urlscan.io logo urlscan.io
SecurityTrails logo

twinklesphotos.exblog.jp Open in urlscan Pro
54.199.193.165  Public Scan

Go To Rescan Add Verdict Report
URL: https://twinklesphotos.exblog.jp/33443955/
Submission: On November 08 via api from DE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 145 IPs in 14 countries across 104 domains to perform 491 HTTP transactions. The main IP is 54.199.193.165, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is twinklesphotos.exblog.jp.
TLS certificate: Issued by Amazon RSA 2048 M03 on April 13th 2025. Valid for: a year.
This is the only time twinklesphotos.exblog.jp was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 54.199.193.165 16509 (AMAZON-02)
21 3.164.121.4 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
7 54.230.175.43 16509 (AMAZON-02)
2 3.164.121.122 16509 (AMAZON-02)
18 142.250.194.130 15169 (GOOGLE)
1 151.101.65.55 54113 (FASTLY)
3 18.64.132.164 16509 (AMAZON-02)
4 199.232.148.157 54113 (FASTLY)
2 2404:6800:400... 15169 (GOOGLE)
1 3.173.238.16 16509 (AMAZON-02)
1 3.169.5.94 16509 (AMAZON-02)
2 57.144.216.128 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
34 142.251.42.162 15169 (GOOGLE)
2 3.173.238.99 16509 (AMAZON-02)
4 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 54.238.63.60 16509 (AMAZON-02)
3 172.66.0.227 13335 (CLOUDFLAR...)
1 3.166.244.56 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 18.65.125.95 16509 (AMAZON-02)
7 34.160.89.38 396982 (GOOGLE-CL...)
1 142.250.194.110 15169 (GOOGLE)
1 202.232.238.39 2497 (IIJ Inter...)
2 18.178.205.149 16509 (AMAZON-02)
11 2606:4700:10:... 13335 (CLOUDFLAR...)
1 10 142.251.42.198 15169 (GOOGLE)
2 34.36.200.111 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 3.173.197.46 16509 (AMAZON-02)
7 3.173.192.61 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 142.251.42.129 15169 (GOOGLE)
8 52.68.65.167 16509 (AMAZON-02)
2 6 103.43.90.21 29990 (ASN-APPNEX)
4 207.65.34.76 62713 (AS-PUBMATIC)
3 124.146.153.165 2514 (INFOSPHER...)
4 103.132.192.30 138552 (RTBHOUSE-...)
1 5 3.173.254.35 16509 (AMAZON-02)
1 35.201.98.24 396982 (GOOGLE-CL...)
3 104.18.27.193 13335 (CLOUDFLAR...)
3 103.253.24.93 133210 (ENTECHNOL...)
4 2606:4700:440... 13335 (CLOUDFLAR...)
4 9 35.213.17.49 15169 (GOOGLE)
3 130.211.23.194 396982 (GOOGLE-CL...)
1 9 142.250.194.98 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 172.217.175.35 15169 (GOOGLE)
15 35.80.198.215 16509 (AMAZON-02)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
8 34.149.40.38 396982 (GOOGLE-CL...)
1 3.173.238.38 16509 (AMAZON-02)
8 2404:6800:400... 15169 (GOOGLE)
1 2600:9000:221... 16509 (AMAZON-02)
2 172.217.31.168 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 52.197.230.208 16509 (AMAZON-02)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2600:1901:0:2... 396982 (GOOGLE-CL...)
1 202.232.238.37 2497 (IIJ Inter...)
4 4 35.213.7.90 15169 (GOