpRFVuSTh6V3ZVaTVkQmlZOHREOC9mWE81Z3dhd1N1ZVd0ckVBMCtRQWR3ckFrYnFsYkVkeTk2NGFENkgyeUdvSnV5QTBCTFE9PXw&cppv=2
Request Chain 420
  • https://y.one.impact-ad.jp/push_sync HTTP 302
  • https://ds.uncn.jp/yo/0/sync_push HTTP 302
  • https://y.one.impact-ad.jp/cs?d=307&uid=v_a177baf6-cdf9-436b-809b-7d87a8bea905&tg=2&et=30&r=no HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 425
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1915437078 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1915437078&rd=1
Request Chain 429
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=twinklesphotos.exblog.jp&sn=ChromeSyncframe&so=0&topUrl=twinklesphotos.exblog.jp&topicsavail=1&fledgeavail=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=2FlREXxweW04blc1VnpDdG5HeUUvbHl2Mm5qc2MyNkJQZ3E4M0ROdU9NQTVTM1dubVAwQTZEczVDZG5oTEUwazFMTWVjZmRZYnJYY1JUVEgrem4zK1JrSGNxS3NwbmlYczBhTXJlTHZaZjZPWVI0TDhER2J1bVlnNCtEVmRRaHVxS3BEUTVRUFhhZzdZYnFvU0dOY1dXS1AwcUdqa3BXK2Rza01jS2FSa0tXcUdZcG9DVVJtRVlCWHQxR0JscEdLd3BES1FGT2RBdzQyV1QwendSL3B1R3pBVnJHYisyU1hsUmJXMTE4aW9sOW9ZKzlseCtHTnZZWkk2Wk0zV3ZDcWsrS09zVC8wVjgxVkpDSy9xUDFJZzFsVEtRMFRKSGJlankwRElLZ2EzbHhxNVYwdWRLTzFuaCtYU2wvTXg2UVVHbzFwMFErckE5YTNXcFVzMTNpeWpKMWVyaHc9PXw&cppv=2
Request Chain 430
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 431
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=nxxNYF9EanU4WGY5a3FxTEpKVTJMemZNRGZObFNick5MSVNsSTR0clZzR0w5cm9VJTNE&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-1MAzMX7YvA2vndvEwjiV5aXqXq_gIFMcYSVLJg HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=nxxNYF9EanU4WGY5a3FxTEpKVTJMemZNRGZObFNick5MSVNsSTR0clZzR0w5cm9VJTNE&u=acc09442-dbda-4440-8b05-7d5813474fe6
Request Chain 432
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dqsM3JV9Cd29DbndjRlZGclozUFFESHRXUWIxZ1JOTkZVZWdMaFolMkZOTDdSbVJrZHclM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=qsM3JV9Cd29DbndjRlZGclozUFFESHRXUWIxZ1JOTkZVZWdMaFolMkZOTDdSbVJrZHclM0Q&u=3458273064371662731&gdpr=0&gdpr_consent=
Request Chain 433
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-1MAzMX7YvA2vndvEwjiV5aXqXq_gIFMcYSVLJg&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d_pE2Ul9jc21PYW9Ma2t1ZnclMkY2ekl3TFJ6eXQzbTB0WGRhRWpycGpaR2FGSTJEN3MlM0Q%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=_pE2Ul9jc21PYW9Ma2t1ZnclMkY2ekl3TFJ6eXQzbTB0WGRhRWpycGpaR2FGSTJEN3MlM0Q&u=CAESEHWXLIBhDHpRb_WMjr9EpPk&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 434
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=2602988328601735650
Request Chain 435
  • https://ds.uncn.jp/mg/0/sync_push HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_a177baf6-cdf9-436b-809b-7d87a8bea905
Request Chain 436
  • https://serv.ds.kakao.com/adx/criteo/sync-uid?redirect_uri=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dxI7lHV9ucDVkQSUyQmtVbGFGWmolMkJGckI4cU13Qko3blVuVFcwbUU1WVl1djIxbUx5QSUzRA%26x%3d491%26u%3d%24%7bDSP_UUID%7d%26age%3d%24%7bCOOKIE_AGE%7d HTTP 307
  • https://ssp-sync.criteo.com/user-sync/match?p=xI7lHV9ucDVkQSUyQmtVbGFGWmolMkJGckI4cU13Qko3blVuVFcwbUU1WVl1djIxbUx5QSUzRA&x=491&u=3f988e2005da4a36a932af02893eeff8%3B1762583955131%3B&age=365
Request Chain 437
  • https://cs.admanmedia.com/e805be652c9053b8f771665f0ac3c361.gif?puid=k-1MAzMX7YvA2vndvEwjiV5aXqXq_gIFMcYSVLJg&redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3du-VRmF9nT3V5dFpPejZmNGNlWEpHSmRrME95RyUyQjRxaHdvMFIlMkJUcUU5VHU4RlF5cyUzRA%26u%3d%5bUID%5d&gdpr=0&gdpr_consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=u-VRmF9nT3V5dFpPejZmNGNlWEpHSmRrME95RyUyQjRxaHdvMFIlMkJUcUU5VHU4RlF5cyUzRA&u=f7d27ba8-030a-4888-9fc8-b78bd8cd6c1e
Request Chain 438
  • https://t.adx.opera.com/pub/sync?pubid=pub13186530141056&gdpr=0&consent=&us_privacy=&gpp=&gpp_sid=&custom_data=rtdzrl9GaWJwMjU2aFlRbWtoTDhGV2FzbXZvVDBoNlBNMSUyRlowRkVaTUNjJTJGTjA5SSUzRA HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=c4761457d3f6f802&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub13186530141056%26gdpr%3D0%26consent%3D%26us_privacy%3D HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub13186530141056&gdpr=0&consent=&us_privacy= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=${REDIRECT_ENCRYPTED_PAYLOAD}&u=OPU5fd303c2c5024b089743bbcd127d2f6c
Request Chain 440
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=HrHdt0veyv0b-6vUw4Pvxg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 442
  • https://pr-bh.ybp.yahoo.com/sync/openx/552031cf-72f4-e19a-cc58-f196efcd1835?gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073025&val=y-2ST6Z2hE2p9r6KZgs2OIN63tzYiTLjM7Tgk-~A
Request Chain 443
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=3F4qtkgCXkBiNGYglJBs35JGyYc&gdpr=&gdpr_consent=
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aQ7lkhdaREcAMlsmD1jC_QAAFQQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEQn2sklao8lGhSCM2T6xNg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESEEQn2sklao8lGhSCM2T6xNg&google_hm=aQ7lkhdaREcAMlsmD1jC_QAAFQQAAAAB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
Request Chain 447
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aQ7lkhdaREcAMlsmD1jC-QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnjZeOrB6vr8iRJcgLa5cs&google_cver=1
Request Chain 450
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1778222354&external_user_id=04859ae0-5229-42b0-a1d1-f269a13f5d54
Request Chain 452
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e310444e-8519-409a-883e-3e55081e4e6a&expiration=1765175954&gdpr=0&gdpr_consent=
Request Chain 453
  • https://dynalyst-sync.adtdp.com/cookie/sync?pid=43 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=216&external_user_id=16371243-cd25-43ba-a60d-7d10189bfc31
Request Chain 459
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=LotPALZHhgqKqY0aQx2Z-eC8
Request Chain 460
  • https://match.sharethrough.com/universal/v1?supply_id=mmnOOyXZ&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/6ccbc109824ae3014a36fd8993cc151d/?uid=29e0fafc-334f-4ab8-a703-99e21489b574&gdpr=0
Request Chain 461
  • https://match.prod.bidr.io/cookie-sync/richaudience?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/richaudience?gdpr=0&gdpr_consent=&_bee_ppp=1
Request Chain 462
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=e310444e-8519-409a-883e-3e55081e4e6a&gdpr=0&euconsent=&domain=sync.richaudience.com
Request Chain 478
  • https://cr-p20.ladsp.com/cookiesender/20 HTTP 302
  • https://cr-p20.ladsp.com/cookiesender/20?cr=true HTTP 302
  • https://cs.adingo.jp/sync/?from=logicad&id=AQ1V4A8x818tks8AKPLWGYIk8s8AAAGaYjDMtQ

492 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
twinklesphotos.exblog.jp/33443971/ 		61 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.111.8 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-111-8.ap-northeast-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
81984b988cc7dec2bf4f8dd65619117415ae2fa3b0a9bbd3d6f631958ad69e23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:39:10 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/7.1.33
jquery-1.11.3.min.js
s.eximg.jp/exblog/user3/library/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/library/js/jquery-1.11.3.min.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"f03e5a3bf534f4a738bc350631fd05bd"
x-amz-version-id
732s9xuGyB4xP.JlD9YbV0LDsuHxAABF
age
5671
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
WmeeZwhIhvqnap0DxOUJIK6gEg8bx8LTN7AHKCqzKtgVeuVkSKx2Tg==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog.js
s.eximg.jp/exblog/user3/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/exblog.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85959bc05ec04039dce0b3063238c0ba830761ab00ec7084d416c87ca8907738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"7da5f8b7eebc56ea75792432592db35d"
x-amz-version-id
17bW7urhYnPlLfwzL5Ez52s0fqXynhn1
age
5671
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
W7rdIcikk9er_LqHjuujxZ2CMpQ3-3QkhYlpXegpJqe4dvTfuCGoRA==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
jquery-cookie-1.4.1.min.js
s.eximg.jp/exblog/user3/library/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/library/js/jquery-cookie-1.4.1.min.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"4412bf8023109ee9eb1f1f226d391329"
x-amz-version-id
mtZNv6ObwvsP6NZhpfPdfgUaHdnETGJU
age
5671
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
GzDo0Rq2UdO5UWPcSHF7pRIJMJQkkCZjvcuYzHlSZ9vdj250ey3IiQ==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
jquery.inview.js
s.eximg.jp/exblog/user3/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/jquery.inview.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333012005cd5b3a4a127f3418a3e573111de891dcd221d62b92697fb0dea868a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"d22188e69538818dc40df96cf2726c98"
x-amz-version-id
E9Heb0avEcrFMhulU163hvxR9.e31O_Z
age
5671
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
rSohz_hNyRvSEWqZgUududppuZeafdNgcSfY94d1b-poMOVx88VHGQ==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
app.js
s.eximg.jp/exblog/user3/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/app.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b8575a49854fbbcd1ab2fa83512644e78406d7cf3e9c605e00a2b7f3c76e09e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"e0369fd622f6883624d34dc34c42f340"
x-amz-version-id
Kw3Sw6m1QcNdhyjKzPpN7HXH9Ul72baM
age
5670
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hbBBFsjptfCJ1Rx2icVQ4oRN-YRcIW983Tuj0QieVhRudWngG0r0zA==
date
Sat, 08 Nov 2025 05:04:41 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
htmx.min.js
s.eximg.jp/exblog/js/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/js/htmx.min.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc57ba0e655504d282bb6ec1c3d89240cde9f2ce1c393d5b38a95c5bc6da875

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fda0965a21d4f1da88c0f429c5983923"
x-amz-version-id
UVuIrEucp1VtPHoj2N_WDdogqM9zc41O
age
68082
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
eMaPr1sENcbI8sMvDCg3nOg3xezDpo1EKFXoOS4tYHvd98QrFK41nw==
date
Fri, 07 Nov 2025 11:44:29 GMT
content-type
application/javascript
last-modified
Fri, 29 Aug 2025 07:38:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
alpine.min.js
s.eximg.jp/exblog/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/js/alpine.min.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"382e629b180f49ed81f57b3025b9497c"
x-amz-version-id
zIiwsuJ5fTBLkGtt_5pjpDm3QeqEkNxB
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
WgsYKrzBMStHFFPLv1eeYxzuZv8VnO6KF-W-XPhV7yHAV9wx9NTKwA==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
application/javascript
last-modified
Fri, 29 Aug 2025 07:38:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog.profile.v2.css
s.eximg.jp/exblog/user3/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/exblog.profile.v2.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9d32e10eedfd0caeb9078619591824bb16d49f7a7fd48db978d4722d77df7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"bb36afcc86abf89a6a5ede128a59e56a"
x-amz-version-id
iMRUSQ38NkoCuBUUz4LzajoxKgw8IqAL
age
5668
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
jh0HvpLBtOLS55LDVQl9M34LrYGVKvhd8OSYBghaz_fqVEOp_b2e0Q==
date
Sat, 08 Nov 2025 05:04:43 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
age
200
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:35:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:35:50 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
js
www.googletagmanager.com/gtag/ 		419 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f8544d9a12429c1a3c3562126fd01c68fc232c9f18e1d3140a1e705c6ab5fe02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:39:10 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145513
date
Sat, 08 Nov 2025 06:39:10 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
pc_blog_interstitial.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_interstitial.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88be574e0c528801a7136fe617c4addca09a980d1ce6d3c168a3cd93e829087e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"cc45d04f3bf9c397da3fb29f8bf87a44"
age
2606
via
1.1 71345e3124da3b46c114e891ef1fe152.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1ohaXvNvDkmYHtSWsmu9hj6YeNJJk0_J_7VdOP3-Epm3IGlTVC6kOg==
date
Sat, 08 Nov 2025 05:55:45 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Mon, 28 Apr 2025 04:26:16 GMT
x-amz-server-side-encryption
AES256
pc_blog.js
image.excite.co.jp/jp/ox/gpt/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0bbbb58003463134857d74b642aae70b80b3b3c7fc7925c31e3377da092cd0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"c7651bade94a8f849290ed7573709ab2"
age
2664
via
1.1 71345e3124da3b46c114e891ef1fe152.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
bdvcfO4O3wlV-IKAcX61Me23-LA_b89rFslxZHRoiOXJXjmf-N53lw==
date
Sat, 08 Nov 2025 05:54:47 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 29 Oct 2025 06:09:37 GMT
x-amz-server-side-encryption
AES256
exblog.css
image.excite.co.jp/jp/ox/gpt/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/exblog.css
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fe35a9faa667b765290de5ccc3d72389fe061f1972b9897725f4bb7ebe7f364

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"b46e5a315373ffc27505d3c6f852d137"
age
2727
via
1.1 71345e3124da3b46c114e891ef1fe152.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
YyZsAjdJ9RoLTuBYcMdF5uMOeqgiD4LL8hrgcYA25IecGpPsTUypcQ==
date
Sat, 08 Nov 2025 05:53:44 GMT
content-type
text/css
vary
accept-encoding
server
AmazonS3
last-modified
Thu, 10 Apr 2025 08:14:55 GMT
x-amz-server-side-encryption
AES256
main.css
s.eximg.jp/exblog/user3/css/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06744d7c6fad3342f81eec248a0fee7a91da9e107323a2b258a1cff749d69d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fe041e6bbcb3d5748cf495e956c7080f"
x-amz-version-id
cg61_m.sftKcSZv9IDxwbw1Hl.EW0lMC
age
5649
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1vCBfN3Z8e5LWRWsVVuGcDAJU-XJSRTIMSTRgEwwynRxIzW7fba9xQ==
date
Sat, 08 Nov 2025 05:05:02 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
a01401_01.min.css
pds.exblog.jp/skin/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pds.exblog.jp/skin/css/a01401_01.min.css
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-110.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c06a5e89dacc8f6b30863312339b881230e92594d3e883b9fb14d24c830079fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
br
etag
W/"807a85c3670b4ce5b6338757afa9937c"
x-amz-version-id
null
age
73503
via
1.1 18a61a52bb16676aaaca30bd65a0ca86.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
xiZ7PomPfkhCprVJQNdMmGNwMPxjWIxHXxiKCMhgVPqfG44054p1UQ==
date
Fri, 07 Nov 2025 10:14:08 GMT
content-type
text/css
last-modified
Wed, 19 Jul 2023 08:15:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
pc_blog_overlay.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		20 B
383 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_overlay.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ee110dbcd43f529cefff78de1c2c7dcb701f85750803e0434670b888b40cf42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
etag
"cf0a22e75c80423724aefe3f29d62dcc"
age
2630
via
1.1 71345e3124da3b46c114e891ef1fe152.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
20
x-amz-cf-id
3kDDLHTMfDucIqVAWfx9Pur6bI2ORcJkld1DWMH50jGpllxCD19pCw==
date
Sat, 08 Nov 2025 05:55:21 GMT
content-type
text/javascript
last-modified
Wed, 22 Nov 2023 03:16:05 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
x-amz-server-side-encryption
AES256
dmp.js
image.excite.co.jp/jp/ox/gpt/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/dmp.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4db37d3b185e5d1141e79fca02dba385de6ec04d19783648466a7b412e0c6c6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
W/"c8711f4eb7d8c39193f20dab0b80d8e7"
age
2783
via
1.1 71345e3124da3b46c114e891ef1fe152.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
UOVsN9fBQxatqwIm1CL5HuRLr5kyOHRj5CI6h3cbm9vX4WcabsNFhg==
date
Sat, 08 Nov 2025 05:52:48 GMT
content-type
application/javascript
last-modified
Fri, 30 Oct 2020 11:17:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
vary
accept-encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
db4dbabc8e36633f5f4febd7aa6cb79666a8b956fa02e75b7bd5d5d96420d248
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
556 / 20400 / m202511040101 / config-hash: 853804471933052373
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33997
x-xss-protection
0
server
cafe
exblog_00138.min.js
flux-cdn.com/client/00125/ 		598 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/00125/exblog_00138.min.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f40b89f97a2021c030bea7f28fef4d47b1ecd859e600f9d63649a5b60b8aeb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=300
content-encoding
br
etag
"51914c9c12c0b9bf9cb0f6ce47ee2ad9"
age
226
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-amz-meta-release_job_id
18567
content-length
169050
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Tue, 04 Nov 2025 00:55:20 GMT
content-type
application/javascript
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		344 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.242.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-242-225.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a22bd3e31a724c89c7872e733cbb00dabbdbd3c126f41ebc2e7a1ea70412451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"c1f46a99d4a4e5632a4e581187980ae1"
age
3161
via
1.1 1375f5159b5e792617846e37988e54de.cloudfront.net (CloudFront), 1.1 3464e42d6d0da76ba0164e7092b00678.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
gV7gpR6RoZYI4yLzcTOwkHlfcsaeWZ0X-zLv2jgANLbfcxMF8dK4dg==
date
Sat, 08 Nov 2025 05:46:30 GMT
content-type
application/javascript
x-amz-cf-pop
NRT20-P9, NRT20-P6
server
AmazonS3
last-modified
Thu, 06 Nov 2025 21:44:55 GMT
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
73e39dafc59d87e1a2fc898b961b45e08de237a3953396629326865391531b4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
expires
Sat, 08 Nov 2025 06:39:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 08 Nov 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
114962
x-xss-protection
0
server
Google Tag Manager
pc_blog_billboard.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		19 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_billboard.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-52.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09359e654a4198a8740f0b735c9d94c00875f46dcf920fb50ba8efc5fabd66d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

etag
"928d76cd7c646339f00d8bc6870b5ee2"
age
2603
via
1.1 71345e3124da3b46c114e891ef1fe152.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
19
x-amz-cf-id
xltalR4BGiihsAx-yxjWi9NO8UilO1ThG69JatllcU7Kvzv-44KIng==
date
Sat, 08 Nov 2025 05:55:48 GMT
content-type
application/javascript
last-modified
Mon, 26 Apr 2021 09:58:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
vary
accept-encoding
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-nrt-rjtt7900020-NRT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
logo_exblog.svg
s.eximg.jp/exblog/user3/img/header/ 		44 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/header/logo_exblog.svg
Requested by
Host: s.eximg.jp
URL: https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edf44487f4da57757afaa928aebc937dcc957984dfe3beb6a7464070861db172

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"264f4377d5fe2bac95746a671b8e56ec"
x-amz-version-id
k9dnybSkuITTKIJhy2r9zKSho8tBg10G
age
3138
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
QxEyMe4p3QRVlNUuYJTfMuLOU9BNVZXreM9GqXil-upFEttJf5R7jA==
date
Sat, 08 Nov 2025 05:46:53 GMT
content-type
image/svg+xml
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
btn-search-white.png
s.eximg.jp/exblog/user3/img/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/header/btn-search-white.png
Requested by
Host: s.eximg.jp
URL: https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
603b19e63cfe4fc5e1405ffedc90135e5c54400bdcca5711184200bf9e0dda40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64

Response headers

x-amz-version-id
KdNINm2BfM5VLCWK3A5ePUeiu0wtdTJo
etag
"c79d41eb7d5a946ae71b8fb8a869f2cc"
age
3121
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1092
x-amz-cf-id
gJn7O7ISX-JmFE3cxymfABzPoKehk4vglhCp3KbiafPdPGQJu9ibkg==
date
Sat, 08 Nov 2025 05:47:10 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		3 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j102&a=1975470136&t=pageview&_s=1&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&ul=ja-jp&dt=What%20are%20ESG%20Cryptocurrencies%3F%20%3A%20TWINKLES&sr=1600x1200&vp=1600x1200&_u=YGBAgAABAAAAACAAI~&jid=1111047160&gjid=127138978&cid=1129303139.1762583950&tid=UA-8858058-55&_gid=715744077.1762583950&_slc=1&cd1=guest&cd3=3m&cd4=0&cd6=True&z=1432131403
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

report-to
{"group":"ascnsrsgac:211:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:211:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:211:0
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:211:0
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j102&tid=UA-8858058-55&cid=1129303139.1762583950&jid=1111047160&gjid=127138978&_gid=715744077.1762583950&_u=YGBAgAABAAAAAGAAI~&z=338473379
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c02::9a , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

report-to
{"group":"ascnsrsgdc:147:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:147:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:147:0
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgdc:147:0
content-length
1
server
Golfe2
bookmark_button.js
b.st-hatena.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/js/bookmark_button.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.54.62 New York, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-54-62.nrt57.r.cloudfront.net
Software
nginx /
Resource Hash
f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
W/"690303b0-1990"
age
22567
expires
Sat, 15 Nov 2025 00:23:03 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
hOB-TX1BH2eI2xV8Hc6zUvZBxATIkmA9z_YVyXXkz6XTRqUf0Le2yA==
date
Sat, 08 Nov 2025 00:23:03 GMT
content-type
application/x-javascript
last-modified
Thu, 30 Oct 2025 06:20:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=604800
via
1.1 8a416a9aa7ab03fb13d0b337bc55d61e.cloudfront.net (CloudFront)
access-control-allow-origin
https://b.hatena.ne.jp
x-amz-cf-pop
NRT57-P8
server
nginx
3402
config.aps.amazon-adsystem.com/configs/ 		531 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3402
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.228.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-228-74.nrt20.r.cloudfront.net
Software
CloudFront /
Resource Hash
e247f7b759dfe24cefb94bd6e106bb2cac01b1627678d9a0c6e904d9dc7e3878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=3600
age
878
via
1.1 ea05f10f54229036a5e04e835ad852a4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
c6CpDlMOM2tCiMcU-rGmLU4JdeBsIKm8MT4Cck3VfW0Btnyvjm0wrA==
date
Sat, 08 Nov 2025 06:24:32 GMT
content-type
application/javascript
x-amz-cf-pop
NRT20-P5
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3402&u=https%3A%2F%2Ftwinklesphotos.exblog.jp
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.242.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-242-225.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
8251
access-control-allow-credentials
true
via
1.1 3464e42d6d0da76ba0164e7092b00678.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Hit from cloudfront
x-amz-cf-id
qwOpmQ4r_0nOD360J_WOT0Bp2GAy143qWpg8oxiQV_Gm5atBU4gCyw==
date
Sat, 08 Nov 2025 04:21:38 GMT
x-amz-cf-pop
NRT20-P6
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.242.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-242-225.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
8251
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
JDNbs1khWWBVS7PMmmeFocVJV5MzayC_tHq7u0PBzYadHvi_4fOQEQ==
date
Sat, 08 Nov 2025 04:21:40 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 f488df389a7a8c807c115802e06fd756.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT20-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
sdk.js
connect.facebook.net/ja_JP/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
2b3e34d3901ecf68b5f2928aaf9cbf8e9678dcd42ddb8312b0ecbdc5d351234f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-md5
zo5rovI4aNqg8eJ1kYbM2Q==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"9e6c59eb8c81b59e6e1ba9bc964a0263"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:48:29 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
371ac4a8a7a6cf4d75322a14a0ce4b22
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4986, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
5BoCVlVxmvnRsHdW19hnB4vLyitAyyqCIBpNyevoz13pfuBDa0js2M5DrA4h5/c1r5ITfYtI3Vz/aaP5uzXtCQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1685
origin-agent-cluster
?1
rc-xyz-nft-gallery-Jzj_9HEABUk-unsplash.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCOberpixHEUHaJH0C-x0oHCBLj82rR0_9-pfxy7n21VcNC2uUFdlISTVH5vlzvdpVr2CkaeXx-O0T_tRXsXEyUk7soWNfyR7Nl6mnP25TJJuBKhvEuJ-idP714hXibZRik92wDaBAq0lw2ysL... 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjCOberpixHEUHaJH0C-x0oHCBLj82rR0_9-pfxy7n21VcNC2uUFdlISTVH5vlzvdpVr2CkaeXx-O0T_tRXsXEyUk7soWNfyR7Nl6mnP25TJJuBKhvEuJ-idP714hXibZRik92wDaBAq0lw2ysLVAeGmsU4ExqYdaQXQCDO_Pcj9C2HgybdaldC-olLhAlO/s16000/rc-xyz-nft-gallery-Jzj_9HEABUk-unsplash.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:809::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
1b3b903adfa02dac0e597f0841137f3d48900342a299223dfdc9dcdd1b61f418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4cb"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1739480
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="rc-xyz-nft-gallery-Jzj_9HEABUk-unsplash.jpg"
pexels-nataliya-vaitkevich-6120214.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU1yXWNhh2r9i-E0So8uLt-IegY1dccWmyKI7vG-VR2_JK7Zn2ccrKc4A0fW_sbi-rMJNZZKy7afZZajNe_hETHA6PnTduaDbd4d3LFyPu8zirBx2wGz-EzFIQhmLl8WGzgMxDnK4bzUDUHvAA... 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU1yXWNhh2r9i-E0So8uLt-IegY1dccWmyKI7vG-VR2_JK7Zn2ccrKc4A0fW_sbi-rMJNZZKy7afZZajNe_hETHA6PnTduaDbd4d3LFyPu8zirBx2wGz-EzFIQhmLl8WGzgMxDnK4bzUDUHvAA5A3KnRfHfZXWcTjTW591P1f0XkPopHTHwnGth-BgGXD9/s16000/pexels-nataliya-vaitkevich-6120214.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:809::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f678e937757eec8f8f4b1367bfe3455d961baa573b87d6362a11e04b70d01160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4cd"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4105074
date
Sat, 08 Nov 2025 06:39:20 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="pexels-nataliya-vaitkevich-6120214.jpg"
traxer-ayiCvp7Ta30-unsplash.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjDebSW-mWndfNCtsJ03gqU9THPZnfgpEBzQDWnD0wNKF-GEf-juYiVzUjlZlFwqy8IjeQBB8XC_axat8JopGexu1QftVkfkAvoqwoiglm_6fc1iVWQA85aqf0PWPg3mYk54Yn0Q4pWVqXRNZU... 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjDebSW-mWndfNCtsJ03gqU9THPZnfgpEBzQDWnD0wNKF-GEf-juYiVzUjlZlFwqy8IjeQBB8XC_axat8JopGexu1QftVkfkAvoqwoiglm_6fc1iVWQA85aqf0PWPg3mYk54Yn0Q4pWVqXRNZUAY9F5VQ6B_2GyeKnFvTGlHX7FYWp-QJkzdLiJxMgHi5x/s16000/traxer-ayiCvp7Ta30-unsplash.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:809::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
6d08530033d7cc9832dd825669940f41cf140231f4d8dc49a93170661744c4f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4cf"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2058548
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="traxer-ayiCvp7Ta30-unsplash.jpg"
pexels-david-mcbee-730564.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi-sm3oGKhLT4brV0rCHY96g2r7VCHJYxVT0j_0iVCaM-hKonttk1BvTl6Jh9Yf0yLfEXSLAkXKcL41VF4QKHv73gjAGsXEahNBN_CMAm33tQhvRVoCGg8lQsEhlhnXAKu4DkhJ9w9vgP_bdF6... 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgi-sm3oGKhLT4brV0rCHY96g2r7VCHJYxVT0j_0iVCaM-hKonttk1BvTl6Jh9Yf0yLfEXSLAkXKcL41VF4QKHv73gjAGsXEahNBN_CMAm33tQhvRVoCGg8lQsEhlhnXAKu4DkhJ9w9vgP_bdF6XlzZ5S0I0Xzwp1uCzH3LK3CG1jo3byFWy0CjtKdfsWRW/s16000/pexels-david-mcbee-730564.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:809::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
90709600cf17788373d39370f6b6fea1c8529376cd78581a8af38d9e1b06d7cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v4d1"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2395394
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="pexels-david-mcbee-730564.jpg"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
a590a3c17673fd9d0d6ec3a67b6aa3a0b202438ca488691cc7763591419fe5f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
16250469761901215889
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55308
x-xss-protection
0
server
cafe
e043743820240118094946.png
pds.exblog.jp/logo/1/197001/01/38/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pds.exblog.jp/logo/1/197001/01/38/e043743820240118094946.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-110.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcdeaeebab1faae706be2c05fc793f3b723031845d687e492376584c8d6a2f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
null
etag
"62d5ba881269012d098df4991e72d4f5"
age
1469
via
1.1 18a61a52bb16676aaaca30bd65a0ca86.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8115
x-amz-cf-id
VnfhoLaHX7eDj8Ziyz4JcqckXMsu40WTb15GqelHbWKyOGJV7JCe5Q==
date
Sat, 08 Nov 2025 06:14:42 GMT
content-type
application/octet-stream
last-modified
Thu, 18 Jan 2024 00:49:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
banner_l_17-5.gif
md.exblog.jp/img/genre/banner/2/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md.exblog.jp/img/genre/banner/2/banner_l_17-5.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-99.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1075dbd8e50dbefedaa0a8e6251f654cbdc25c58d41060d902aeba6b8648fb57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
null
etag
"192e0bd33628b6c54b4d176281f3df23"
age
63954
via
1.1 e4abcd405bf324012aa91e82003f68fc.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
7405
x-amz-cf-id
0Ukdvpi_xVvohB9JoDSDc1moY1XqNkBkDtKV_-e9vylgUZCS4FFr4A==
date
Fri, 07 Nov 2025 12:53:17 GMT
content-type
image/gif
last-modified
Mon, 10 Apr 2023 06:27:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P9
x-amz-server-side-encryption
AES256
banner_l_17-2.gif
md.exblog.jp/img/genre/banner/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md.exblog.jp/img/genre/banner/2/banner_l_17-2.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-99.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feda41fd13b033c850fed32cc18e53490ac4e28b1bddaae427edbde4beab610f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
x-amz-version-id
null
etag
"2aa4f3965ce5c54bb7eb1f177d5fa84c"
age
25916
via
1.1 e4abcd405bf324012aa91e82003f68fc.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8689
x-amz-cf-id
Dt2qotGAoNsjZ44YEmPPgThQqjiC5n0KFjQX63ouwyyH2wGOhU-9AA==
date
Fri, 07 Nov 2025 23:27:15 GMT
content-type
image/gif
last-modified
Mon, 10 Apr 2023 06:27:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P9
x-amz-server-side-encryption
AES256
logo-to-excite.gif
s.eximg.jp/exblog/user3/img/layout/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/layout/logo-to-excite.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d61b2e1e812644b72ee86c38dca895266813d59360f92cb7c3f365978129708

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
5oPSHXl56MX3XKULF8WWZnT1AHC24kX1
etag
"4e6e76b265d31b59bee6c00d9f40c01c"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2417
x-amz-cf-id
E-mVpuLjip4kZQF0-XyusY9RhMYEeK6dJM03hHWdy9LlPc1mMj-2Lw==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog-facebox.js
s.eximg.jp/exblog/user3/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/exblog-facebox.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90289b868561ed36a7007e3ff1a12b0674210c56aa55cae278f9ec80f8cb6bf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"c09e1520d4f1d21f89379c7fd0b1f8b8"
x-amz-version-id
E3U_03UnBE1IFtNhVLDYIjAed1XRu_91
age
5664
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
e-uDX0g3-W-6EkVWH3nWyS9Un0TluRc3qZqEnhcyiH3tnBdCljGPnA==
date
Sat, 08 Nov 2025 05:04:47 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
facebox.css
s.eximg.jp/exblog/user3/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/facebox.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bbdf8eefbcdec2d9f88f7e452316b39228bdf9ac58b7523964d8f2ff84e9236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"5cf0b6d214131267e85f774cf8bb5406"
x-amz-version-id
1p5C4jBqoeRkoqRO_REL0y8O29mtxFnu
age
5666
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
zFdZ6UYm7DwQPuolXnnJPg6ikKaQVo78qQ3saPkPGFuR7KIaR8K-Kw==
date
Sat, 08 Nov 2025 05:04:45 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
icon-close.gif
s.eximg.jp/exblog/user3/img/facebox/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/icon-close.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc3c8f67291b46b0b7c26148f146db5c486d049c5a4996643bcdbfb005917082

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
flX9yc3TgSzPyKGNzrYBTJM.AxsQlLic
etag
"0e5462b0b4f00432eac4b33d5fa31c5a"
age
3141
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
979
x-amz-cf-id
eatEAPUbqsuf70GMHu1WDNMeIBeIqyhq3gBxc1Pjg89wILc1YXtD_g==
date
Sat, 08 Nov 2025 05:46:50 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
itm.js
dmp.im-apps.net/js/8266/0001/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/js/8266/0001/itm.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ea89d46b95924261fc238dfb667fe2c2e89f0d461a6faf3e0d20bd7927f288cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=4804
content-encoding
gzip
etag
"04bf9faf0991be622104832434aac5b9"
x-amz-version-id
BCOYcpwo.YY1NadU_svr_9qfq4z7GSSN
expires
Sat, 08 Nov 2025 07:59:14 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
780
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Fri, 15 Jan 2016 09:30:56 GMT
content-type
application/javascript
vary
Accept-Encoding
/
logging.exblog.jp/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logging.exblog.jp/?request_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&blogid=e0437438&serial=33443971&referer=&login_blogid=&tag=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.177.178.194 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-178-194.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache
content-length
43
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.22.1
img-loading.gif
s.eximg.jp/exblog/user3/img/facebox/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-loading.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
yvjH3nWmrBo2zhl_6Y3bDyEOXIGryah5
etag
"7e99e1159a3686f6aa4f90043c554483"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2767
x-amz-cf-id
xLlLNbZJ_aXIgGWI0QIInLZcYEKzBkwOot5lHCdqmOl_eDBBeUJFDQ==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-top-left.png
s.eximg.jp/exblog/user3/img/facebox/ 		132 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-top-left.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f52bc51c65a9e30cf1733c3a54b7eebc13edba95834cd9f7184131dc06ddbfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
V5aOcUzn2Zw3q43T51njLl_FiaS3L6rr
etag
"02e125bbaed0093265655bc9bb36265f"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
132
x-amz-cf-id
Whlhfh5psRRhw41jSWhGaPqD2hoA864c78Qmig9yujwQt-lqDQzy7w==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border.png
s.eximg.jp/exblog/user3/img/facebox/ 		84 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5ea0feb6780869811fbc088a8f8f2e2d715b09540885306edd228b1dafdbcc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
0QcbId0kkrIPFpaHTPgW6qR3cHCnhKqh
etag
"6d5ebfa02c59a2ba7bc8906e888911c8"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
84
x-amz-cf-id
Y85mVQRC7IAapf4wYm8clvhEpUMcAZBBnJ33EdTmPGArzNIfKwiXNQ==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-top-right.png
s.eximg.jp/exblog/user3/img/facebox/ 		125 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-top-right.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c964938d7c06e404dd521487654a489fdbbcbf8f55c79fe5693808b7aed4305c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
sE9lp8PlArAo7lDvsIkW2O2p6cb2v6B.
etag
"7b0f5e3d1dee42a15daa83c543d3ed03"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
125
x-amz-cf-id
eek8AdNfe6Z-4o60-4dQ2N8UaG6VeMXQDbF1ePcd1ueTnE2c9QhmQg==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-bottom-left.png
s.eximg.jp/exblog/user3/img/facebox/ 		124 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-bottom-left.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0d19d08cb31495a801c0a81631d5e81c0528981f403cda57fa0134a526d1fc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
3FRBIH.Yf3ACBZeukSoejFvKLuNPsqzv
etag
"1dc6e3caf8defd8df126cb8d0631c58b"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
124
x-amz-cf-id
ahiG9jJauhqKnLuMaioymDOIqNPUBgwfU38Qnvcw8ZJZlgwu1kvHRA==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-bottom-right.png
s.eximg.jp/exblog/user3/img/facebox/ 		124 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-bottom-right.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-26.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff56024d51fb27ab3b6212239c8e38972681b84e1eff17e9bbe0d59e392d6559

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
m_1vvQ.rqNC9GbW5.MQ2mkfXvifx8FFc
etag
"e674cba1293fb82871366299f905f669"
age
3139
via
1.1 4c8c55ed7c98d423d22ae4c088f8ff36.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
124
x-amz-cf-id
_vy4lOCl6KIWmV_xV_C6BehK0byupVWvcz7DCyo5NdPjEk6flSXzeQ==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame A96D 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Sat, 08 Nov 2025 06:39:10 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-nrt-rjtt7900032-NRT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8544321996124660
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
945cc44036b754c873b251dc41d3127555bb1866b18db69129f25c73e56c5c28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
10565529541013988736
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55227
x-xss-protection
0
server
cafe
settings
syndication.twitter.com/ Frame A96D 		870 B
953 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=7412ca14f1e811cea14a7ebe67b89b62ec6af3cf
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://platform.twitter.com/

Response headers

x-transaction-id
6a4a8fb407b7023b
content-encoding
gzip
cf-cache-status
DYNAMIC
x-response-time
9
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/json; charset=utf-8
vary
Origin, accept-encoding
perf
7402827104
x-served-by
t4_p
strict-transport-security
max-age=631138519; includeSubdomains
cache-control
must-revalidate, max-age=600
origin-cf-ray
99b3125ae9cc8be0-NRT
access-control-allow-credentials
true
cf-ray
99b3125ae9cc8be0-NRT
access-control-allow-origin
https://platform.twitter.com
content-length
338
server
cloudflare envoy
index.js
cdn.nidan.d2c.ne.jp/1.0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nidan.d2c.ne.jp/1.0/index.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.228.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-228-104.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dde9ced87fcbee6180d08642a89eccdcacae929c63d0f873b4c1f82f8c4435c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6f71da711220ce0f35c311a838a11bb0"
x-amz-version-id
null
age
56752
via
1.1 ea05f10f54229036a5e04e835ad852a4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3z_xGZC3ZfbQ2tN_6bBbNx4slV5_K7pwyz6WyvWU_e6Caag1r6tEhg==
date
Fri, 07 Nov 2025 14:53:19 GMT
content-type
text/javascript
last-modified
Wed, 08 Oct 2025 07:05:03 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P5
x-amz-server-side-encryption
AES256
tag
btloader.com/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5727730570625024&upapi=true
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:ab85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41afd2f3734221881cf67e89567dab76a5a136e7c3474e7afb6b3a8727a92623

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"b2b12b16145a3b6b3f1e32ecdc34f5dc"
via
1.1 google
cf-ray
99b3125b3d0ee35e-NRT
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/javascript
last-modified
Sat, 08 Nov 2025 06:14:35 GMT
server
cloudflare
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1796d2e5d57af5bfaf616113335dbd63c050b0325c995c0f8e4f97a47259fce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"64c-bP93R9Rg2gXa4z8l9y0bpLwrZsQ"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RLK48ZD0sO5f8hCC0Qpkw2Y37VvXGtiyPHHQcLj12h1mlTWW51F6sJleXysIT%2FpXM8PgxlA0Quk0tFoGB%2FDqCFWiO1RwtrN4CytL6xc0rD4bFIjjO4HtF4EPNq5X5l2l1QmlvPsppvaOE3aaO1E%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220102-FRA, cache-nrt-rjtt7900093-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b3125b7a83d763-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
854
server
cloudflare
x-jsd-version
1.0.2603
v2
yield-manager.browsiprod.com/prebid/ 		220 B
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/prebid/v2?sk=exblog&pk=excite&sw=1600&sh=1200&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&eu=false&t=1762583950627&pvid=116605b8-9e74-4d25-9e0a-dde4da450cc4&us=%7B%7D&at=What%20are%20ESG%20Cryptocurrencies%3F%20%3A%20TWINKLES
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-119.nrt20.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
ead2e2a57ff0481206970dfc36e3867223127d3f7fe28bdc8042b517c47616c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 02fa8137f2e8d2eea9a32cf638667082.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
x-amz-cf-id
AriqhpCFXB5Rzq8T04jnnWNOLocJAj4Qt8aeyibKans-ekxPZso_mA==
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/plain; charset=UTF-8
x-amz-cf-pop
NRT20-P1
server
akka-http/10.2.1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 		600 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
ea47742e94e6a95b08832e9e5875a5a73ab2ea3bc740e6938d927c39e03273bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
14735669544948044405
age
64952
x-content-type-options
nosniff
expires
Sat, 07 Nov 2026 12:36:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 12:36:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
193950
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		375 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6fd53b6ad83902e0afa3360f297fe19e7d6179c738f53cf262749fc0137d66d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:39:10 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134681
date
Sat, 08 Nov 2025 06:39:10 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
js
www.googletagmanager.com/gtag/ 		419 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e1700b2e49960c41d8d55403637579bb346fd388d63251fa25c73a4fc6a13a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 06:39:10 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145522
date
Sat, 08 Nov 2025 06:39:10 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
sdk.js
connect.facebook.net/ja_JP/ 		250 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=65413a4dc2da38c444765d7ca7ab925c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
2189e53fefecc8432afdc27f888de9d3af9b56eef3538342f50feef0bf076a81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-md5
JSh302jfJkg23wsb9BGcZQ==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"3367e596f4e832073c3498ee0a2b9978"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 08 Nov 2026 05:34:19 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
f83580dd94ab6c530ce82c0080302b3c
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=9393, tp=16, tpl=0, uplat=0, ullat=-1
x-fb-debug
8kjn/KosRMLq4Ua2+sASFDwxrb0qBM5wFfT73DUzAu5ogjztVOgRs3TY/8e2OSRnYIMBT1NhfxlC8fDcFymYVw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
75603
origin-agent-cluster
?1
audience
cnt.fout.jp/segapi/ 		15 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.fout.jp/segapi/audience?callback=_itm_.sa_cb&cvid=mHDmdffSCFxfWgmjsQ
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8266/0001/itm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.39 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bc96117cb3eea4c79f15172c6be567e3675d7b32ed0d617f7e4175f4e5c1c675

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Origin
*
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
application/javascript; charset=utf-8
Server
nginx
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z6VR2N8KNZ&gtm=45je5b50v9174502665za200zb71867219zd71867219&_p=1762583950195&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1129303139.1762583950&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105391252~115480710~115583767~115616986~115938466~115938468~116217636~116217638&sid=1762583950&sct=1&seg=0&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&dt=What%20are%20ESG%20Cryptocurrencies%3F%20%3A%20TWINKLES&en=page_view&_fv=1&_ss=1&_ee=1&tfd=881
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to
{"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:106:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/plain
server
Golfe2
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-dac0197090be0afe7ac07e969bc94197-97304f03529ea1bf-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
dac0197090be0afe7ac07e969bc94197/10894294374298853823
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 08 Nov 2025 06:39:10 GMT
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200086-IAD, cache-nrt-rjtt7900020-NRT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2620
x-amz-server-side-encryption
AES256
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/ 		501 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
c67b67498d4a538f47e089bb36c003d924c56cb33b8fb691f3687cd4487e8cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
12022265679802278726
age
64726
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 12:40:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 12:40:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
169325
x-xss-protection
0
server
cafe
pre
js.api.nidan.d2c.ne.jp/id/nidan/ 		52 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.api.nidan.d2c.ne.jp/id/nidan/pre?callback=d2c.nidan.ns&origin=https%3A%2F%2Ftwinklesphotos.exblog.jp&domain=twinklesphotos.exblog.jp&referrer=&nv=2
Requested by
Host: cdn.nidan.d2c.ne.jp
URL: https://cdn.nidan.d2c.ne.jp/1.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.115.25.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-115-25-214.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
5ea40e9aff7ebb80e2c7d26cfd8cce04f5954e07f7d19d9d69e572bf4e22584f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=7200
content-length
52
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/javascript; charset=UTF-8
px.gif
ad-delivery.net/ 		43 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.2192153119648993
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709472
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:10 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3125c7b63fcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.7694781727466339
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.7803356922933139
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709472
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:10 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3125c7b6bfcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
dns
ab.dns-finder.com/meta/ 		2 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.dns-finder.com/meta/dns
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.200.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers
X-Resolver
x-resolver
default
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/plain; charset=utf-8
vary
Origin
trustedIframe.html
btloader.com/ Frame 6D9A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btloader.com/trustedIframe.html?o=5727730570625024&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:ab85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d777e3df9814ec252061059134ea3be6e0d9fcb692c08f43f8683b50b28eda7

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=3600, stale-while-revalidate=3600
cf-ray
99b3125c6ca35ebb-NRT
content-encoding
br
content-type
text/html
date
Sat, 08 Nov 2025 06:39:10 GMT
server
cloudflare
vary
accept-encoding
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.162.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-162-183.nrt20.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 06:39:10 GMT
server
Server
via
1.1 445251e11a1d3e7d2507e0ba369b2f22.cloudfront.net (CloudFront)
x-amz-cf-id
3hSuWkxM7vP8UcRqzIvv54pNSSRPK9GEpOSDp4ghCQDSoK0gKfmwkw==
x-amz-cf-pop
NRT20-P7
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.162.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-162-183.nrt20.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 06:39:10 GMT
server
Server
via
1.1 445251e11a1d3e7d2507e0ba369b2f22.cloudfront.net (CloudFront)
x-amz-cf-id
1qcyE7blACdXxUk3oFTOSfwJ4KwCVH9NsoMWdYNROO0j-66rSV3XlA==
x-amz-cf-pop
NRT20-P7
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.162.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-162-183.nrt20.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 06:39:10 GMT
server
Server
via
1.1 445251e11a1d3e7d2507e0ba369b2f22.cloudfront.net (CloudFront)
x-amz-cf-id
7UE9alu5kfthlWp7e5BFWowEFogg-WfOu_UFyij6C21uaua7dgE8nw==
x-amz-cf-pop
NRT20-P7
x-cache
Miss from cloudfront
adagio.js
script.4dex.io/a/latest/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299314ceedf1362e55e1caf70d8ab51202c931224793b9b5463c86411ae42721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
br
cf-cache-status
HIT
ETag
W/"b5ccbcc2259cdb10e0b65bbd0798ca7d"
Age
2108
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dKR3Tf%2Fu7DmDk%2F6WVsksezQmjOssyI5pSEDKYgzFXKpRK6qjShbilmMyV3ps0jqvCn1WcT8xFU%2F2AaLQRSScKLd4ecUT4OXw5%2FGrRBXbgAVN3igQME%2F%2Fo5o%3D"}]}
Expires
Sat, 08 Nov 2025 07:09:10 GMT
Date
Sat, 08 Nov 2025 06:39:10 GMT
Content-Type
application/javascript
Last-Modified
Wed, 10 Sep 2025 13:49:52 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
Nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Connection
keep-alive
CF-RAY
99b3125cf93d80dd-NRT
Server
cloudflare
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.162.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-162-183.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 52fac6845a07a4382190943391152b1c.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
O0LWQS0z8bVECgeI3TipiDbPAfOC9B1U8j137UfcR7aHf4mBkXpcdw==
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT20-P7
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.162.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-162-183.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
f9407c584179c346760e40a7f07d14807fdd268510692529d44d0e2bd9379ac0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 52fac6845a07a4382190943391152b1c.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
rGwhIhkvqx9Fk7rPrfqDoHSofYNeNrco0aNoTrMNRb3zyXY8wHhhDg==
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT20-P7
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.162.183 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-162-183.nrt20.r.cloudfront.net
Software
Server /
Resource Hash
5ba40df0b5475745c6ca953e7cbbdf7ee5feeaf3ea29782607c6dc31c6b0c173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 52fac6845a07a4382190943391152b1c.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
k_A59m9vxNLEGr6R0PqGC_moimNyI9F-KsuCrWD-4t1Ywif85kLrXA==
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT20-P7
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 97F3 		105 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
sffe /
Resource Hash
018185e30fbbce704be5b336095797ee6594f767c5c81ebc4945257994adad3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
273
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29887
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:34:37 GMT
expires
Sat, 08 Nov 2025 07:24:37 GMT
last-modified
Mon, 03 Nov 2025 20:43:45 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2516138031305436&correlator=4130765290069194&eid=31095573%2C95376742%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&dids=gpt_unit_%2F18333008%2FPC_blog_int&sfv=1-0-45&ists=1&fas=8&fsapi=1&sc=1&cookie_enabled=1&abxe=1&dt=1762583950944&lmt=1762583950&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762583950115&idt=692&adks=381580271&frm=20&eoidce=1&pbbce=1&td=1&egid=45601&tan=db582a34-3e97-4d8a-adef-a5e0df8aa0d7&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
2c3521c692fc285fa700a7183b3aa0e34de20e8d09a2df62ed87b2fa5ab0dfa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
google-lineitem-id
5984413840
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138388250744
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
17951
x-xss-protection
0
server
cafe
container.html
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 3EF3 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
081f94d2c63723df86834268d381fcb54bbeda3566e1ca95f3c7ea1f7f1dc217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
13914731579438644706
age
62414
x-content-type-options
nosniff
expires
Sat, 07 Nov 2026 13:18:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 13:18:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
19818
x-xss-protection
0
server
cafe
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_left&tagId=44737%3A1000303245&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:39:11 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279398&cb=36295821122&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=4aa58906817443&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&uc=gpt_pc_blog_inar...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=36295821122&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=4aa58906817443&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&uc=gpt_pc_blo...
132 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=36295821122&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=4aa58906817443&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
2e4c40bb0f0841a093386421505c144dec2389f683aec802095bbc51c64ba1d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=36295821122&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=4aa58906817443&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3101::6812:22b2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aceea61373586df1ddf06f02731be97150cbd714ee289e94361047b2b0d6b89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
expires
0
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3125dd882af54-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
server
cloudflare
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
query.ad
sp.gmossp-sp.jp/hb/prebid/ 		0
593 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sp.gmossp-sp.jp/hb/prebid/query.ad?tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&bid=806233cbbaf5818&ver=9.37.0&sid=g945014&shared_id=fa44b490-a792-4524-9883-6d1f21f4c3f5&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&meta_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&cur=JPY&dnt=0&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
24.98.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-methods
GET, POST, PUT, OPTIONS
observe-browsing-topics
?1
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/html; charset=UTF-8
x-cloud-trace-context
43cd5d186304e82328a9c7ad535cccad
access-control-allow-headers
Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=0, no-cache
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
0
server
Google Frontend
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209341&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.169 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
caeba8b541d07e1bcea183cc128c72b0f90b4e8e9eefbeea10696f347ce88c00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-ng12.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1236
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209341&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7lj8Co8HAAAGFy-PEAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1236"}
X-SO-HostName
m-ad1236.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ7lj8Co8HAAAGFy-PEAAAAA
Content-Length
94
X-SO-IP
146.70.201.135
X-SO-Ads-Time
31
Server
nginx
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
811 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=hlQJ4BI55&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_left&tid=1ded76fb-0d0b-41c7-8aae-ce317c937e95&prebid_id=129853c82437af68&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fa44b490-a792-4524-9883-6d1f21f4c3f5%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-141-127.nrt57.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
RIG-Pgtz8OvIeRqj6ccTlO_u7UHfWe2FEOmXTnszBmigoR9n43I-Ig==
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 b4b8b8ed4296910bd07f12a970676040.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT57-P10
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_left&tagId=44737%3A1000303245&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
/
shb.richaudience.com/hb/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.96 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
pbjs
htlb.casalemedia.com/openrtb/ 		131 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f866cfe51b2554f95fd044f8061a25686959e370ed11667be2769815dd8cc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Q0EABCa0x4UvVre3yWTe6f6Gmt8%2BsjadgfJjRCmu7zPzPADscrZNr%2BrLBkEsQVHzXUU96GxpkI3A9yXOsIMkjh4OPtSrkM2ODRKqFAi%2BbajCjMM%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b3125dea4cfd4d-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
115
server
cloudflare
translator
hbopenbid.pubmatic.com/ 		0
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
4d53a60ae61b6aeb735a2ae9fff234ec46ea3f0cb55b09efc80f59ad884663e3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=327
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
3efd58a6-3438-497f-8573-a073fc20491c
x-xss-protection
0
server
nginx/1.25.5
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_2_left&tagId=44737%3A1000303249&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:39:11 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
809 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=M0bww75HL&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_2_left&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&prebid_id=26045f38618cc8c8&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fa44b490-a792-4524-9883-6d1f21f4c3f5%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-141-127.nrt57.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
t9KtCgzDYwsFX1pNZv-lO_jcQ0clcPXoB8bBfeIXj5Sts694-e-UdQ==
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 b4b8b8ed4296910bd07f12a970676040.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT57-P10
pbjs
htlb.casalemedia.com/openrtb/ 		132 B
719 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173252
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f4616274f6e053f400f509828dfd6d4d30918aabdbb976ebf5af08fb204fd54

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U%2FtVoV5uYIzIPlyt8Tfsc%2BUX4%2BCdF0pJB%2FIJUXd2txUVXj7tHlihjIlPOT5fSJ41IfyN0Dhk8WPMUvPaN4UFTdWZbY8CAALF5wdeqUkvu6NDHbs%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b3125dea51fd4d-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
116
server
cloudflare
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209343&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.169 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
43d863d9d557775e3b81a2c95376385accf64437a2acb92aefcf3c3b5a063c22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1008
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209343&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7lj8Co8YsAAIeF4HAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1008"}
X-SO-HostName
m-ad1008.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ7lj8Co8YsAAIeF4HAAAAAA
Content-Length
94
X-SO-IP
146.70.201.135
X-SO-Ads-Time
19
Server
nginx
/
shb.richaudience.com/hb/ 		0
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.96 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279400&cb=66407134615&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=34badef6af501ef8&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&uc=gpt_pc_blog_in...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=66407134615&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=34badef6af501ef8&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&uc=gpt_pc_b...
134 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=66407134615&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=34badef6af501ef8&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
58bb3ab44883948342619313b27254eb595c4f56bd590dc597cda95d9f27d479

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=66407134615&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=34badef6af501ef8&tid=432110a7-ad3b-4fd5-b539-14077f6f6bbe&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
70 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3101::6812:22b2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5789251e0b909e7dd205f47062dc660a221c8cb330bd38f8268d08d7b8a67fac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3125de8a1af54-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
prebid
ib.adnxs.com/ut/v3/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
3da3ccb3d02a60ec83d7f0f7ba93156fd5980bc62a3dfed250a9fbb876f0358c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=159
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
e743e21f-cff3-47a5-89d0-6f1c1eb889cd
x-xss-protection
0
server
nginx/1.25.5
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_2_left&tagId=44737%3A1000303249&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
access-control-allow-credentials
true
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_3_left&tagId=44737%3A1000303251&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 06:39:11 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ 		131 B
751 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173254
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ee90c209e9872f335dd57c8a83d031bf97091e5ab0190afb47e561032e0376b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=u6c99fdBoH%2FouqdgjCV4LzPUrgOb%2F7xbbKOEW%2BOh2cCCXNGKVYgziA5I1nVsC9XC4eSSl1rFiJCktR1amaZEGZcveGbpot2IIWX%2Bjt9O2yWIbbM%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b3125dfa7cfd4d-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
113
server
cloudflare
prebid
hb.adingo.jp/ 		0
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_3_left&tagId=44737%3A1000303251&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
57.182.52.186 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-182-52-186.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
access-control-allow-credentials
true
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=aj0f2cOHk&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_3_left&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&prebid_id=528af79330f2b1f&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22fa44b490-a792-4524-9883-6d1f21f4c3f5%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-141-127.nrt57.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
LjppwMWbtowlXFep6lvvTqFIVHlat3PaRKgVQ2nEAP66tzHlcrES-A==
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 b4b8b8ed4296910bd07f12a970676040.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT57-P10
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279402&cb=97967259818&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=540e4dd796c7d638&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&uc=gpt_pc_blog_in...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=97967259818&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=540e4dd796c7d638&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&uc=gpt_pc_b...
134 B
364 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=97967259818&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=540e4dd796c7d638&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
0b2fff6595427bfd13e2a5e4092af4695b4be3fbc318832758b96a3d584ed85a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=97967259818&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&uid=540e4dd796c7d638&tid=afccf82b-eb99-446f-a4e1-5f57d605cbd5&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
/
shb.richaudience.com/hb/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.96 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3101::6812:22b2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f2319eec9fd3430f55b526eb9778e0d4e1e43fadf7bb55f381fae602c918021

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Calling bidders. no bid responses
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3125e08b5af54-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
translator
hbopenbid.pubmatic.com/ 		0
70 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209345&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.169 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
7dce0b62c7100361d1cedb8d03e67f566d9afa92333f8d2f1b16375b0515417c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-ng38.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad368
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209345&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7lj8Co8IoAAE8c1YAAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad368"}
X-SO-HostName
m-ad368.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ7lj8Co8IoAAE8c1YAAAAAA
Content-Length
94
X-SO-IP
146.70.201.135
X-SO-Ads-Time
29
Server
nginx
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.54 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
2eb61a505e7db423c35b5f7f9de164d8d8c62bdf4d083e4333b8ffc180356c11
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=308
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 598.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
3cb904f6-2052-4ce1-8b68-887d143da18b
x-xss-protection
0
server
nginx/1.25.5
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-6c5cbe4dda19ec557ac07e969bc94c0d-378f901c90d66712-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
6c5cbe4dda19ec557ac07e969bc94c0d/4003577046119114514
px.gif
ad-delivery.net/ 		43 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.14207176627688745
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709473
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:11 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3125e1f97fcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.125.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-125-36.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b362da3617d82c0a21be6255810aa40acc8e1f6640af0c418fe6e63e25a07fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=3600
content-encoding
gzip
x-amz-version-id
AtXFtaQ.gkG4VQMOtIVf0pwxM7jVXFts
etag
W/"45333f10311ac91fa33fef08a89414fa"
age
1426
via
1.1 5ca698787bb185fc8bc351cb0c4e9338.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Q8HLpiSzXFdp_cIDYHr_nF0p68Eent5N4GUpQZC1A64drorNC1uSrg==
date
Sat, 08 Nov 2025 06:15:26 GMT
content-type
application/javascript
last-modified
Sun, 02 Nov 2025 08:34:13 GMT
server
AmazonS3
x-amz-cf-pop
KIX50-P3
x-amz-server-side-encryption
AES256
exd
api.btloader.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/exd?tid=n2GkY5rEF-be5Q3wgD-9a6230b5b7&sid=KxiGD2oV3-Dmsk20oU-9a6230b5b7&cv=2.1.167&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
vary
Origin
tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
platform.twitter.com/widgets/ Frame 2610 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02d04afec46359550b450ac2c48d9cd4cf13a0299d32fff3047056f06cee188d

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
12889
content-type
text/html; charset=utf-8
date
Sat, 08 Nov 2025 06:39:11 GMT
etag
"b4ee8875191d05848bcb34575c58675f+gzip"
last-modified
Mon, 11 Dec 2023 17:19:48 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200162-IAD, cache-nrt-rjtt7900032-NRT
embeds
syndication.twitter.com/i/jot/ 		43 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Excite_blog%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1762583951178%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=7412ca14f1e811cea14a7ebe67b89b62ec6af3cf
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

server
cloudflare envoy
strict-transport-security
max-age=631138519; includeSubdomains
x-transaction-id
5b223c297900d1af
cache-control
must-revalidate, max-age=600
origin-cf-ray
99b3125eeef00eee-NRT
cf-cache-status
DYNAMIC
cf-ray
99b3125eeef00eee-NRT
x-response-time
7
content-length
43
date
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
vary
Origin
perf
7402827104
x-served-by
t4_p
truncated
/ Frame 2610 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.5509827696472348
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709473
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:11 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3125f0993fcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/ Frame 7F63 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
63882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3880
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 12:54:29 GMT
etag
7188602577369524748
expires
Fri, 21 Nov 2025 12:54:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gpt_pc_blog_overlay&cls=gpt_pc_blog_overlay&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame 5AF5 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&adk=433290209&adf=473226989&lmt=1762583951&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950747&bpp=13&bdt=632&idt=470&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6045712550791&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=490
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9416 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
1a67c79b857762f98ce74e2ad2fa5f4cce90193d93c2b3d61362c8f47321eb1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
13424
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SK7DRSBW10&gtm=45je5b50v886322701z871867219za200zb71867219zd71867219&_p=1762583950195&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1129303139.1762583950&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~105446120~115480709~115583767~115938466~115938469~116217636~116217638&sid=1762583951&sct=1&seg=0&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&dt=What%20are%20ESG%20Cryptocurrencies%3F%20%3A%20TWINKLES&en=page_view&_fv=1&_ss=1&ep.contents_type_foreign=not_set&tfd=1481
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:800::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:164:0
report-to
{"group":"ascnsrsggc:164:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:164:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:164:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SK7DRSBW10&cid=1129303139.1762583950&gtm=45je5b50v886322701z871867219za200zb71867219zd71867219&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~105446120~115480709~115583767~115938466~115938469~116217636~116217638
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c02::9a , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:132:0
report-to
{"group":"ascnsrsggc:132:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:132:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:132:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.co.jp/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SK7DRSBW10&cid=1129303139.1762583950&gtm=45je5b50v886322701z871867219za200zb71867219zd71867219&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~105446120~115480709~115583767~115938466~115938469~116217636~116217638&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~105446120~115480709~115583767~115938466~115938469~116217636~116217638&z=537007346
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sync
nidan.addlv.smt.docomo.ne.jp/id/daisy/ 		18 B
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nidan.addlv.smt.docomo.ne.jp/id/daisy/sync?callback=d2c.nidan.ds&origin=https%3A%2F%2Ftwinklesphotos.exblog.jp&domain=twinklesphotos.exblog.jp&referrer=&ncid=1KXwLwCR-Jc32n884mw9U
Requested by
Host: cdn.nidan.d2c.ne.jp
URL: https://cdn.nidan.d2c.ne.jp/1.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.193.29.172 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-29-172.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
f3a7bcd0a6c9eb7e05d4149db3c93e49a0e12b50aae2ac460c33da92f43ba2c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/javascript; charset=UTF-8
content-length
18
setuid
u.4dex.io/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=PuSwx3byyDBmcMZub-cECvpOlrwQxEM0godqdPydZCQ&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
0
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rtbhouse&uid=PuSwx3byyDBmcMZub-cECvpOlrwQxEM0godqdPydZCQ&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 06:39:12 GMT
vary
Origin, Accept-Encoding

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://u.4dex.io/setuid?bidder=rtbhouse&uid=PuSwx3byyDBmcMZub-cECvpOlrwQxEM0godqdPydZCQ&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
vary
Accept-Encoding
be96b820e5daac93
ads.us.e-planning.net/uspd/1/ Frame 5C3C
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.108.103.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
ab0406be8198026bdd98fe4506153fbd26ea72eea76ba2b48c85794ea4ea5fcd

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ch
sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sat, 08 Nov 2025 06:39:11 GMT
location
/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
SIN-721
p.js
pdn.adingo.jp/ Frame 4B76 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdn.adingo.jp/p.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.165.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-11-75.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f70c33af86e3e19b2e72af3ed6096ac60cd1b8e4e9685d806bdfcf291b432f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
x-amz-version-id
68SSrNMo4P.HyQuumtqYJW7fVvLTTKM.
etag
"e36f48717bf9c17e9f11a49ef2bd6645"
age
37
x-cache
Hit from cloudfront
x-amz-cf-id
jvANUkf4au4giLWzg_LfP1vsUaZo2UAQmcEXVkttn-kIlSlY5w9-ug==
date
Sat, 08 Nov 2025 06:38:34 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Sep 2025 02:14:34 GMT
cache-control
max-age=600, s-maxage=600, immutable
via
1.1 9c1f4febdb4066254c73e0a51a229bd8.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20368
x-amz-cf-pop
NRT12-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4B76 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
11779502037942753168
age
3349
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/ Frame C3A5 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83c8faff109ba90cf68a5d7d0d02716e96e66de5feb4113028c092eed5e954cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
8658142367797687823
age
29069
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 22:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 22:34:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
6628
x-xss-protection
0
server
cafe
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/ Frame C3A5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8fbd5b5d257438d5c1b781491859472bef148a2f3f747be72b8d6caef431367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
2165137149068350384
age
29069
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 22:34:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 22:34:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9578
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.12625426490358949
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
rtd_supply
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_supply?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
rtd_supply
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_supply?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:11 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
cb.js
cdn.sx.adingo.jp/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sx.adingo.jp/cb.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21d2:9a00:a:d2fd:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e896507e687129617fcf7ee9f55216897bfdbbd55393322f8277b1c97a9cd9c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
cache-control
public, immutable, max-age=900, s-maxage=7200, stale-while-revalidate=14400, stale-if-error=864000
content-encoding
gzip
x-amz-version-id
KDLxO8S11dj67KRguKFHiOmEm.f76YaC
etag
W/"80eec4d215a36a33af61f94523b88a65"
age
6990
via
1.1 178532b0f3799f2332a4c7601d693a44.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1m9auFAAo7MvegyG-ZskSA9RwpiwWE89U6E8I0tkQGdAdGO06cYFCQ==
date
Sat, 08 Nov 2025 04:42:42 GMT
content-type
text/javascript
last-modified
Mon, 14 Jul 2025 07:03:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P7
x-amz-server-side-encryption
AES256
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=a@!S_EQITIEhnshGmKhz
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:11 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=exblog&pk=excite&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&bid=a%40!S_EQITIEhnshGmKhz&at=What%20are%20ESG%20Cryptocurrencies%3F%20%3A%20TWINKLES&sw=1600&sh=1200&rp=false&ga=%7B%22t%22%3A1762583951505%2C%22eu%22%3Afalse%7D&pvid=116605b8-9e74-4d25-9e0a-dde4da450cc4&l=ja
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.31.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-31-119.nrt20.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
bc41137a3d52984304c0a6a4a61fe9b72119286d4e373439640d5282e1471a59

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 02fa8137f2e8d2eea9a32cf638667082.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
x-amz-cf-id
7ymAmwKH4-ogiVnWe44DtMSpwP91DneIRnFH0BqhkGwNuSDRrTw75Q==
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
x-amz-cf-pop
NRT20-P1
server
akka-http/10.2.1
gtm.js
www.googletagmanager.com/ 		335 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8266/0001/itm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
02614a06346392d7fcd1a8962e07e037c6a8ea3226da6f599a83bc2cb24ed74a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
expires
Sat, 08 Nov 2025 06:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 08 Nov 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
121412
x-xss-protection
0
server
Google Tag Manager
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/gpt
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
13283420341987886150
age
56635
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 14:55:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 14:55:16 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23314
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202510140101"
ads
securepubads.g.doubleclick.net/gampad/ 		32 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2516138031305436&correlator=3308237831235645&eid=31095573%2C95376742%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_2_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&dids=gpt_pc_blog_inarticle_rec_2_le&adfs=3135078262&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D6439d128acdb7d69%3AT%3D1762583950%3ART%3D1762583950%3AS%3DALNI_MZsvawYrxAIyZ7Ibon46L4oA6ap9w&gpic=UID%3D000011b0c479124f%3AT%3D1762583950%3ART%3D1762583950%3AS%3DALNI_MZHSoUFJCB6301O1cx_STxqNd-NUw&abxe=1&dt=1762583951557&lmt=1762583951&adxs=510&adys=2123&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskgbCJIeZBmAJd02He4jqjuVHzwOfXb-myR4CNLULWmWuHkdYEmT3IaCBTuc2qDW8h764P-P7azSzsxkascd-YbTGQ2xJ7eALbH-8gH6g&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762583950115&idt=692&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=2701395909&frm=20&eo_id_str=ID%3D99ed9a4f1bf60fa4%3AT%3D1762583950%3ART%3D1762583950%3AS%3DAA-AfjYjzPsqkPc6rSFldgu2s_vT&gblpids=%2F18333008%2FPC_blog_inarticle_rec_2_left&pb_szs=300x250&pbbce=1&td=1&egid=45601&tan=db582a34-3e97-4d8a-adef-a5e0df8aa0d8&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
433caae8c3af9583a01792e59d4cf54190563d5dd48d7b0ab930061a18bb2c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
dcb
google-lineitem-id
-1
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
5031
x-xss-protection
0
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-4f954ad04db79b10e06fd73b3935a0fb-54ba81664aa9f5e3-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
4f954ad04db79b10e06fd73b3935a0fb/6105334521193428451
/
sh.adingo.jp/p/ Frame 4B76 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sh.adingo.jp/p/?G=1000142419&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&R=&serial=63600684648738&guid=ON&kv=%7B%22page_title%22%3A%5B%22What%20are%20ESG%20Cryptocurrencies%3F%20%3A%20TWINKLES%22%5D%2C%22keywords%22%3A%5B%22TWINKLES%22%2C%22%E3%83%96%E3%83%AD%E3%82%B0%22%5D%7D&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=cc158f88-d0f4-4168-9d91-62a35a195092
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.113.106.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-106-149.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
af04fb25cd40e9216abf3af1f60649a76d6dfc2302157c2f2339e212a1f8c0fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
server
nginx
last-modified
Sat, 08 Nov 2025 06:39:11 GMT
access-control-allow-headers
Content-Type
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 9416 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
6020003950853699975
age
39342
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:43:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:43:29 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 9416 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
11924741404489600640
age
39342
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:43:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:43:29 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8624
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/ Frame 9416 		0
0
adview
googleads.g.doubleclick.net/pagead/ Frame 9416 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTTgmj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBPoBT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5MNwSC0hXoZC4127lXywVKKBYESnzu56RkiBa1YtyAiQjg2H7v4AGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZADgAoB-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFyoKGBIUcHViLTg1NDQzMjE5OTYxMjQ2NjAYABgMKgo2NDUwMTM2NTQzUAGqGBcJi0DsjSr-0EASCjY0NTAxMzY1NDMYAQ&sigh=di4g2gm-nRY&uach_m=%5BUACH%5D&cid=CAQSnwEAwksa0cL0fjgLUtPgr_7befsWTXLxz57yeMFUqBFrx7CNRwylXDKkIUajBhp96zXVrjpRNsCdLptY7N9PAhpAymEoD2BKZhVo5cD0rq8ioHb-TfsyWVYS7o-U8uLSdwh9KLk7V9jr3TpRWXE-ZMg3vmWUSFSgCamJXoEKHvrkAW4LFtJD4DXOq_0ue-u1CrZ8WHgdhLUiB3cztnDFn7sYAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498

Response headers

content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
notify
rtb.sg1.as.criteo.com/googleortb/auction/ Frame 9416 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.sg1.as.criteo.com/googleortb/auction/notify?profile=14&payload=mr6tErr3AawC-gG-ZqqlGwAAAKsXDnXLvVu2EQy6dBCP5Q5p8KvGQ1IHHE_IiQAAEgAACg5BUVVCRGdFQkRnWUJEZ2lkp2huUWd8c1Mek1MeWEo&wp=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::32 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

strict-transport-security
max-age=31536000; preload;
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
server
Kestrel
server-processing-duration-in-ticks
109847
afr.php
ads.as.criteo.com/delivery/r/ Frame 865F 		140 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2e143ecf02c60988cc2b90171fbe340b021068bceb2406d6cc6b980427fa29e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://client-side-metrics.as.criteo.net/heavyad?cppv=3&cpp=UoxxGnrBxU3kLT6kGKzI0iXuIv3ho9_O8k2rmAIaFg6141xLMWAk7GVx8bJmzQU2XNTX-W7BSBgPpke_K-bAaDqb0XPUw3l368Nbudck_ySyIWWHfH9S6XlkiNzEVa8Rc9ZDExltQpY2ds7iKUSXLIbocij6-EmNpGv8JLohiAOSsh8hwfAhKK8x4gfHRArcAALC9mY7O4Rpb9HctlyHLPnpCrMkn5mJmLTGMykLCdyGRPNbyPt-HKab41g3keVpqtMrOw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
40721896
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-trace-id
15962382fb595603c0f376742ffa8805
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 85EC 		1 KB
837 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
56477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
812
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 14:57:54 GMT
etag
9725182468138058862
expires
Sat, 08 Nov 2025 14:57:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/ 		327 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10208769&l=itm_dl1&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
0a17e53cc57df732b9ef12d47ca6870e18c4442225e8c3b43866a9d0adf8348f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
report-to
{"group":"ascgsrsghrgc:72:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0"}],}
expires
Sat, 08 Nov 2025 06:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 08 Nov 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgsrsghrgc:72:0
content-length
119771
x-xss-protection
0
server
Google Tag Manager
beacon.html
cf.im-apps.net/imid/ Frame 506A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.im-apps.net/imid/beacon.html
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c23 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
21d68041de9a1b20d2ac2ba4956903eea7e785c5bbc7b0fddb498827b13a57a6

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
gzip
content-length
1381
content-type
text/html
date
Sat, 08 Nov 2025 06:39:11 GMT
etag
"ed9e18514d99c699494df0787acbca6f"
expires
Sun, 09 Nov 2025 06:39:11 GMT
last-modified
Wed, 18 Dec 2024 10:34:56 GMT
p3p
CP="NOI PSD OTR"
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
pageview.js
cdn.audiencedata.net/js/v1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c1c Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
76cf7c805375b29f196da2ca5194c23e3e81e6f15cbde447ac9c5f373b2ce27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
PENDING
Cache-Control
max-age=259200
Content-Encoding
gzip
ETag
"192e6646ecb83536f1d67f794080ddb3"
Connection
keep-alive
Expires
Tue, 11 Nov 2025 06:39:11 GMT
Accept-Ranges
bytes
Content-Length
2033
P3P
CP="NOI PSD OTR"
Date
Sat, 08 Nov 2025 06:39:11 GMT
Last-Modified
Thu, 28 Nov 2024 02:55:43 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
x-amz-server-side-encryption
AES256
/
atb.im-apps.net/a/imsync/8266/622274/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atb.im-apps.net/a/imsync/8266/622274/?token=98e0054c7674dd6ac62e58bc78c5af30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2dbc:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2516138031305436&correlator=2133594200685810&eid=31095573%2C95376742%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_3_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&dids=gpt_pc_blog_inarticle_rec_3_le&adfs=3666061394&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D6439d128acdb7d69%3AT%3D1762583950%3ART%3D1762583950%3AS%3DALNI_MZsvawYrxAIyZ7Ibon46L4oA6ap9w&gpic=UID%3D000011b0c479124f%3AT%3D1762583950%3ART%3D1762583950%3AS%3DALNI_MZHSoUFJCB6301O1cx_STxqNd-NUw&abxe=1&dt=1762583951714&lmt=1762583951&adxs=510&adys=2563&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskgbCJIeZBmAJd02He4jqjuVHzwOfXb-myR4CNLULWmWuHkdYEmT3IaCBTuc2qDW8h764P-P7azSzsxkascd-YbTGQ2xJ7eALbH-8gH6g&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762583950115&idt=692&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D4.00%26hb_adid%3D65bd969e69dd54c8%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=2659255272&frm=20&eo_id_str=ID%3D99ed9a4f1bf60fa4%3AT%3D1762583950%3ART%3D1762583950%3AS%3DAA-AfjYjzPsqkPc6rSFldgu2s_vT&gblpids=%2F18333008%2FPC_blog_inarticle_rec_3_left&pb_szs=300x250&pbbce=1&td=1&egid=45601&tan=db582a34-3e97-4d8a-adef-a5e0df8aa0d9&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
e2bf6aac1f0e2caea68989db9d3c33477b1c8a4d6d43697367d9183d7302c926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
dcb
google-lineitem-id
5406912174
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315363297
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
2848
x-xss-protection
0
server
cafe
privacy_small.svg
static.criteo.net/flash/icon/ Frame 865F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42ba84-6aa"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 865F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42b9ee-759"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
close_button.svg
static.criteo.net/flash/icon/ Frame 865F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"5e46a5e4-134"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
308
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
back_button2.svg
static.criteo.net/flash/icon/ Frame 865F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"626a59dc-125"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
293
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
lg.php
cat.jp2.as.criteo.com/delivery/ Frame 865F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=F-1g0jCtPTLTAfe0gotYDhoCkK5VSUhIfChvwKfcL1Ph35-vPULBoIs9u2qFjSfBbHNYeCiPYngwxFeh0eavqwu2D-Zds9w-JErMqsa6CvtGjjs0GFwZ0oEW5tCtaQHwY_kf3GXNEANbLdYx7nswnf0rLsFzbo5GrBU8yocC5SQ_0aCFUlt49Gsk4JzjX4Ut2VFeOjUq7g07ZHlc7b02WMG0XLpMulMF0iuVs7O_bn-OqEALCDSS74ytQpu76Ey12Ixra9pktwZy682y0PHEwTk3ksh7jHXFI9pZYnkH5paon4-v6cxfFiQVmZo-4KL-nGE-eroJllBvsWEDYzSTc9GGRxh12cJNrpbDRrD_Oqoub0fKJx0o68P7NaTQgTEM0sFSjTR3KUadckuSpWT5TCIabNkp0rPBOL3rbSDqSD1SN2VFdrI2VXlGXamDW8sRFlZxYoRt-rkVXn42TwliE8DsJyV3hb-elRAqNI9rC7Q6DTXgPzZ7LkirtCiRYZImtpDwzt4FKql5LTqwFe0awtI3B_NbCXTtvRy_WiKkSXDAAjR5
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::31 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1987307
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
server
Kestrel
truncated
/ Frame 9416 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6594b1c49ec6faffc2048f883eae68bf384fc715fbe7eb83b92742696d03993

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
register-source
measurement-api.criteo.com/ Frame 865F 		2 B
180 B 		Other
General
Check archive.org
Download Go to
Full URL
https://measurement-api.criteo.com/register-source?impressionId=690ee58faa504d7f8b8a4f5e77deaded&partner_domain=leopalace21.com&external_uid=08811a26-2cf4-4401-8728-173032447098&partner_id=4652&source_type=event&campaign_id=300734&marketing_objective_type=0&creative_type=1&hashed_external_id=-7749956682830052065&hashed_external_id=-7503814528878695895
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/html
vary
Accept-Encoding
server
Kestrel
animejs.js
static.criteo.net/animejs/ Frame 865F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5c9a64eb-3181"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
sync
sync.fout.jp/ Frame 85EC 		43 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.fout.jp/sync?xid=googleadex&g_pixel=&google_gid=CAESEOpTIz9EVuQPMMLAkD924hs&google_cver=1&google_push=AXcoOmT0h7LL8rXWI5hkDwUPDtvErd5RkIsbasBEvgT4ZbFLMh53UheW2ct7EF3Po5y4jXHPH4eX8esICCRy666-_8xtQg9CTfztcT4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.37 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 06:39:12 GMT
Content-Type
image/gif
Server
nginx
pixel
cm.g.doubleclick.net/ Frame 85EC
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEH5ly4mqwNoNVSibhs6lYxo&google_cver=1&google_push=AXcoOmQFDueSrfBj1-I_QbuFr3cj0dCWkYPApRsycF1iK7LG6ty6OqzN9kiafXbTepL7f4ldbY5uY-pBVRAXXnExVztUyWo...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFDueSrfBj1-I_QbuFr3cj0dCWkYPApRsycF1iK7LG6ty6OqzN9kiafXbTepL7f4ldbY5uY-pBVRAXXnExVztUyWo2DZ52jO4&google_hm=eS1TdnVUVWVkRTJwRzZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFDueSrfBj1-I_QbuFr3cj0dCWkYPApRsycF1iK7LG6ty6OqzN9kiafXbTepL7f4ldbY5uY-pBVRAXXnExVztUyWo2DZ52jO4&google_hm=eS1TdnVUVWVkRTJwRzZvVERvaDgwSkJpeWowMk1DSmExYn5B
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=dsp
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQFDueSrfBj1-I_QbuFr3cj0dCWkYPApRsycF1iK7LG6ty6OqzN9kiafXbTepL7f4ldbY5uY-pBVRAXXnExVztUyWo2DZ52jO4&google_hm=eS1TdnVUVWVkRTJwRzZvVERvaDgwSkJpeWowMk1DSmExYn5B
age
0
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
server
ATS
x-frame-options
DENY
pixel
cm.g.doubleclick.net/ Frame 85EC
Redirect Chain
  • https://pixelfnt-us.dsp-api.moloco.com/v1/cm/adxpm?google_gid=CAESEKl8Kfa2xAfaL5DGo7J_-4Q&google_cver=1&google_push=AXcoOmRHIr0b-ACFmnrz0RZni6w1yVVwg3vj7IlSS2H9RvTOmvfTBN1RuOrMf9B0MqRVULa9hAV-oXRmp...
  • https://cm.g.doubleclick.net/pixel?google_nid=moloco_ads&google_hm=v8auusqkQB2b2XMbh-8CtQ&google_push=AXcoOmRHIr0b-ACFmnrz0RZni6w1yVVwg3vj7IlSS2H9RvTOmvfTBN1RuOrMf9B0MqRVULa9hAV-oXRmpT5P4raRVc3n92O...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=moloco_ads&google_hm=v8auusqkQB2b2XMbh-8CtQ&google_push=AXcoOmRHIr0b-ACFmnrz0RZni6w1yVVwg3vj7IlSS2H9RvTOmvfTBN1RuOrMf9B0MqRVULa9hAV-oXRmpT5P4raRVc3n92OIhKVNzLw
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location
https://cm.g.doubleclick.net/pixel?google_nid=moloco_ads&google_hm=v8auusqkQB2b2XMbh-8CtQ&google_push=AXcoOmRHIr0b-ACFmnrz0RZni6w1yVVwg3vj7IlSS2H9RvTOmvfTBN1RuOrMf9B0MqRVULa9hAV-oXRmpT5P4raRVc3n92OIhKVNzLw
content-length
236
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 85EC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_...
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_...
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_3V0YHBSYLxQ-b8ApIqmHcx9Q-gfERLqqnq5cD7w&tc=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:13 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_apac&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmSTnYaWx5IICldujRrkgaApm9OGJ61NtHiIRNrCCuWD5KVnfZObYoakJt_3V0YHBSYLxQ-b8ApIqmHcx9Q-gfERLqqnq5cD7w&tc=1
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 85EC
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVv...
  • https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVv...
  • https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&go...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVviGbY0-ZsRRdIJAHthtXfUwtE-YMh2JViDDFdwRh&tc=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:13 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=ffAyomif6ZD1VoqBceUH9vDT3uvny6-OcxeWYVkFx2c&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house_jp&google_gid=CAESEARChS1OX5Lx_BNv2WI9ajg&google_cver=1&google_push=AXcoOmR-Ub8uKKjbsK5GT1Cqv9zHELo9UcPQxpXSLpY3sNergIGZOOUxGXhvIzyVviGbY0-ZsRRdIJAHthtXfUwtE-YMh2JViDDFdwRh&tc=1
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame 85EC
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKyi5YCkTYeySKzizuBjVzA&google_cver=1&google_push=AXcoOmQ5mNNwzCaP4Qi6bBM1nVI97vVhMkbyTUSTKVcqHJ12ss0aBNuPZPS5XewFIR-...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQ5mNNwzCaP4Qi6bBM1nVI97vVhMkbyTUSTKVcqHJ12ss0aBNuPZPS5XewFIR-iJmJfdGZr8RhgYGBpE9nAZeaoCPKMJ8uy_vzt
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQ5mNNwzCaP4Qi6bBM1nVI97vVhMkbyTUSTKVcqHJ12ss0aBNuPZPS5XewFIR-iJmJfdGZr8RhgYGBpE9nAZeaoCPKMJ8uy_vzt
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

access-control-max-age
86400
x-bytefaas-request-id
20251108063912D89570DC4F99D214FB08
access-control-allow-methods
*
expires
Sat, 08 Nov 2025 06:39:12 GMT
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=1, origin; dur=72
x-cache
TCP_MISS from a23-62-44-102.deploy.akamaitechnologies.com (AkamaiGHost/22.3.1-beec7c8e6b19d04c9cf512962152fd16) (-)
date
Sat, 08 Nov 2025 06:39:12 GMT
x-akamai-request-id
17261000
x-tt-trace-host
015884b634ba0ad777a3afa1da202a39e64e2dd6dc52357d7eeeb0ff13063748f7d931727b3270762c0d5d303e3604e94926b5c8f2cc40549230612e9de051cc1a5f7f5247c2a462a24b423adadee3428b27f3b0a98f215fe27fcf2a0e956fd560
access-control-allow-headers
*
x-bytefaas-execution-duration
4.09
x-origin-response-time
73,23.62.44.102
cache-control
max-age=0, no-cache, no-store
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmQ5mNNwzCaP4Qi6bBM1nVI97vVhMkbyTUSTKVcqHJ12ss0aBNuPZPS5XewFIR-iJmJfdGZr8RhgYGBpE9nAZeaoCPKMJ8uy_vzt
pragma
no-cache
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-credentials
true
access-control-allow-origin
*
x-tt-trace-id
00-251108063912D89570DC4F99D214FB08-6AE0870AD11A6F17-00
content-length
0
x-tt-logid
20251108063912D89570DC4F99D214FB08
server
nginx
pixel
cm.g.doubleclick.net/ Frame 85EC
Redirect Chain
  • https://rtb2-useast.voisetech.com/sync?exchange=1215&google_gid=CAESEHsoI45GxNMMZ6PgHXvV2PU&google_cver=1&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fH...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.voisetech.com%2Fsync%3Fexchange%3D1215%26google_gid%3DCAESEHsoI45GxNMMZ6PgHXvV2PU%26google_cver%3D1%26google_push%3DAXcoOmRiBdM-Kqvt2W0ec...
  • https://rtb2-useast.voisetech.com/sync?adkuid=A4850442030796439405&exchange=1215&google_gid=CAESEHsoI45GxNMMZ6PgHXvV2PU&google_cver=1&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLM...
  • https://cm.g.doubleclick.net/pixel?google_nid=voise_tech_limited&google_hm=QTQ4NTA0NDIwMzA3OTY0Mzk0MDU&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=voise_tech_limited&google_hm=QTQ4NTA0NDIwMzA3OTY0Mzk0MDU&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGlIHZSB26qZXtA4yQMnyjiUi
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:13 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=voise_tech_limited&google_hm=QTQ4NTA0NDIwMzA3OTY0Mzk0MDU&google_push=AXcoOmRiBdM-Kqvt2W0ec4CftHOWHg_F-rOCEc6e0faWhHlKaLMMimh6rKn6_aNw-5zh_4fHwl-V8fHBGlIHZSB26qZXtA4yQMnyjiUi
Content-Length
0
Date
Sat, 08 Nov 2025 06:39:12 GMT
Server
nginx
Connection
keep-alive
attr
cm.g.doubleclick.net/pixel/ Frame 85EC 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LrAo0Au3UKreYror5vszosLQm2fZRbmCH-qOiynPrYqHeoMzKInClxlRltGf7mYgtKBo92F2PD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762583951&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762583950760&bpp=1&bdt=645&idt=486&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6045712550791&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31093846%2C95376583%2C95376711%2C95344791%2C95372615&oid=2&pvsid=2516138031305436&tmod=628053698&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
text/html
server
HTTP server (unknown)
set
sync.im-apps.net/imid/ Frame 506A 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?no_sync=1
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.192.47.58 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-47-58.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
image/gif
Connection
keep-alive
cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
static.criteo.net/design/dt/4652/4537618/ Frame 865F 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/4652/4537618/cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
063b98aee45fb1fd1e70b83917ad0efe7b1011e2151b3aa49ec6812a9be64f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"648819f3-11d2"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
4562
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/jpeg
last-modified
Tue, 13 Jun 2023 07:25:39 GMT
server
nginx
005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8Whj...
imageproxy.as.criteo.net/v1/ Frame 865F 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8WhjYkZCZlUAm6eaNTouEQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
79d2c8ad1333cac8f8b0358e19d2537973f81832d22286c474dc411c236b0b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=31104000
timing-allow-origin
*
age
141480
cross-origin-resource-policy
cross-origin
x-trace-id
c7d6ea9543cf41f4af7a6ad34a679f3a
expires
Sat, 24 Oct 2026 10:27:15 GMT
accept-ranges
bytes
x-cache
hit
content-length
17506
date
Thu, 06 Nov 2025 15:21:11 GMT
content-type
image/png
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuN0Wq8RUv7gAGJJrWrD7Okz9Pe1ql3D4gHuFCXfTHiQTf5Q7PdcCfCMdOPzGFBoUAzMdxYf629TvL8X0p7YuJRp7Py9oBwDcmJCCYX7gIsF88QH6G2ZLkQS81uAnN9NpApcZm8PLjXpNpow1KKqSaE44mRBLBNmiH72Ggl0grRrQWNssGN2pM...
imageproxy.as.criteo.net/v1/ Frame 865F 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuN0Wq8RUv7gAGJJrWrD7Okz9Pe1ql3D4gHuFCXfTHiQTf5Q7PdcCfCMdOPzGFBoUAzMdxYf629TvL8X0p7YuJRp7Py9oBwDcmJCCYX7gIsF88QH6G2ZLkQS81uAnN9NpApcZm8PLjXpNpow1KKqSaE44mRBLBNmiH72Ggl0grRrQWNssGN2pMs83pq8Yp?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f2ca0ce7624a0ea7ce5c6ce08610cbec0811084d79708d5d54f9e9b500889b89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
54269
cross-origin-resource-policy
cross-origin
x-trace-id
ba669f0d32d43d83061eeb7b3270b3e9
expires
Sat, 08 Nov 2025 07:32:05 GMT
accept-ranges
bytes
x-cache
hit
content-length
10770
date
Fri, 07 Nov 2025 15:34:41 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuPEPPSB5nKGL8ANDR3o4Hf0CohC6BZF2CK7IJHCJ6aw7kTob9tEylOJ1idH5RxXgQcNDTB85b1d8Q0D65mVs3S3taZiJXZI7F9O1PiHHENUOlKdCjXvrPSgFIBpWwEhekxrI7o421JUpPqTLFznZqs0CepRJTQKxVUdGlkU9Wrexkvv6sCsVB...
imageproxy.as.criteo.net/v1/ Frame 865F 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuPEPPSB5nKGL8ANDR3o4Hf0CohC6BZF2CK7IJHCJ6aw7kTob9tEylOJ1idH5RxXgQcNDTB85b1d8Q0D65mVs3S3taZiJXZI7F9O1PiHHENUOlKdCjXvrPSgFIBpWwEhekxrI7o421JUpPqTLFznZqs0CepRJTQKxVUdGlkU9Wrexkvv6sCsVBczylf0He?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
02d1441c41d6b79e6fc1d97cfe3ff705aee7547b918debc7326fd0ef5c578e2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
13590
cross-origin-resource-policy
cross-origin
x-trace-id
d25a51ec15873f8212f365536ec46cc1
expires
Sat, 08 Nov 2025 05:15:31 GMT
accept-ranges
bytes
x-cache
hit
content-length
4468
date
Sat, 08 Nov 2025 02:52:39 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
all
client-side-metrics.as.criteo.net/ Frame 865F 		0
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=UoxxGnrBxU3kLT6kGKzI0iXuIv3ho9_O8k2rmAIaFg6141xLMWAk7GVx8bJmzQU2XNTX-W7BSBgPpke_K-bAaDqb0XPUw3l368Nbudck_ySyIWWHfH9S6XlkiNzEVa8Rc9ZDExltQpY2ds7iKUSXLIbocij6-EmNpGv8JLohiAOSsh8hwfAhKK8x4gfHRArcAALC9mY7O4Rpb9HctlyHLPnpCrMkn5mJmLTGMykLCdyGRPNbyPt-HKab41g3keVpqtMrOw&sds=2&rev=102983&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
x-rate-limit-limit
1s
x-rate-limit-reset
2025-11-08T06:39:11.8244753Z
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-rate-limit-remaining
7804
server
Kestrel
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 865F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"60af9cf7-891"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
privacy.svg
static.criteo.net/flash/icon/ Frame 865F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e4d1491-646"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
sync
sync.fout.jp/ Frame 4B76 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.fout.jp/sync?xid=fluct
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.37 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 06:39:12 GMT
Content-Type
image/gif
Server
nginx
/
cs.adingo.jp/sync/ Frame 4B76
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fluct
  • https://x.bidswitch.net/ul_cb/sync?ssp=fluct
  • https://cs.adingo.jp/sync/?from=bidsw&id=acc09442-dbda-4440-8b05-7d5813474fe6
43 B
403 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=bidsw&id=acc09442-dbda-4440-8b05-7d5813474fe6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cs.adingo.jp/sync/?from=bidsw&id=acc09442-dbda-4440-8b05-7d5813474fe6
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F170 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=151007
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 4B76
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
pragma
no-cache
x-forwarded-for
146.70.201.135
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4BB6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=fluct&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 08 Nov 2025 06:39:11 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
location
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
server
AkamaiGHost
/
cs.adingo.jp/sync/ Frame 4B76
Redirect Chain
  • https://ad.as.amanad.adtdp.com/v1/sync/ssp?ssp=5
  • https://cs.adingo.jp/sync/?from=aja&id=s2suidlFuzKsHuVUT6xdcsDvxj_A6wSGCNCm4TzseVA5cYCgpoJwGT2Zb7NaPqn9mKRA4sNagGA1
43 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=aja&id=s2suidlFuzKsHuVUT6xdcsDvxj_A6wSGCNCm4TzseVA5cYCgpoJwGT2Zb7NaPqn9mKRA4sNagGA1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
vkhV8bpxFvRqcEwRiretZ6eo1xgs1dyaNDofaM-E7EbuxdZ2Vrmyvg==
date
Sat, 08 Nov 2025 06:39:11 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://cs.adingo.jp/sync/?from=aja&id=s2suidlFuzKsHuVUT6xdcsDvxj_A6wSGCNCm4TzseVA5cYCgpoJwGT2Zb7NaPqn9mKRA4sNagGA1
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 b4b8b8ed4296910bd07f12a970676040.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
0
x-xss-protection
0
x-amz-cf-pop
NRT57-P10
/
cs.adingo.jp/sync/ Frame 4B76
Redirect Chain
  • https://hrbh3.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D
  • https://hrbh3.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D
  • https://cs.adingo.jp/sync/?from=magnite&id=a987283e396f463091dd9275008c0f2b
43 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=magnite&id=a987283e396f463091dd9275008c0f2b
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

location
https://cs.adingo.jp/sync/?from=magnite&id=a987283e396f463091dd9275008c0f2b
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 08 Nov 2025 06:39:12 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame 4B76
Redirect Chain
  • https://y.one.impact-ad.jp/tbs_cs?callback=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dp1%26id%3D%24UID&ex=p1.com
  • https://cs.adingo.jp/sync/?from=p1&id=30a3fe2e-86d0-48a5-b28e-d04e35c11d22
43 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=p1&id=30a3fe2e-86d0-48a5-b28e-d04e35c11d22
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://cs.adingo.jp/sync/?from=p1&id=30a3fe2e-86d0-48a5-b28e-d04e35c11d22
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
pixel
cm.g.doubleclick.net/ Frame 4B76
Redirect Chain
  • https://cs.adingo.jp/adx/go/?nid=fluct_eb
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbe01e22ad73cc152c485adc199d4732
170 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbe01e22ad73cc152c485adc199d4732
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=dbe01e22ad73cc152c485adc199d4732
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/html; charset=UTF-8
server
nginx
/
cs.adingo.jp/sync/ Frame 4B76
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=dj0pjjk&ttd_tpi=1
  • https://cs.adingo.jp/sync/?from=tdid&id=e310444e-8519-409a-883e-3e55081e4e6a&ttl=1765175951
43 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=tdid&id=e310444e-8519-409a-883e-3e55081e4e6a&ttl=1765175951
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

location
https://cs.adingo.jp/sync/?from=tdid&id=e310444e-8519-409a-883e-3e55081e4e6a&ttl=1765175951
content-length
213
date
Sat, 08 Nov 2025 06:39:11 GMT
server
Kestrel
fltids
aud.adjust-net.jp/adfrontserver/ Frame 4B76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aud.adjust-net.jp/adfrontserver/fltids?val=dbe01e22ad73cc152c485adc199d4732
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.4.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-4-173.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:11 GMT
server
nginx
content-length
0
sync
gum.criteo.com/ Frame 4B76 		56 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
dd7fefb994e22052f611ba65c8023f4ef628a03af1f3322a6728975e488940d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
548067
expires
60
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
id5-api.js
cdn.id5-sync.com/api/1.0/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:170d -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17e84af7ba998526041e90409fec0d80e0bf436fecd99cd94ea4124f1047141
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"9d3ef6e0b1008a729462806417366a8e"
age
3
expires
Sat, 08 Nov 2025 07:39:11 GMT
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript;charset=utf-8
vary
accept-encoding
last-modified
Tue, 04 Nov 2025 08:00:55 GMT
x-amz-id-2
gvx5QQHR0KlOWDlZ3Xr+G6TtbJC9Aaju5X1KTq21INrp96d/61XrUY4z7M4FRA61bLz6APDLKYY=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
PRPEQ4VMKZP2Q3CX
cf-ray
99b31262c845266a-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
pmt.js
dmp.im-apps.net/pms/r7RdVKlj/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
17642f269032d70bd80f65a51b29ff2dfbd2562fab3388a0ff566e5e5ec4f0f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=14350
content-encoding
gzip
etag
"88b28808d3e1b7c043cd159dea364df6"
x-amz-version-id
C5aMNXmeNAE94deWOfnzY1s.dApqvpPr
expires
Sat, 08 Nov 2025 10:38:21 GMT
accept-ranges
bytes
content-length
2442
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Tue, 28 Oct 2025 06:58:42 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
/
cs.adingo.jp/sync/ Frame 4B76
Redirect Chain
  • https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&t=.gif
  • https://cs.adingo.jp/sync/?from=scaleout&id=aQ7lj8Co8IoAAE8c1YAAAAAA
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=scaleout&id=aQ7lj8Co8IoAAE8c1YAAAAAA
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:39:11 GMT
Cache-Control
private
Location
https://cs.adingo.jp/sync/?from=scaleout&id=aQ7lj8Co8IoAAE8c1YAAAAAA
X-SO-Cluster-ID
0
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&t=.gif","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7lj8Co8IoAAE8c1YAAAAAA","privacy_sensitive":false,"uid":"aQ7lj8Co8IoAAE8c1YAAAAAA","upstream_id":"m-ad368"}
X-SO-Upstream-ID
m-ad368
X-SO-HostName
m-ad368.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
146.70.201.135
X-SO-Key
aQ7lj8Co8IoAAE8c1YAAAAAA
Content-Length
0
X-SO-Ads-Time
2
X-SO-UID
aQ7lj8Co8IoAAE8c1YAAAAAA
Server
nginx
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-5b22c9f025b9f9d2e06fd73b3935a655-47b0630ebf23811f-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
5b22c9f025b9f9d2e06fd73b3935a655/5165737687581425951
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2516138031305436&correlator=1050022443730681&eid=31095573%2C95376742%2C83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&dids=gpt_pc_blog_inarticle_rec_left&adfs=3225254544&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D35a90beb84f54b83%3AT%3D1762583951%3ART%3D1762583951%3AS%3DALNI_MaZPlrxc6qUCku2ZAGOsph7BIGxTA&gpic=UID%3D000011b0c3f5ca6e%3AT%3D1762583951%3ART%3D1762583951%3AS%3DALNI_MaeACa9cODSR6LZUdG3ZJj-jrl7RQ&abxe=1&dt=1762583951829&lmt=1762583951&adxs=510&adys=1348&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskgbCJIeZBmAJd02He4jqjuVHzwOfXb-myR4CNLULWmWuHkdYEmT3IaCBTuc2qDW8h764P-P7azSzsxkascd-YbTGQ2xJ7eALbH-8gH6g&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762583950115&idt=692&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D2.00%26hb_adid%3D67dbd9730259efd8%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=3140661673&frm=20&eo_id_str=ID%3D9ce3cac5c9f3a176%3AT%3D1762583951%3ART%3D1762583951%3AS%3DAA-AfjYT_OvoL1JKrhN2_YzQ0lrD&gblpids=%2F18333008%2FPC_blog_inarticle_rec_left&pb_szs=300x250&pbbce=1&td=1&egid=45601&tan=db582a34-3e97-4d8a-adef-a5e0df8aa0da&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
88fd25a75460012fd2a66aa4b5aa43229b3444eb8cdb95402a04ac6b94e4ca7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
dcb
google-lineitem-id
5406912171
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315363291
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
2849
x-xss-protection
0
server
cafe
set
sync.im-apps.net/imid/ Frame 506A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm
  • https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESECJEjOtU5EEXEq9t3dGgf-A&google_cver=1
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESECJEjOtU5EEXEq9t3dGgf-A&google_cver=1
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Server
23.192.47.58 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-47-58.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
no-cache, must-revalidate
location
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESECJEjOtU5EEXEq9t3dGgf-A&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
305
date
Sat, 08 Nov 2025 06:39:11 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
adsct
analytics.twitter.com/i/ Frame 506A 		43 B
674 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=980&p_user_id=fjKcb8gnQpub1TQhpq6Ulw
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=631138519; includeSubdomains
x-transaction-id
411077e3cdb04d2a
cache-control
no-cache, no-store, max-age=0
origin-cf-ray
99b312632a35d78c-SEA
cf-cache-status
DYNAMIC
cf-ray
99b312632a35d78c-NRT
x-response-time
6
content-length
43
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare envoy
x-served-by
t4_p
set
sync.im-apps.net/imid/ Frame 506A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1
  • https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=e310444e-8519-409a-883e-3e55081e4e6a
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=e310444e-8519-409a-883e-3e55081e4e6a
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Server
23.192.47.58 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-47-58.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

location
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=e310444e-8519-409a-883e-3e55081e4e6a
content-length
215
date
Sat, 08 Nov 2025 06:39:11 GMT
server
Kestrel
tr
universe.send.microad.jp/ Frame 506A 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universe.send.microad.jp/tr?service_id=10193&cbt=921069&kv_set=%5B%7B%22unv_member_id%22%3A%22fjKcb8gnQpub1TQhpq6Ulw%22%7D%5D
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=86400;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=86400;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
1; mode=block
content-type
image/gif
server
nginx
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
asr
aid.send.microad.jp/ Frame 506A 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/asr?v=1&code=9KxCwSzdigA&format=pixel&enc_params=fjKcb8gnQpub1TQhpq6Ulw
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Strict-Transport-Security
max-age=3600
Connection
close
Access-Control-Allow-Origin
*
Content-Length
43
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Date
Sat, 08 Nov 2025 06:39:12 GMT
Content-Type
image/gif
Server
Apache
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 506A 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fb6.im-apps.net%2F1007854%2Fmap%2F%23PM_USER_ID
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/html; charset=UTF-8
bh.json
b.im-apps.net/ 		38 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.im-apps.net/bh.json?d=twinklesphotos.exblog.jp
Requested by
Host: cdn.audiencedata.net
URL: https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.1.49.34.bc.googleusercontent.com
Software
/
Resource Hash
a09762026ec520a31e93196fcb5872c7c555da62af9779a85becb8b26689cf62

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 4BB6 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
37589a4616b391d7893085171a60ef159a6921d920d69331a623d702f80c3bff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac

Response headers

cache-control
max-age=62829
content-encoding
gzip
expires
Sun, 09 Nov 2025 00:06:20 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11431
date
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Sat, 08 Nov 2025 00:06:20 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
middy-desktop-4.51.1233.js
cdn.browsiprod.com/sd/apps/middy/ 		383 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.125.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-125-36.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75e2e4d47e7c7596d591fcacd56dffa46ac630c7302b3501f8984d04d50cdec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=31536000
content-encoding
br
x-amz-version-id
qi40OgQStYwY28IH0dpt62eF5pGhjteu
etag
W/"6c6a64e422dda1334df7e6e9a6cf7b8e"
age
247555
via
1.1 5ca698787bb185fc8bc351cb0c4e9338.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9mwidjJkt_tMjdq0cde3LVW67dYniOz3dW4h2K2QbK-RBSRbDwmFFA==
date
Wed, 05 Nov 2025 09:53:17 GMT
content-type
application/javascript
last-modified
Wed, 05 Nov 2025 09:50:57 GMT
server
AmazonS3
x-amz-cf-pop
KIX50-P3
x-amz-server-side-encryption
AES256
geo
ut.pubmatic.com/ Frame F170 		22 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
khaos.json
token.rubiconproject.com/ Frame 4BB6 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
content-length
7
content-type
application/json; charset=UTF-8
pageview
audiencedata.im-apps.net/ 		0
195 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/pageview
Requested by
Host: cdn.audiencedata.net
URL: https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d959:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
access-control-allow-credentials
true
im-uid.js
dmp.im-apps.net/sdk/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
db3ae6ff73fea8460f224a488eee66454435d68b2d8d02bcc0adcf7696645ad7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=7135
content-encoding
gzip
etag
"4b1c4bdb22699af828f7e87a97a75eef"
x-amz-version-id
GN0oOyMAQCREmQzkynYHexmbDUQdEVgx
expires
Sat, 08 Nov 2025 08:38:06 GMT
accept-ranges
bytes
content-length
2738
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Fri, 07 Feb 2025 09:28:46 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
segment
sync6.im-apps.net/6837/ 		95 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/6837/segment?token=X19pbV9zaWRzMw
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:a800::17c1:aa7a Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
d88e95e9b6f96177ee41a04e82a2031f0bf86e00f943b8ead57a3851172ab535

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Cache-Control
private, max-age=1800
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
Content-Length
95
Date
Sat, 08 Nov 2025 06:39:11 GMT
Content-Type
application/json
Vary
Origin
PugMaster
image6.pubmatic.com/AdServer/ Frame F170 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84492888&p=156313&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 Nov 2025 06:39:11 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
id5-api-js
api.id5-sync.com/analytics/1159/ 		1 KB
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.id5-sync.com/analytics/1159/id5-api-js
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
83de9801a4f07263f867436b33b6a63fd660f2f343dd4467ce19c0ea41e0a313
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=300
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-a6ea89abeee00450e06fd73b3935a2a4-f3f163c054b555da-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
a6ea89abeee00450e06fd73b3935a2a4/17577940498309797338
container.html
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 371D 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 371D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7L7kj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLQCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp70KXA290H1J_7TBa--x0deyekvVd_4b-nWpwBnnD-HpH9Qsp9_gBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA4AKA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXLAoaEhRwdWItMzEzNTk2NjE3Nzg0Mzk5MhiAvRQYDCoKMzAwMDc4Mjc3OFABqhgXCfFTdguil79AEgozMDAwNzgyNzc4GAE&sigh=xvb71rk_k0k&uach_m=%5BUACH%5D&cid=CAQSnwEAwksa0ZGcU1qiwOKLoA2M-p4Sh-_GCbi8531Byfq16-nD9qBf1onvdnrIvTpObNFQaxWCAXz22YHz_nQcsRY6_FTiRxDx0L6w9eyumSB9OsF0DFxu4l8PXrXFzV-ivnpCUX5vskNlGJGAF-0aF0JKNReGFXem3Amc5-vnIaF5KgYN_rqNnfQlXG0PBOumypKgt01T999mr0qZiEDOadoYAQ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers
notify
rtb.sg1.as.criteo.com/googleortb/auction/ Frame 371D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.sg1.as.criteo.com/googleortb/auction/notify?profile=14&payload=m76tErr3AawC-gG-ZqqlGwAAAKeCVdJIxvPhIFWQ-XOS09cQj-UOaR6eqHRw5xrFwfcAABIAAAoOQVFVQkRnRUJEZ1lCRGdpZKdoblFnfHNTHpNTHlhK&wp=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::32 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
server
Kestrel
server-processing-duration-in-ticks
183018
afr.php
ads.as.criteo.com/delivery/r/ Frame 188F 		144 KB
50 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
400e54aea25e597b48ddbb83089d4a2889b946a9085c3ef1f07abf548724ca3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://client-side-metrics.as.criteo.net/heavyad?cppv=3&cpp=MZ_6HnrBxU3kLT6kZU56VaMQ-vxyY6JBFMwBE-nuuUf6qs8RotMs-0u8wxYv06XLi9yls2J7WSlehduLFHwBBC5xw0HyQsYtClMpG0TDFVjmp8KDITjis416uoPeFg7IlftAHvo3ZoAhGATMkBL4lFwqSUxWMMx4Jv4b64zeLWq3P0Henx5M9nHaJmFxgYgl5Qt_7QDmkvfz1aAy_Rpr3TUmT1euWo8Xh7d1xexsy2wZAYXMt3yKuP5zSikv8CXeAaP2dQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
34970145
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-trace-id
9cda48ed3f3128b82c68616d102cfe1f
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 371D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/window_focus_fy2021.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
6020003950853699975
age
39342
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:43:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:43:29 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1241
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 33FA 		1 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
bea1c5ab168f662fc9eb5bda3474e5b1bbd0d3ecc1d9c68e2a753f613c2ae0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
56477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
812
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 14:57:54 GMT
etag
9725182468138058862
expires
Sat, 08 Nov 2025 14:57:54 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 371D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11924741404489600640
age
39342
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:43:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:43:29 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8624
x-xss-protection
0
server
cafe
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 371D 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 371D 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
3349
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
activity;dc_pre=CKmI5_L44ZADFUJ2DwIdpCwuQw;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F3344...
ad.doubleclick.net/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F...
  • https://ad.doubleclick.net/activity;dc_pre=CKmI5_L44ZADFUJ2DwIdpCwuQw;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwin...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/activity;dc_pre=CKmI5_L44ZADFUJ2DwIdpCwuQw;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F?
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.250.194.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/activity;dc_pre=CKmI5_L44ZADFUJ2DwIdpCwuQw;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F334...
10208769.fls.doubleclick.net/ Frame DE04
Redirect Chain
  • https://10208769.fls.doubleclick.net/activityi;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F...
  • https://10208769.fls.doubleclick.net/activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3...
910 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10208769.fls.doubleclick.net/activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10208769&l=itm_dl1&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.199.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f6.1e100.net
Software
cafe /
Resource Hash
fad64817350cb514db380c495820af83d85660296a074a8eca2da3ece8bc0152
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
526
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Sat, 08 Nov 2025 06:39:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10208769.fls.doubleclick.net/activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 188F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42ba84-6aa"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 188F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e42b9ee-759"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
close_button.svg
static.criteo.net/flash/icon/ Frame 188F 		308 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"5e46a5e4-134"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
308
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
back_button2.svg
static.criteo.net/flash/icon/ Frame 188F 		293 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"626a59dc-125"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
293
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
lg.php
cat.jp2.as.criteo.com/delivery/ Frame 188F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=Eu3VszCtPTLTAfe0gotYDhoCkK6r7yMW_0CGRSMmIcmVjFl4zFdO0gQLOeaGgFlu6M1ouVlgjmfiPrvpsV7ha1Rj6pLJvV2p-z4mnveL6VAjNPL9Z1cJLQAKMrqv82QbnqOyBNOvxAJJ6BHzh2iLVAa__AezMKBQepsU2DWacVRCfZ9-ElEMKIEJX5IzoMGolZriIK3NY9srw6pIPTxDTveAioBB-tmwIWvmJL4d8DLNVxXhDiRwbgmV-yoE3vfnWO64wXe528OdaABfnS7pItKIfiPaH_KsfDln3KBk6PApTiYzen1Q9Nm40qrqk2dI3rSrfmo2n4Wobmdd2xjqicIWw-E2dKPEuN9h9Gp28GaM49Bm7AImUgxt5nsOXL9-391IYv_aBtI5OXqi5fwdEI0r4uOw2k2FWntUKW7NEybreuSk6Lr-JKnatuy68qOxm6dbvSE35sRyV_oAW0edUHSbXIc78m0zfpZDp1byNrMtCQAN0NcVDLYA3XLp4hA0_cneqv916sBXHW7Ln5-e7-Gcoof8M-9P0ObiTaHJ0Ekd0XT_
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::31 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1540924
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
server
Kestrel
geo
ut.pubmatic.com/ Frame F170 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
application/json
pixel
cm.g.doubleclick.net/ Frame 33FA
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEEeN8Aue0Ie_J_xy5yEJgyg&google_cver=1&google_push=AXcoOmSAfsQK6cR3fr0m7_UYV36wy2NGkk9vjk_RUbX_7aONfhVssxvWrw5A8l1Pj8bKA6uR75G3IPP6fYRrVnky...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zYFYeEA7RykQ7UMdlcz0Ng&google_push=AXcoOmSAfsQK6cR3fr0m7_UYV36wy2NGkk9vjk_RUbX_7aONfhVssxvWrw5A8l1Pj8bKA6uR75G3IPP6fYRrVnkyFypKqlrWay4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zYFYeEA7RykQ7UMdlcz0Ng&google_push=AXcoOmSAfsQK6cR3fr0m7_UYV36wy2NGkk9vjk_RUbX_7aONfhVssxvWrw5A8l1Pj8bKA6uR75G3IPP6fYRrVnkyFypKqlrWay4
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=zYFYeEA7RykQ7UMdlcz0Ng&google_push=AXcoOmSAfsQK6cR3fr0m7_UYV36wy2NGkk9vjk_RUbX_7aONfhVssxvWrw5A8l1Pj8bKA6uR75G3IPP6fYRrVnkyFypKqlrWay4
x-host
tde-deliveryengine-production-5589bb4957-l8dk2
via
1.1 google
x-engine-version
0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
date
Sat, 08 Nov 2025 06:39:12 GMT
server
nginx
usersync.aspx
dis.criteo.com/dis/ Frame 33FA 		43 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSiBMTxtWp8YqxfPwj1BmJJAk8-jf7SaKJw-ZkoBGUyUajRTuPret4HyBq72kB-4-z0xXtH60bCOqxJi0879HqzgB8Sfw&google_gid=CAESEFVyq-b0oTOBtyDQLIiMe28&google_cver=1
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1119583
expires
Sat, 08 Nov 2025 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/gif
server
Kestrel
pixel
cm.g.doubleclick.net/ Frame 33FA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEB0wHiq0Q6akkIjYGFAxoNU&google_cver=1&google_push=AXcoOmRfXO5JhrxYg0g1x5uV6kB-Lqt-jQbsJZ5sKNPQ9IQvPwZ6XJ7ELUG_Tstw4FjthZ5uvZcEIxdpHC3XWgp...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3F4qtkgCXkBiNGYglJBs35JGyYc&google_push=AXcoOmRfXO5JhrxYg0g1x5uV6kB-Lqt-jQbsJZ5sKNPQ9IQvPwZ6XJ7ELUG_Tstw4FjthZ5uvZcEIxdpHC3XWg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3F4qtkgCXkBiNGYglJBs35JGyYc&google_push=AXcoOmRfXO5JhrxYg0g1x5uV6kB-Lqt-jQbsJZ5sKNPQ9IQvPwZ6XJ7ELUG_Tstw4FjthZ5uvZcEIxdpHC3XWgpQwdbmRi21GA
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=3F4qtkgCXkBiNGYglJBs35JGyYc&google_push=AXcoOmRfXO5JhrxYg0g1x5uV6kB-Lqt-jQbsJZ5sKNPQ9IQvPwZ6XJ7ELUG_Tstw4FjthZ5uvZcEIxdpHC3XWgpQwdbmRi21GA
Content-Length
240
Date
Sat, 08 Nov 2025 06:39:12 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
pixel
cm.g.doubleclick.net/ Frame 33FA
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEL...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-c61e77dc-74f9-4e20-aeb1-11dba61f495d-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmSoJ_j2vgpo_SnsTz0O_...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU&google_hm=BMYed9x0-U4grrER26YfSV0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU&google_hm=BMYed9x0-U4grrER26YfSV0
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmSoJ_j2vgpo_SnsTz0O_L3U1HsetnspiE4ETS8xSciciKs82mGaZ8gH--xT3mgaRpDKMSFRPbUcROORHzCN_qG5XV3IoCU&google_hm=BMYed9x0-U4grrER26YfSV0
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Sat, 08 Nov 2025 06:39:12 GMT
etag
RXc61e77dc74f94e20aeb111dba61f495d004
content-type
text/html
server
Tengine
pixel
cm.g.doubleclick.net/ Frame 33FA
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESECvXi-e_DGJyhVB2PijtNZ8&google_cver=1&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqG...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqGxLq9jwTj_qakw0Po54X6KM&google_hm=YVE3bGo4Q284...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqGxLq9jwTj_qakw0Po54X6KM&google_hm=YVE3bGo4Q284SW9BQUU4YzFZQUFBQUFB
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

X-SO-LB-Hostname
m-ng21.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 06:39:12 GMT
Cache-Control
private
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqGxLq9jwTj_qakw0Po54X6KM&google_hm=YVE3bGo4Q284SW9BQUU4YzFZQUFBQUFB
X-SO-Cluster-ID
0
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESECvXi-e_DGJyhVB2PijtNZ8&google_cver=1&google_push=AXcoOmTVcwUv9tZR6oE0YbTspOMIlnuKJtTXVy3_cddPyCQmkIt1Y7zk_-YNYtgrhaBIBKXNAMqqGxLq9jwTj_qakw0Po54X6KM","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.135","key":"aQ7lj8Co8IoAAE8c1YAAAAAA","privacy_sensitive":false,"uid":"aQ7lj8Co8IoAAE8c1YAAAAAA","upstream_id":"m-ad368"}
X-SO-Upstream-ID
m-ad368
X-SO-HostName
m-ad368.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
146.70.201.135
X-SO-Key
aQ7lj8Co8IoAAE8c1YAAAAAA
Content-Length
0
X-SO-Ads-Time
1
X-SO-UID
aQ7lj8Co8IoAAE8c1YAAAAAA
Server
nginx
pixel
cm.g.doubleclick.net/ Frame 33FA
Redirect Chain
  • https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
  • https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=0e8457b0-549d-4cc2-abeb-bd1bd8125c14&google_cver=1&google_gid=CAESEEXLFutw_CbKZv-2u7U9NHE&gdpr_consent=${GDPR_CONSENT_109}&google_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=0e8457b0-549d-4cc2-abeb-bd1bd8125c14&google_cver=1&google_gid=CAESEEXLFutw_CbKZv-2u7U9NHE&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRc7H5s67vlGjs9V0_L4rw5RkHXn5e9lFqovMfukFNqesXu3Jis3hsdws_pU2jBiPmA7125gkZLKGtnnXve2fxib9eJT1c&gdpr=${GDPR}
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=0e8457b0-549d-4cc2-abeb-bd1bd8125c14&google_cver=1&google_gid=CAESEEXLFutw_CbKZv-2u7U9NHE&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRc7H5s67vlGjs9V0_L4rw5RkHXn5e9lFqovMfukFNqesXu3Jis3hsdws_pU2jBiPmA7125gkZLKGtnnXve2fxib9eJT1c&gdpr=${GDPR}
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
server
_
pixel
cm.g.doubleclick.net/ Frame 33FA
Redirect Chain
  • https://gtracenep.admaster.cc/ju/cs/google?google_gid=CAESEBrxW6pQQzNrZGWl_hGUtgQ&google_cver=1&google_push=AXcoOmSdeVFq7lFobpD-VBicw-klR--4-1wEXHsAB3rSaz-3Xk-guaZk9jEkkOiG7VhWLY9L5RPArXj0ujpsLdt62...
  • https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSdeVFq7lFobpD-VBicw-klR--4-1wEXHsAB3rSaz-3Xk-guaZk9jEkkOiG7VhWLY9L5RPArXj0ujpsLdt62WTndno0ndzL&google_hm=05a3810ea5c7658b29x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSdeVFq7lFobpD-VBicw-klR--4-1wEXHsAB3rSaz-3Xk-guaZk9jEkkOiG7VhWLY9L5RPArXj0ujpsLdt62WTndno0ndzL&google_hm=05a3810ea5c7658b29xhv300mhpwz5tj
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=admaster&google_push=AXcoOmSdeVFq7lFobpD-VBicw-klR--4-1wEXHsAB3rSaz-3Xk-guaZk9jEkkOiG7VhWLY9L5RPArXj0ujpsLdt62WTndno0ndzL&google_hm=05a3810ea5c7658b29xhv300mhpwz5tj
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
text/plain; charset=utf-8
access-control-allow-headers
Content-Type
attr
cm.g.doubleclick.net/pixel/ Frame 33FA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13If6qki8FiLbTSRie_gXRf_u343-xcPOwU7mh_14OPTyBekCw64q7bf3yiZ8zgh6ldafF-IkNs
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://pagead2.googlesyndication.com/

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html
server
HTTP server (unknown)
gen_204
pagead2.googlesyndication.com/pagead/ Frame 371D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 371D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 371D 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
136e504832ab8b78aa643a7e4f66020713ba52d557177d617b6361c823cc1565

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
register-source
measurement-api.criteo.com/ Frame 188F 		2 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://measurement-api.criteo.com/register-source?impressionId=690ee58f36774780503f38302ee58993&partner_domain=leopalace21.com&external_uid=a31c452a-349b-4705-a19d-59b38f0eddcf&partner_id=4652&source_type=event&campaign_id=300734&marketing_objective_type=0&creative_type=1&hashed_external_id=-8297990823990722833&hashed_external_id=-7007985255008519567
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/html
vary
Accept-Encoding
server
Kestrel
animejs.js
static.criteo.net/animejs/ Frame 188F 		12 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5c9a64eb-3181"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ Frame 371D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
lotame20250702.js
s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/ Frame 5C3C 		734 B
566 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/lotame20250702.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.206.157.241 New York, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
2a4d0db8e03350480c98deeef085a02b038f9598f1113908ad6f9f6346d402fc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

cache-control
max-age=157680000
content-encoding
gzip
etag
W/"68655c18-2de"
expires
Thu, 07 Nov 2030 06:39:12 GMT
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/x-javascript
last-modified
Wed, 02 Jul 2025 16:19:36 GMT
server
openresty
um
sync.e-planning.net/ Frame 5C3C
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=29e0fafc-334f-4ab8-a703-99e21489b574&dc=769fefa8321c94fb&iss=1
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=29e0fafc-334f-4ab8-a703-99e21489b574&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Server
23.108.103.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
server
openresty

Redirect headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
location
https://sync.e-planning.net/um?uid=29e0fafc-334f-4ab8-a703-99e21489b574&dc=769fefa8321c94fb&iss=1
content-length
0
um
u-sin01.e-planning.net/ Frame 5C3C
Redirect Chain
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7Bym_us...
  • https://u-sin01.e-planning.net/um?uid=ym_user_38e58593-3f07-4fd6-b0c0-d152d39b897b&dc=dbfd729d40c9c3fc&fi=4ae16427bb6d7c8e
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?uid=ym_user_38e58593-3f07-4fd6-b0c0-d152d39b897b&dc=dbfd729d40c9c3fc&fi=4ae16427bb6d7c8e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Server
23.108.103.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
server
openresty

Redirect headers

access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-origin
*
location
https://u-sin01.e-planning.net/um?uid=ym_user_38e58593-3f07-4fd6-b0c0-d152d39b897b&dc=dbfd729d40c9c3fc&fi=4ae16427bb6d7c8e
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
ImgSync
image8.pubmatic.com/AdServer/ Frame 5C3C
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-...
  • https://prebid.a-mo.net/cchain/0/34512?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&bidder=openx&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlE...
  • https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a...
  • https://prebid.a-mo.net/cchain/1/34512?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&bidder=amx_com&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVU...
  • https://eb2.3lift.com/getuid?&gdpr=0&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-4...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d...
  • https://prebid.a-mo.net/cchain/2/34512?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=a4d458aa-c7ea-40bc-b095-a2053fd9c626&bidder=triplelift&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%...
0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D%23PMUID
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Server
207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 Nov 2025 06:39:13 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0

Redirect headers

cache-control
max-age=0, private, must-revalidate
location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F34512%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Da4d458aa-c7ea-40bc-b095-a2053fd9c626%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9NGFlMTY0MjdiYjZkN2M4ZQ%253D%253D%26uid%3D%23PMUID
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding
server
envoy
um
u-sin01.e-planning.net/ Frame 5C3C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4ae16427bb6d7c8e%26uid%3D%24UID
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=4ae16427bb6d7c8e&uid=3458273064371662731
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=4ae16427bb6d7c8e&uid=3458273064371662731
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Server
23.108.103.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
server
openresty

Redirect headers

cache-control
no-store, no-cache, private
location
https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=4ae16427bb6d7c8e&uid=3458273064371662731
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f54e055d-28ab-48fe-8291-f03325f12bfe
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
static.criteo.net/design/dt/4652/4537618/ Frame 188F 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/4652/4537618/cad842f31b1b4cc7b3f6258141bc14e9_cpn_300x250_1.jpg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
063b98aee45fb1fd1e70b83917ad0efe7b1011e2151b3aa49ec6812a9be64f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
etag
"648819f3-11d2"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
accept-ranges
bytes
access-control-allow-origin
*
content-length
4562
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/jpeg
last-modified
Tue, 13 Jun 2023 07:25:39 GMT
server
nginx
005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8Whj...
imageproxy.as.criteo.net/v1/ Frame 188F 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/005LXBl9lDHB2CwCiYitszLuAadGV7mADMqb5NDufVSxZzQEZXZjr7kZOH8r9EoL1MZ4XJ4IVO7BIfW2Ky2j0M2vB2YzdBgXlW5juNkZDkeNd9Q7awf7mGkPmkmANmbn06fPcB5VpcDFzxJdi0oH1JN2NzelR7JkC0qcE41UAQIDOxTOQoZ9IVzCsR7Rm2S3x8WhjYkZCZlUAm6eaNTouEQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
79d2c8ad1333cac8f8b0358e19d2537973f81832d22286c474dc411c236b0b2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=31104000
timing-allow-origin
*
age
141480
cross-origin-resource-policy
cross-origin
x-trace-id
c7d6ea9543cf41f4af7a6ad34a679f3a
expires
Sat, 24 Oct 2026 10:27:15 GMT
accept-ranges
bytes
x-cache
hit
content-length
17506
date
Thu, 06 Nov 2025 15:21:11 GMT
content-type
image/png
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuNN0yim2adTsy6o2eKRNULvVM3giP49X8oVx6YMWoy9hNiIsi13tqGf3wRVPHuO23K2AZFUbhCxpAfy50xrNn2bxKfOfsmcCmEFTG3WMPx3fIDZDzAFxcuqhiqmH4KXFMdtg1DGqtdiphE2rpQC8vV2PCYXceQrSV6koBf4NuuG9h0RJFJdbr...
imageproxy.as.criteo.net/v1/ Frame 188F 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuNN0yim2adTsy6o2eKRNULvVM3giP49X8oVx6YMWoy9hNiIsi13tqGf3wRVPHuO23K2AZFUbhCxpAfy50xrNn2bxKfOfsmcCmEFTG3WMPx3fIDZDzAFxcuqhiqmH4KXFMdtg1DGqtdiphE2rpQC8vV2PCYXceQrSV6koBf4NuuG9h0RJFJdbrGdFqIqBW?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3ad8268741d119951c01e6550a1b5043046519942f211c59816fd28a1f74b3f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
58855
cross-origin-resource-policy
cross-origin
x-trace-id
cd17d716b7ada77f9e5cc8fee7edfdd1
expires
Sat, 08 Nov 2025 06:19:47 GMT
accept-ranges
bytes
x-cache
hit
content-length
4520
date
Fri, 07 Nov 2025 14:18:16 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
000F4YeF5vmwsDfkuOTjNTDHaFvx9p1NbLHfOoQHPezKRGob70hDxYosP8VWB0QlG5Om6kbQBLxh1QlKpPzBcyRPB2aunKmr0cuT1kT6NwRSQ5vEd9ilOVPEWFXidhCcUCx2jkLsMZUWtBRQVo0omQkEBoOiQOAG77OJUUpvRKbpFJdR7VWk4y7UTcs6rl6YytqZR...
imageproxy.as.criteo.net/v1/ Frame 188F 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.as.criteo.net/v1/000F4YeF5vmwsDfkuOTjNTDHaFvx9p1NbLHfOoQHPezKRGob70hDxYosP8VWB0QlG5Om6kbQBLxh1QlKpPzBcyRPB2aunKmr0cuT1kT6NwRSQ5vEd9ilOVPEWFXidhCcUCx2jkLsMZUWtBRQVo0omQkEBoOiQOAG77OJUUpvRKbpFJdR7VWk4y7UTcs6rl6YytqZRBDsOBWSh?b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
a793b99513adcecae14875eb68c51f94fa9f04b8f55d7ccd921f129c2e8ab47d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
public, max-age=86400
timing-allow-origin
*
age
55053
cross-origin-resource-policy
cross-origin
x-trace-id
030a4f8b245bf3d09c1bed24e3c09f12
expires
Sat, 08 Nov 2025 07:40:34 GMT
accept-ranges
bytes
x-cache
hit
content-length
23238
date
Fri, 07 Nov 2025 15:21:38 GMT
content-type
image/webp
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
vary
Origin, x-accept-image
all
client-side-metrics.as.criteo.net/ Frame 188F 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=MZ_6HnrBxU3kLT6kZU56VaMQ-vxyY6JBFMwBE-nuuUf6qs8RotMs-0u8wxYv06XLi9yls2J7WSlehduLFHwBBC5xw0HyQsYtClMpG0TDFVjmp8KDITjis416uoPeFg7IlftAHvo3ZoAhGATMkBL4lFwqSUxWMMx4Jv4b64zeLWq3P0Henx5M9nHaJmFxgYgl5Qt_7QDmkvfz1aAy_Rpr3TUmT1euWo8Xh7d1xexsy2wZAYXMt3yKuP5zSikv8CXeAaP2dQ&sds=2&rev=102983&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
x-rate-limit-limit
1s
x-rate-limit-reset
2025-11-08T06:39:12.8261191Z
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-rate-limit-remaining
9315
server
Kestrel
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 188F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"60af9cf7-891"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
privacy.svg
static.criteo.net/flash/icon/ Frame 188F 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAJeQkFFsj4ADUI0Z8wSuiHNILCkWzW0A&u=%7C6E1S5NKElxbt84EREfVgiY4MSdILzesyBrfWBWKcaWM%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFAURsJ4go3EALnLHgqnzPa6mdQsbuxOBUz7sjIVLy6SCTE_pBZnPmIFvbfP1y6Y4nhjWzuK51PXe2dyHehICOfb9-76i7b-4KRtt0A_A40Z--TFQ3Dwr-oJnle5FhwpzuxZBBG84tiTcZWnpcTlQtLRwa1EQorlPTJWMUiifNudLdZvZm-wHVQOti3JGL7d95hvCBj4-Pq5wAFB5QGFVDVtrwr5h6CwLFYKE3ROM2sbPNlA2_PMmdG2bN0PRDZpY8IZdvMvf9d5uuZIplV0jht4dPJQcy_vuWKC3iOYHqb9_J9sByab21SLFwtkHhvk9Klynm5bekPkYlJUdzw-qpoY6EgCHjZwLBWstcl91Cc5OTo_VPiReL5XlSU5bpETh__Rl-8pmJtD-npDyfPg1SC7ee56obq2ssZ6R2SwY09EXy-nRlpxEWu3zUeSGu6ZXLiDerP8MKVwyLS7LmuUb0DORk6e-A0qFxUSYpVsL4EcXvIpbNNfYdTkQUQaTR-qrS9zumSOQUaKLMKgF8GQ5crO-F76bfrNjC7MbtdfU0QVaOnNY4QxoNTuoraNAlpJTP_azVK9BOr3cjrGcHbXFJ24-a43cIvTyGKoHF8yE-DKhfc_3BZXu24sVlmk3OfqD6l12lPsdgJPE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9hIQj-UOaYnyJfiR29gP0ZHUyQnRvr7bdayNn9y8DcCNtwEQASDQ6t8jYInzxYT0E8gBCakCTbn4Ya3-Oz7gAgCoAwHIAwKqBLcCT9ARljXSkSuG3FDFwpNgUpc_6puXJnLEHiWDbWlgjmA2TvdWND2ZDIkFEBCpXcv1bVvcgwxcfc4-k4ztYsIKFW0fFXFiSSAJ_cXGCx4LwL96DSr3roIx0Da-FfRtopZHxVTNStzLfZFen4-2nfBDfjPn-SfK5ZV5vx7DFloYy_LkY2hffHhOgY4XtPWjaWkHbyGUmHLNLjCp29FRXv20Qna1OoBAXPyoqFVmbtqCTPNUuPQi8pAcQC2N6xrHo9yyx3HoOpFB2BKBoHKvSqCr9meweiHTXV-R7Q7MCbyb9cawu0aJzzrJUcW5_nrHR5nLdkYBtAn96UPWxVd5Z1JJgcGouEjAWNPOjWjaEWZZp_8IfJ9JEMYYOA_svDvsBCtsd2PcWeaRDLn0Fe8wIM3x6TCP9hgVQkTgBAGABqyL9OHii_-MG6AGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQKoB62-sQKoB7_TsQLYBwDSCCwIgGEQATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliUkMny-OGQA_oLAggBgAwBqg0CSlDiDRMIovvJ8vjhkAMV-MgWBR3RCDWZ6g0TCKjEyvL44ZADFfjIFgUd0Qg1mYgO____________AdAVAYAXAbIXEBgMKgozMDAwNzgyNzc4UAGqGBcJ8VN2C6KXv0ASCjMwMDA3ODI3NzgYAQ%26num%3D1%26sig%3DAOD64_1cWA95UgdzZ_EGFpKYclI2ZBONvw%26client%3Dca-pub-3135966177843992%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=31104000, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"5e4d1491-646"
cross-origin-resource-policy
cross-origin
expires
Tue, 03 Nov 2026 06:39:11 GMT
cross-origin-embedder-policy
require-corp
access-control-allow-origin
*
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
image/svg+xml
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 4915
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 08 Nov 2025 06:39:12 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8CD1 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4ae16427bb6d7c8e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=151006
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0426 		2 KB
881 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
br
content-length
750
content-type
text/html
strict-transport-security
max-age=15552000
px.gif
ad-delivery.net/ 		43 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.043998352482770064
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709474
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:12 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b31264f875fcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.9777500319328072
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.041423318711891755
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709474
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:12 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b31264f87bfcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
dns
ab.dns-finder.com/meta/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.dns-finder.com/meta/dns
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.200.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers
X-Resolver
x-resolver
default
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 08 Nov 2025 06:39:10 GMT
content-type
text/plain; charset=utf-8
vary
Origin
container.html
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 4B82 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
geo
ut.pubmatic.com/ Frame 8CD1 		22 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156631
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4ae16427bb6d7c8e%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
usync.js
eus.rubiconproject.com/ Frame 4915 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-149-60.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
37589a4616b391d7893085171a60ef159a6921d920d69331a623d702f80c3bff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac

Response headers

cache-control
max-age=62829
content-encoding
gzip
expires
Sun, 09 Nov 2025 00:06:20 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11431
date
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Sat, 08 Nov 2025 00:06:20 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=*;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame DE04 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=*;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F
Requested by
Host: 10208769.fls.doubleclick.net
URL: https://10208769.fls.doubleclick.net/activityi;dc_pre=CKel6PL44ZADFcLXFgUdevQ2dQ;src=10208769;type=invmedia;cat=im8db0;ord=6649346675290;npa=0;auiddc=640899615.1762583952;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104779684~104948813~105322302~115480710~115583767~115616985~115938466~115938468~116217636~116217638;epver=2;dc_random=1762583951_0ODUbH-SDJM14IUyIeVMjur8Fx5jqOtXXg;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://10208769.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
khaos.json
token.rubiconproject.com/ Frame 4915 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
content-length
7
content-type
application/json; charset=UTF-8
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 4B82 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 4B82 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
5534
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrmQUzUYTI%2FmsSa0UJ63OqE%2FWI9qPI719V4LhlIirFfZezKccrRCvJakbu9yZpgXiII1alIJrISLCUuuMnVPGjFoDyJ7XY9MMy19Kw8R%2Fcx6JvhsGhD3ZwAKM7ToilN7SY2hqnny9OVpp4fk2JY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b31265680d7959-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4B82 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
3349
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 4B82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZul_Vm7Cytm3uhMsizM6VkDP_MXvENc0YUvhCelLLvVvXWMwXbbTsVr76TGXxmsGTspp5S2YvvCNQann2Eyed3K2-FHX2K1ZwgcsU7sObKXFeDDmk7FM_8pto6nvZeZg07ULD_eapx_8_PA127woKfJdHdwtzhdhOeD22EAqO768KsAW1pze7cx4rPZuOegphM1vo_mg0HjXgbl7NWt1NTF0Ka7VEcprC6C02lWdWJ2iSwIMzKh5Rm1kpN82Z_BUJQRMIk1wPrVjgaMV4xNqDTP78P80leg5FXr0t-dRvQ7tvQw83nTyw4LGkbEbdr80V9R5Nv51PfVazWuGS5-zVOxNx78OLVsQ-q6CVevWgW3cYNcQuvtAvV4cIdGFS7r58T6pJKkGnEgdtx99z4aDFrUGSC-Jyd-MvD5a7LxQ2Ut-9c055hi5nSNMqaoq2iEdxpY0zjv_MZUdMMToFT4rNbUTEWA&sai=AMfl-YRNOOUObFSDJa62YIXP4lr902SgwSFGJiU5FbfifULhRE4zbjskpzJot6y8Ga9PFxEXrofuxmwqqsAaHOzkGSCkkZSKJkVseCjUr9dVl7JwVri2iUUSvbKDoyXdcI6pw5UHnTxcbk3syOtG4JtQB_fnhi77MsKF6iDCgPKLEDm6guw5CUVcHYec2549JTm1pf_-h8WNXtt58CpqpZqtlo6XzBTrW_db-DVYvKrM-GpHRIQUyQ2P75ClVVVQtp96ZWf1OQ&sig=Cg0ArKJSzJ0hf22H2DqaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sync
cs.adingo.jp/ Frame 4BB6
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=fluct&khaos=MHPWZ5LU-19-H8C6
  • https://cs.adingo.jp/sync?from=rubicon&id=MHPWZ5LU-19-H8C6
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync?from=rubicon&id=MHPWZ5LU-19-H8C6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cs.adingo.jp/sync?from=rubicon&id=MHPWZ5LU-19-H8C6
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
content-length
0
Content-Type
text/html
container.html
24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 8D2D 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 06:39:11 GMT
expires
Sat, 08 Nov 2025 06:39:11 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 8D2D 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:11 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 8D2D 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
5534
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrmQUzUYTI%2FmsSa0UJ63OqE%2FWI9qPI719V4LhlIirFfZezKccrRCvJakbu9yZpgXiII1alIJrISLCUuuMnVPGjFoDyJ7XY9MMy19Kw8R%2Fcx6JvhsGhD3ZwAKM7ToilN7SY2hqnny9OVpp4fk2JY%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b31265680d7959-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8D2D 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
3349
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 05:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=EUC-KR
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 8D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTFHoqtMCq0F_UeXGoXw49n7_Ck7q53kFDKNz7v6j1vUl5Gecyp909cEKCPfi6xasQVCajL2qjKvOiYdxL8-jjvAYCrQsAoRS-rg1o7MlBVNk7kKJA1XwplYjx95NWZGj0DNlgdQB1FfBrEAv-csQTH3RGq1LMVr_4Cm8a0HMjyedmtZiygAYhU4Q7yIaVTe-1LMp-aOlYMmb5zcD2tTh1jcaGJpQSn9vD0-F3ul8vABo3Ndx5Ehlj9vPQ08zDvKwyHWF0kKVS7WH01eq2fMQEvtgIud8KOWbnexW634fUYmGk8rN-ihfgiqN5vz-CJxXvQmv725G3rF8aPFky9PIwhoa4-MMn0I_VBfVaF2hY8kc7pYRls2oI_Mt2MQ360_9O_CTMbJZu-E2T3db1P2-wN4vV4C7HyDaac8VIp4Kn1BW8RRE4yE2MwNgu9ATIbLWGX3CGO5AY53rNdKVQeteCTw&sai=AMfl-YQ6X7vlZMRKyErf2AI9owztLMcGXTrjT3kvKZY9vax6_4g0iFs84FYRKAajwC7GzKFYo5qkXzpsznexsV7T3gRY8d3bovYK5KZAgY-xU4vH_Ad_ErQGKxlcRxp0XbQSZyI3DW5bTa7xobJGPoH2kBqzCIlMgU7jkkR4LTH0l2OazR-agYVo1vGUf7zTzIfJtISEtwAmpXAjzTJ7CoSs_rfJ3GeXwU3U-NhhUcB5PHnRKY2LaJL7WpJ-mC3XD7Ki-O-6sA&sig=Cg0ArKJSzKjtmlkiOb2bEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
URL: https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-e063b574e2111650e06fd73b3935ae64-25b9138e2e09a4b0-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
e063b574e2111650e06fd73b3935ae64/2718225351473472688
geo
ut.pubmatic.com/ Frame 8CD1 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156631
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4ae16427bb6d7c8e%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
um
sync.e-planning.net/ Frame 4915
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=12186&khaos=MHPWZ5LU-19-H8C6
  • https://sync.e-planning.net/um?uid=MHPWZ5LU-19-H8C6&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=MHPWZ5LU-19-H8C6&dc=9bcc91305985f0db&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Server
23.108.103.28 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
server
openresty

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.e-planning.net/um?uid=MHPWZ5LU-19-H8C6&dc=9bcc91305985f0db&iss=1
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
content-length
0
Content-Type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 8D2D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b3367666bf1f8813c55c1ed0c258473cfa5a9bd17070fb9072116716ec45d20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 4B82 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c6de77b4b4092cf1d5b3ced449610bf494e8810d6506626e49ce0d0742440bd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 4BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=MHPWZ5LU-19-H8C6&ex=d-rubiconproject.com&status=ok
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MHPWZ5LU-19-H8C6&ex=d-rubiconproject.com&status=ok
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
FRMMP0G43ZTQB0MA43ZR
Content-Length
43
Date
Sat, 08 Nov 2025 06:39:12 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MHPWZ5LU-19-H8C6&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
content-length
0
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 4BB6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDE2OTA2NjA2OWY2YjA0ZGQ0MWMzM2Y5ZGQ5ZjM5MTg4YjI1OWUxYg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDE2OTA2NjA2OWY2YjA0ZGQ0MWMzM2Y5ZGQ5ZjM5MTg4YjI1OWUxYg
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZDE2OTA2NjA2OWY2YjA0ZGQ0MWMzM2Y5ZGQ5ZjM5MTg4YjI1OWUxYg
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Pragma
no-cache
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 4BB6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e310444e-8519-409a-883e-3e55081e4e6a&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e310444e-8519-409a-883e-3e55081e4e6a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
da1c8a4a3f9301c03fbeb7a6212a0a54
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e310444e-8519-409a-883e-3e55081e4e6a&gdpr=0&gdpr_consent=&expires=30
content-length
289
date
Sat, 08 Nov 2025 06:39:12 GMT
server
Kestrel
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4BB6
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
TBPTGTQ01NZW2KB5ZV92
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:39:13 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
KM3QRGZQE3ESWY3C525V
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:39:12 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 4BB6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpBVRjEV9J_VjRtzkF7xGE&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpBVRjEV9J_VjRtzkF7xGE&google_cver=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELpBVRjEV9J_VjRtzkF7xGE&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
setuid
px.ads.linkedin.com/ Frame 4BB6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPWZ5LU-19-H8C6
0
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPWZ5LU-19-H8C6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6E02E2F97DFF49F0B699576861BB1812 Ref B: TYO01EDGE2014 Ref C: 2025-11-08T06:39:12Z
x-li-fabric
prod-ltx1
x-li-uuid
AAZDD45hjxNhaeREAohTQg==
x-li-proto
http/2
alt-svc
h3=":443"; ma=86400
x-cache
CONFIG_NOCACHE
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHPWZ5LU-19-H8C6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Pragma
no-cache
content-length
0
dcm
s.amazon-adsystem.com/ Frame 4BB6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Server
98.82.156.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-156-207.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
EHX6CQ7APJ3Q8HQXVBSQ
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:39:13 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
5A3XP5CZEYZ89JKTJM6P
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 06:39:12 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
pixel
cm.g.doubleclick.net/ Frame 4BB6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUhQV1o1TFUtMTktSDhDNg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUIN824dyXBAFjZsDUC70o&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQV1o1TFUtMTktSDhDNg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQV1o1TFUtMTktSDhDNg==&google_push=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhQV1o1TFUtMTktSDhDNg==&google_push=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame 4BB6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=n_lMc-oxHRdmk_am2o4ahsn5EUdSAgOZEtemQ7w0kco&csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yw7zhxNE2oIrXBQKsLjO64KP19vHEtTRFU.PQA--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yw7zhxNE2oIrXBQKsLjO64KP19vHEtTRFU.PQA--~A
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-Yw7zhxNE2oIrXBQKsLjO64KP19vHEtTRFU.PQA--~A
age
0
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
text/html
server
ATS
rp
match.prod.bidr.io/cookie-sync/ Frame 4BB6 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.90.134 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-90-134.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
Server
gunicorn
setuid
pbs.yahoo.com/ Frame 4BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
0
0
check
pixel.tapad.com/idsync/ex/receive/ Frame 4BB6
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MHPWZ5LU-19-H8C6
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MHPWZ5LU-19-H8C6
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MHPWZ5LU-19-H8C6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=31536000
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
95
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/png

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MHPWZ5LU-19-H8C6
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
setuid
ib.adnxs.com/prebid/ Frame 4BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
650bfdbe-0fa9-43d7-aded-807478ff0346
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.25.5

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MHPWZ5LU-19-H8C6
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
content-length
0
Content-Type
text/html
magnite
sync.a-mo.net/setuid/ Frame 4BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://sync.a-mo.net/setuid/magnite?uid=MHPWZ5LU-19-H8C6
0
721 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.a-mo.net/setuid/magnite?uid=MHPWZ5LU-19-H8C6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
max-age=0, private, must-revalidate
date
Sat, 08 Nov 2025 06:39:12 GMT
x-envoy-upstream-service-time
1
vary
accept-encoding, Accept-Encoding
server
envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.a-mo.net/setuid/magnite?uid=MHPWZ5LU-19-H8C6
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
content-length
0
Content-Type
text/html
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 4BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MHPWZ5LU-19-H8C6
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPWZ5LU-19-H8C6
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPWZ5LU-19-H8C6&ckls=true&ci=bE0uK3jJEt&nc=false&trid=1371672673
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPWZ5LU-19-H8C6&ckls=true&ci=bE0uK3jJEt&nc=false&trid=1371672673
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
54.230.175.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-58.nrt57.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 d2104da91378e8b035256e7a8c6c9186.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:39:13 GMT
content-type
image/gif
x-amz-cf-pop
NRT57-P9
x-amz-cf-id
uitNB5yPSbbSJg7GGDr1M0ilfjYIeT1UyJ9uRVBLi1cpBepq0JkR-Q==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHPWZ5LU-19-H8C6&ckls=true&ci=bE0uK3jJEt&nc=false&trid=1371672673
pragma
no-cache
via
1.1 58fbb4a39d3cbbe6f5ded9456f09b678.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 06:39:13 GMT
content-type
image/gif
x-amz-cf-pop
NRT57-P9
x-amz-cf-id
qn2LdD-m5i4goZMGmE7O_lXBRnVkPi-QWzIFM50hJDfiXTfCYtD9yQ==
v1
match.sharethrough.com/sync/ Frame 4BB6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHPWZ5LU-19-H8C6
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHPWZ5LU-19-H8C6
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443971/
Protocol
H2
Server
54.255.134.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-255-134-76.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHPWZ5LU-19-H8C6
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
content-length
0
Content-Type
text/html
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 32DA 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T063912Z-r18f5df8b7722fqbhC1TYO3q5w000000092g00000001bkrz
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
bb46bb74-c01e-0044-20db-4d3142000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:39:12 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame 32DA 		153 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T063912Z-r18f5df8b77qbxn4hC1TYOu5c000000013g000000001u7ef
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
fe3724f0-501e-0091-58e8-4f97dd000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 06:39:12 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
it
sin3-ib.adnxs.com/ Frame 32DA 		0
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443971%252F&e=wqT_3QL1CKB1BAAAAwDWAAUBCI_Lu8gGEJuil82gwcmJUBgAKjYJhPE89j5Imj8RhA0JJBkAAAAgXI_qPyERGwApEQn0KQQxAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeNbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NzEvgAMAiAMBkAMAmAMXoAMBqgP2AwqKA2h0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWNmMzk0NWViLTg0YzItNDUwZi1iYjg0LTM5Y2MyNjI2NTZjMSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmaW1wSWQ9NTc2OTk5NzM3MjE0NTEyNzcwNyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTUwM2I2ZmRjLTZkNWYtNGZmNi1hODQxLWUzZWJmOWNhMjMwMyZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDA2JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfZXl2YXhfSGFyZnBuY3ImdWJlckdyb3VwPWhvcmVfM2MmdWJlclN1Ykdyb3VwPWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM1NzY5OTk3MzcyMTQ1MTI3NzA3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTJNREV5TVRJek1UWTFNalVqTWpNek5EUXdNRFl5TlRjek9EUTBPUT09SADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcKI8Ze_-_bhEsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcrXqwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAfW0gXSBw8JAAAAAAAAAAAQABgAIADaBwYIABAAGADgBwDqBwIIAPAH69oEighHCkMAAAGaYjC2mFATJgoJpdEbPEdCbo6NmCt6i8PHfYZPigfmxrpWAgzwTlB2rUAonI7ZlrY3smGerzaAThmmSkHMhT7iEAGVCAAAgD-YCAHACPxD0ggLCPP_37uAHhAAGADaCAQIACAA4AgA6AgA&s=4e7e461e615a67ae6c57c3d6d704b35eded6ca6b
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
eeda8140-813f-448f-8b74-a3d0e7309191
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 80C7 		128 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T063912Z-r18f5df8b7722fqbhC1TYO3q5w000000092g00000001bkrz
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
bb46bb74-c01e-0044-20db-4d3142000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:39:12 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame 80C7 		153 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T063912Z-r18f5df8b77qbxn4hC1TYOu5c000000013g000000001u7ef
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
0
x-ms-request-id
fe3724f0-501e-0091-58e8-4f97dd000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 06:39:12 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
it
sin3-ib.adnxs.com/ Frame 80C7 		0
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443971%252F&e=wqT_3QLlCKBlBAAAAwDWAAUBCI_Lu8gGEOeno_vfzpS8ZRgAKjYJmM-8xtq0pD8RmA0JJBkAAADgo3DlPyERGwApEQn0GQQxAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeJnUBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NzEvgAMAiAMBkAMAmAMXoAMBqgPmAwr6Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTVkNjQ2MTQyLThlNWUtNDFmOC1iOTA1LWE4MDc2OTZiODkzZSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjgmaW1wSWQ9NzMxMTY4NDY2MTc4NTcxMTU5MSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWM1YTliMzc2LTUzOWUtNDJlOS1iN2M3LWU0N2U1NGM5N2Q1NyZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDEwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9ZXJmcmVpciZ1YmVyR3JvdXA9aG9yZV8zYyZ1YmVyU3ViR3JvdXA9ZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzczMTE2ODQ2NjE3ODU3MTE1OTEiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJek1qWXpORE0xT0RjNE5qUWpNak16TkRFeU5UYzBOemM0TWpVMk1BPT1IAMAD2ATIAwDYA4fqNOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDYuNzAuMjAxLjEzNagEALIEEggAEAEYrAIg-gEoADAAOAJCALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF1rDy2922_a1CwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyterAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB5nUBdIHDwkAAAAAAAAAABAAGAAgANoHBggAEAAYAOAHAOoHAggA8Afr2gSKCEcKQwAAAZpiMLaYZXhSdf9o0-eexovbG1Zq4OyEVnr0fTbyP8qdKxL3ThUSGndcb0p-0QFXCIKRqSGWyqpF_-bpwyfwo8wQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=81907d8bbdc5d7c63f7b3b1e83aeb8c963074a15
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a1a6c47a-6383-49f9-bbbe-381a10d44596
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EEA5 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=151006
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EB18 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=151006
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
ssbsync.smartadserver.com/api/ Frame AD88 		986 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
56f18cee78903130d957e02f8c010bbc0dd6b4bdda1ee3c5bc5147a2341e154e

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,no-store
content-length
986
content-type
text/html
date
Sat, 08 Nov 2025 06:39:11 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
geo
ut.pubmatic.com/ Frame EEA5 		22 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.39903612130238497
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709474
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:12 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b312667ca9fcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
geo
ut.pubmatic.com/ Frame EB18 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-eb07a3509b0f06e4e06fd73b3935a23e-2f6c6fbb317c7455-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
eb07a3509b0f06e4e06fd73b3935a23e/3417229067047171157
bounce
id5-sync.com/ 		29 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="CAO PSA OUR"
date
Sat, 08 Nov 2025 06:39:13 GMT
content-type
text/plain;charset=utf-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::1291 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
fd7a9e89ea5bfb6f8bc4729e5d68b4fd7b4bbebd7d08c45f8e98154dce9aef2c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
54
date
Sat, 8 Nov 2025 06:39:13 GMT
content-type
application/json
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
c9cebb81b69b726cf9f21ed888fe5f22140a53fffb3d9ef9d3cb4b52422f3d8f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-encoding
gzip
date
Sat, 08 Nov 2025 06:39:13 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.125.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-125-36.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
age
8252
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
JsXsC3e3FBv0ES1Gu0RjsR49S2W6-ys5_Y34aRWPRVmc4JcrJuKN1g==
date
Sat, 08 Nov 2025 04:21:41 GMT
content-type
application/javascript
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
via
1.1 eb9ac5638287dc15c1aa46bb047a0b9e.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
KIX50-P3
server
AmazonS3
web-vitals-4.2.3.js
cdn.browsiprod.com/web-vitals/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/web-vitals/web-vitals-4.2.3.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.125.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-125-36.kix50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cf3e6d0ce85a08fee4fd2a90152a1a50e8b829c10003981d8f79da6cc2e874c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
content-encoding
br
etag
W/"368295c3c1ca25cab006d95cf23bf675"
x-amz-version-id
auY5YQzsiUXHB2pR679xyleBGL_hEO7t
age
32799
via
1.1 5ca698787bb185fc8bc351cb0c4e9338.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Qmdd5Cm6Ngj_7F68_PMhLHXNV0MjfF87m8yaGbysoCLQbcATVH5qyw==
date
Fri, 07 Nov 2025 21:32:34 GMT
content-type
application/javascript
last-modified
Mon, 26 Aug 2024 12:35:42 GMT
server
AmazonS3
x-amz-cf-pop
KIX50-P3
x-amz-server-side-encryption
AES256
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=116605b8-9e74-4d25-9e0a-dde4da450cc4
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.247.70.22 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-247-70-22.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 06:39:12 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 5C3C 		64 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/76bee3726430bfbb/lotame20250702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.122.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-122-124.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ce3e8fb943761e73b47aa68d2a1c2054dcf3d3fbe651a0f911e4efeeb95e17d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.us.e-planning.net/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"f722a15b42fc572a5bf4dad5923993f7"
age
34632
via
1.1 1ee54fe8d75e768fad3c5263c97be482.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
bMI0Sq_37jv-XF7BEbxaW1oxAxwbJD63zx74_GYsYAR1VoRl-P3C3g==
date
Fri, 07 Nov 2025 21:02:46 GMT
content-type
text/javascript
last-modified
Thu, 16 Oct 2025 16:19:53 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P1
x-amz-server-side-encryption
AES256
app.js
adsdk.bing.net/viewability/ Frame 32DA 		186 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T063912Z-r18f5df8b774v2jchC1TYOb90400000013p000000001qyyw
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:39:12 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
c.gif
www.bing.com/aes/ Frame 32DA 		0
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=62455dd6642a47ea844df260aaf3f2c6&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c8d Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.ba813417.1762583952.625146f
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8AD51AE39EB3473DBD424D4CA23339D5 Ref B: TYO201151004042 Ref C: 2025-11-08T06:39:12Z
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame 32DA 		0
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cf3945eb-84c2-450f-bb84-39cc262656c1&bidId=1&bidderId=4&cmExpId=LV3&impId=5769997372145127707&oAdUnit=391466&publisherId=162645330&rId=503b6fdc-6d5f-4ff6-a841-e3ebf9ca2303&region=apac&rtype=miFeedbackURL&tagId=35091406&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_eyvax_Harfpncr&uberGroup=hore_3c&uberSubGroup=erfreir&sdkv=1.100.42&aid=5769997372145127707
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c8d Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.ba813417.1762583952.6251470
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DEC1E2A0CA924536B3B7D1E9959ACC4D Ref B: TYO201151002029 Ref C: 2025-11-08T06:39:12Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
vary
Origin
th
www.bing.com/ Frame 32DA 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1312816976504416_1WP6P1BEA1KQ0NI&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c8d Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
7ecbb51f262a4f5eac120c743d9a68ee79c9017e075cadb77b5f638509501a67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.ba813417.1762583952.6251471
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
27320
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/jpeg
access-control-allow-headers
*
geo
ut.pubmatic.com/ Frame EEA5 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame EB18 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
app.js
adsdk.bing.net/viewability/ Frame 80C7 		186 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T063912Z-r18f5df8b774v2jchC1TYOb90400000013p000000001qyyw
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 06:39:12 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
c.gif
www.bing.com/aes/ Frame 80C7 		0
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=a2758d694fa249ce970410db18cdb6af&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c8d Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.ba813417.1762583952.6251479
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E111FA2B9D81419FB3BF867BA7641DC3 Ref B: TYO201151006025 Ref C: 2025-11-08T06:39:12Z
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame 80C7 		0
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5d646142-8e5e-41f8-b905-a807696b893e&bidId=1&bidderId=4&cmExpId=LV8&impId=7311684661785711591&oAdUnit=391466&publisherId=162645330&rId=c5a9b376-539e-42e9-b7c7-e47e54c97d57&region=apac&rtype=miFeedbackURL&tagId=35091410&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&uberGroup=hore_3c&uberSubGroup=erfreir&sdkv=1.100.42&aid=7311684661785711591
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c8d Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.ba813417.1762583952.625147a
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A76B226D78804672974DC8EA20176FC9 Ref B: TYO201151002029 Ref C: 2025-11-08T06:39:12Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 06:39:12 GMT
vary
Origin
th
www.bing.com/ Frame 80C7 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1324911644531515_1PSPO934S4W11QD&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c8d Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
014a6873dc50b7d3030ed1b326384a2240ebaaf07686a5766f97d04e2c994284

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.ba813417.1762583952.625147b
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
27079
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/jpeg
access-control-allow-headers
*
cksync.php
hb.trustedstack.com/ Frame 9E33 		43 B
405 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D4ae16427bb6d7c8e
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.220.70.18 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-220-70-18.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
43
content-type
image/gif
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
Sat, 08 Nov 2025 06:39:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
timing-allow-origin
*
vary
Accept-Encoding
setuid
u.4dex.io/ Frame 88DB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=eplanning&it=adg-pb-clt&uid=AEUxg6q1TVt7Xcv9
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
date
Sat, 08 Nov 2025 06:39:12 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
rd_log
sin3-ib.adnxs.com/ Frame 32DA 		0
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCI_Lu8gGEJuil82gwcmJUBgAKjYJhPE89j5Imj8RhA0JJBkAAAAgXI_qPyERGwApEQn0DgExAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeNbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NzEvgAMAiAMBkAMAmAMXoAMBqgMCSADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEBfdYiAUBmAUAoAXCiPGXv_v24RLABQDJBQAFARTwP9IFCQkFC_BAAAAA2AUB4AUB6gUNCgnjg5bjg63jgrASAOoFDAoIVFdJTktMRVMSAPAFyterAfoFBAgAEACQBgCYBgC4BgDBBgABQjAA8D_QBsKNBNoGFgoQBREdAXwQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB9bSBdIHDxWIASkQIADaBwYBY_B7GADgBwDqBwIIAPAH69oEighHCkMAAAGaYjC2mFATJgoJpdEbPEdCbo6NmCt6i8PHfYZPigfmxrpWAgzwTlB2rUAonI7ZlrY3smGerzaAThmmSkHMhT7iEAGVCAAAgD-YCAHACPxD0ggGCAAQABgA2ggECAAgAOAIAOgIAA..&s=bca66c48c8d3f9fa3cf9c61c77624730ce22e37e&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2F24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
61121206-72b9-46fb-b000-115e09ee49bb
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.06147911726480393
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
709474
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 06:39:12 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b312680895fcbf-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
rd_log
sin3-ib.adnxs.com/ Frame 80C7 		0
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCI_Lu8gGEOeno_vfzpS8ZRgAKjYJmM-8xtq0pD8RmA0JJBkAAADgo3DlPyERGwApEQn0DgExAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeJnUBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NzEvgAMAiAMBkAMAmAMXoAMBqgMCSADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEBfdYiAUBmAUAoAXWsPLb3bb9rULABQDJBQAFARTwP9IFCQkFC_BAAAAA2AUB4AUB6gUNCgnjg5bjg63jgrASAOoFDAoIVFdJTktMRVMSAPAFyterAfoFBAgAEACQBgCYBgC4BgDBBgABQjAA8D_QBsKNBNoGFgoQBREdAXwQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB5nUBdIHDxWIASkQIADaBwYBY_B7GADgBwDqBwIIAPAH69oEighHCkMAAAGaYjC2mGV4UnX_aNPnnsaL2xtWauDshFZ69H028j_KnSsS904VEhp3XG9KftEBVwiCkakhlsqqRf_m6cMn8KPMEAGVCAAAgD-YCAHACPxD0ggGCAAQABgA2ggECAAgAOAIAOgIAA..&s=dc57691bac92de36b94286585653992229ec3f0e&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2F24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f5fa9344-cd97-4630-87f8-81d76e49a377
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.013358718994841201
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 06:39:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
setuid
u.4dex.io/ Frame AD88 		0
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=1559272467258396424&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 06:39:12 GMT
vary
Origin, Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame AD88
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=134&partneruserid=OB_OK&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmart_adserver_eb%26google_hm%3DSMART_USER_ID_...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTU1OTI3MjQ2NzI1ODM5NjQyNA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTU1OTI3MjQ2NzI1ODM5NjQyNA==&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 06:39:13 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-cache,no-store
location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_hm=MTU1OTI3MjQ2NzI1ODM5NjQyNA==&gdpr=0&gdpr_consent=
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
/
rtb-csync.smartadserver.com/redir/ Frame AD88
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329a690e-e591-4400-be41-554bb8e87b08&gdpr=0&gdpr_consent=
43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329a690e-e591-4400-be41-554bb8e87b08&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

X-Permitted-Cross-Domain-Policies
all
X-Content-Type-Options
nosniff
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Sat, 08 Nov 2025 06:39:13 GMT
Content-Type
image/gif
Strict-Transport-Security
31536000
Cache-Control
no-cache,no-store,must-revalidate
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=329a690e-e591-4400-be41-554bb8e87b08&gdpr=0&gdpr_consent=
Pragma
no-cache
Connection
keep-alive
Cross-Origin-Resource-Policy
cross-origin
Referrer-Policy
strict-origin
Access-Control-Allow-Origin
*
Content-Length
0
X-XSS-Protection
0
Server
MT3 2115 e830459 master pao pao-pixel-x18 config_version:"1121"
/
rtb-csync.smartadserver.com/redir/ Frame AD88
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b984b7cb30
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b984b7cb30
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

via
1.1 google
cache-control
no-cache, must-revalidate
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=b984b7cb30
content-length
5
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
text/plain; charset=utf-8
/
rtb-csync.smartadserver.com/redir/ Frame AD88
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=de65bf13-ecfc-47f7-8942-73716319e686&gdpr=0&gdpr_consent=
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=de65bf13-ecfc-47f7-8942-73716319e686&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.50.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 06:39:12 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=de65bf13-ecfc-47f7-8942-73716319e686&gdpr=0&gdpr_consent=
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2161798
expires
Sat, 08 Nov 2025 00:00:00 GMT
x-errorlevel
0
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 06:39:12 GMT
server
Kestrel
get
audiencedata.im-apps.net/imuid/ 		34 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6837&vid=01K9H31EF49KCQ99N8TKFR6BBK
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d959:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
14b1c3182d815f6790a9a77df73bb45fbb1649293e2e0889bc3fac862419058a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
date
Sat, 08 Nov 2025 06:39:12 GMT
content-type
application/json
access-control-allow-credentials
true
all
client-side-metrics.as.criteo.net/ Frame 865F 		0
185 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=UoxxGnrBxU3kLT6kGKzI0iXuIv3ho9_O8k2rmAIaFg6141xLMWAk7GVx8bJmzQU2XNTX-W7BSBgPpke_K-bAaDqb0XPUw3l368Nbudck_ySyIWWHfH9S6XlkiNzEVa8Rc9ZDExltQpY2ds7iKUSXLIbocij6-EmNpGv8JLohiAOSsh8hwfAhKK8x4gfHRArcAALC9mY7O4Rpb9HctlyHLPnpCrMkn5mJmLTGMykLCdyGRPNbyPt-HKab41g3keVpqtMrOw&sds=2&rev=102983&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aQ7ljwAEuzECD17eAA30N5MOwStk1mfc43N6gw&u=%7C6E1S5NKElxYmDUv4UPXssuuha5GPMwsGz8YFLUlNdPQ%3D%7C&c1=GEo8kjTcWs0BCrDwBryzQYs6SpcW8MMiAZn8DOKT2BWdJaBgcIAia6idDFXRcqicwj-syqb5Gg6tNKa23mubH_4M5KkWmPfdFsEiCyH9EKCInbQbgEqAFIPHqimXL4nBRn2luyvxOIkDg54uckufvLlsXIBSDiiCE1J3zV4PmORup-RnEHOvDKVdZ9XOLmdQGyFvYFjb5dSFnB9j3ZTnw43liVvkWRxoPPaQ7O-9zH474gi6YUeO1kfgdvi6HkgpJT7r_ENPf08E3ANVp0W2FqlBF5JWjY_XZdV_XqlvSVPBa899CJ9Sn3Wng5BdrTyP4yUWrlFYR0Ka0yxFjSOtzWIqvKfG4HphGzqHtkVlDWCNZXxQiXK0PL_Od1ecYsHLb8NEWi5vaIp4hiSdON2HZkWi1YtuuzAnrsl3UuxQ0hEYW2U9Xcuz0esODEz9l75iIiBmeG8U6Mj8n6MmXPOS4IRUvQG4GOPzD35DlL-TKJnXUs6RA64OvucHteaxMiTmpHvKytjIJv9x277_05MFaK3-h4T1YrShoD7JCCQfR7SMKENTmOB2DM0BNDoiXp0F8pgA9s7KseYC4W8egEWcLDOk6W-93kGUKgphl5M-2hTlt0rHguqrIvlbxhzctllrzKNwtoLp0iela5yJ64BEUP_Gz91irU4v179IrOsqLq5WJFFJCUlNvxtoLSshAo-rpORJNsz0e3RPS9akIMgSexAiT_X7Y3cOUlOGjpDg8Pw83OKrk1HXAA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3J-Wj-UOabH2Et69vcAPt-i3yAfRvr7bdayNn9y8DcCNtwEQASDY6d8jYInzxYT0E8gBCakCTbn4Ya3-Oz6oAwHIAwKqBP0BT9BNv4csEDouCS8T4yCoX_y4MFk3ce0H_GlSpDjZEUbKm9ijuh47WB3SJ05ZRf7ql3C4dvgjvg6Ega8ySFGl4osPQtSaMb1Hn5hFVtVnyboh1agko5EvHO1dhUgdm60Huh73QfcphyjuaXjqxLlaBy8_Lpcs9jetqH-xwej8Lhp0MhgLj16MHDLOA885_91tPWou_L10pd1HIK2njjDDiFpJWzSqmqGXV5nBuee5k0T3e38-tsHXR3KtvFVWyRohhaVg1pIJ84pjDNozQGY2kYgRFOY5ct4ymbyXGsF_bEMyi3HA1H5VOSDdoxRnXn2PI1xdLjzVZ8KqeF3dcoAGrIv04eKL_4wboAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WNLOt_L44ZAD-gsCCAGADAGqDQJKUOoNEwiB18jy-OGQAxXeXg8CHTf0DXmIDgnQFQGAFwGyFxAYDCoKNjQ1MDEzNjU0M1ABqhgXCYtA7I0q_tBAEgo2NDUwMTM2NTQzGAE%26num%3D1%26sig%3DAOD64_2qqApO9qF9WnTeEYCjgdiSnbHT2w%26client%3Dca-pub-8544321996124660%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://ads.as.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
x-rate-limit-limit
1s
x-rate-limit-reset
2025-11-08T06:39:13.2556490Z
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 06:39:11 GMT
x-rate-limit-remaining
8647
server
Kestrel
vevent
sin3-ib.adnxs.com/ Frame 80C7 		0
894 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&e=wqT_3QLlCKBlBAAAAwDWAAUBCI_Lu8gGEOeno_vfzpS8ZRgAKjYJmM-8xtq0pD8RmA0JJBkAAADgo3DlPyERGwApEQn0GQQxAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeJnUBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NzEvgAMAiAMBkAMAmAMXoAMBqgPmAwr6Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTVkNjQ2MTQyLThlNWUtNDFmOC1iOTA1LWE4MDc2OTZiODkzZSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjgmaW1wSWQ9NzMxMTY4NDY2MTc4NTcxMTU5MSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWM1YTliMzc2LTUzOWUtNDJlOS1iN2M3LWU0N2U1NGM5N2Q1NyZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDEwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9ZXJmcmVpciZ1YmVyR3JvdXA9aG9yZV8zYyZ1YmVyU3ViR3JvdXA9ZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzczMTE2ODQ2NjE3ODU3MTE1OTEiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJek1qWXpORE0xT0RjNE5qUWpNak16TkRFeU5UYzBOemM0TWpVMk1BPT1IAMAD2ATIAwDYA4fqNOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDYuNzAuMjAxLjEzNagEALIEEggAEAEYrAIg-gEoADAAOAJCALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAF1rDy2922_a1CwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyterAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB5nUBdIHDwkAAAAAAAAAABAAGAAgANoHBggAEAAYAOAHAOoHAggA8Afr2gSKCEcKQwAAAZpiMLaYZXhSdf9o0-eexovbG1Zq4OyEVnr0fTbyP8qdKxL3ThUSGndcb0p-0QFXCIKRqSGWyqpF_-bpwyfwo8wQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=81907d8bbdc5d7c63f7b3b1e83aeb8c963074a15&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=5161451071911819203&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091410&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
an-x-request-uuid
e7a01aee-43d8-41fe-b5f3-46fb73831540
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame 4B82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0CLvCrIDw03-6jjqWhnr66kJCSNX5GpyCPgXr23gZNLu9137kXe4ok_Yp1Gywxknv4x7XGIlpbT35fWT3eOa4YMwQjaqKLy81IKJwhxUyycHEC3VhCGyasGldbUiEQL5WO5l-5orO1U7MI1-T1NwnAQZ4eKlESBDFoGMQ3FYawMVEtB2dSKfDPSUMNbCaYJNKRcvXit0MCaukS38HemJIV3HS5Wr2H96MoZkyDwX3rfpZ6BycIjy64aAruNPfnn60DL8WlPn5n6L4XzluYF0Qo2lIWoG7CbWNKsG9kO-9BOEXGXwNYHN4XBkLLnC1CIn2OcJ5B4Le6rIV4hKvsTBv4C9Veu3FL_KKfLa9bRfpdjvpjY0bawV0oyAcbAHj-LEFO_zJWSDQ7QBMS8MUCmsqyjQJRymO31SXxt9ynWwrvOJf4_4VvgiZggXU36KjOv2YP_z97Idrz6KRqc2ZBthoZ5lj3fb_&sai=AMfl-YQU7F_-8bhvYp52Sc3QhWsqoNWKMIpKlsd2v7ooO2uDTH5FIAm1daFc9VGEfrzw609c-vPIaSKjgt_HueNpdvqGYsZgtaxC--HkQ9EKLz7Ycyvc682qA5HXxejUdE1eCtkYHyYIXCx6L8p0EoVjC45D1Q0WUifG6vCtRoWieUhvQjSHO1NNWZqe8RkYkCi5INInfAPc77DwdvxKaJ4-XvWljtXDJG2FKURPns4wAlXzIhlKk4a0WhiyKnY-zxIElcOx6w&sig=Cg0ArKJSzOOhFl6XPANyEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:13 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:39:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
vevent
sin3-ib.adnxs.com/ Frame 32DA 		0
894 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443971%2F&e=wqT_3QL1CKB1BAAAAwDWAAUBCI_Lu8gGEJuil82gwcmJUBgAKjYJhPE89j5Imj8RhA0JJBkAAAAgXI_qPyERGwApEQn0KQQxAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeNbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NzEvgAMAiAMBkAMAmAMXoAMBqgP2AwqKA2h0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWNmMzk0NWViLTg0YzItNDUwZi1iYjg0LTM5Y2MyNjI2NTZjMSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmaW1wSWQ9NTc2OTk5NzM3MjE0NTEyNzcwNyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPTUwM2I2ZmRjLTZkNWYtNGZmNi1hODQxLWUzZWJmOWNhMjMwMyZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDA2JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfZXl2YXhfSGFyZnBuY3ImdWJlckdyb3VwPWhvcmVfM2MmdWJlclN1Ykdyb3VwPWVyZnJlaXImYWlkPSR7QVVDVElPTl9JRH0SBTEyMDg1GhM1NzY5OTk3MzcyMTQ1MTI3NzA3IgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9ESTJNREV5TVRJek1UWTFNalVqTWpNek5EUXdNRFl5TlRjek9EUTBPUT09SADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xMzWoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcKI8Ze_-_bhEsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBcrXqwH6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAfW0gXSBw8JAAAAAAAAAAAQABgAIADaBwYIABAAGADgBwDqBwIIAPAH69oEighHCkMAAAGaYjC2mFATJgoJpdEbPEdCbo6NmCt6i8PHfYZPigfmxrpWAgzwTlB2rUAonI7ZlrY3smGerzaAThmmSkHMhT7iEAGVCAAAgD-YCAHACPxD0ggLCPP_37uAHhAAGADaCAQIACAA4AgA6AgA&s=4e7e461e615a67ae6c57c3d6d704b35eded6ca6b&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=5161451071911819203&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091406&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.117 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.135; 146.70.201.135; 617.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com
an-x-request-uuid
7cea7b1d-f46d-4246-960f-ba8caa2e4a51
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 06:39:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame 8D2D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqcA0RDSCeQMkDLQ5u1v_B5qSzUSrEcdLL_3zniVnmmqg77XXwm99pUdl_0l1aOUEFPIWEcTfvoZ9gpUCWMu72Ml1KUePEZcVnR9kK5goFqe_Deo24sLPfXlfSwTZL1cHQZKft9Ukl44adDrgjd6Za4YJVVJicAQmNenxQI3zzFNnJC4Yj2Ppba3oqbjdmsD4Gn7WiJZmA6G10Oe02WNgtn17CSOrXqMzql81R9Lse7vEJgC-IOKASyYtv0vlJaJds_iJ9_WvqPYpm9fFvo_RxL4FkbSouWu7gXd4D6jNjChHJhBrHO1NX7sAjFkfSPCWbTtKA2nxmt2z-Bp0EH7uJfj06vzDblysKP5LhcwUo1CMLsfk7QDujP4GJagcr2h76YUE_j6KZRNEJ0EgCqjnAx_Uv2TkfCOktraG4Bcw-nYYQEIQnkcctemMX01c1RhbnivXTBVloDSecAZGjdJn9dI5D&sai=AMfl-YQAFEe6SagcWMuk9CC4UlEV28msyBSguVfYUIu3O3RfVKtwPDtpjsQ88ie-8cGo3STYEE4E2fsWEzjrmzqyZxEEJsmsB0EVzQPmMoEuQ8XcHI61dEaCS1kN1EMsqqSJcSgVIqSBxSvMabJP-rDhOT3Q8IJFZN3ByGLwWV9J33-3KE3qvlJeXz0HH-III6NMAB_bTyXuFXsz_f9yfaib7Qjq7YJf7Y4cVSg8sU8TkLwV6_gjlNV6Ksy_NRxAvEXpGb1UtA&sig=Cg0ArKJSzJ7jxZBO5tdFEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bb-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://24bfdbc1d9a86d3a2513d07f34506293.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 06:39:13 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 06:39:13 GMT
x-xss-protection
0
content-type
image/gif
server
cafe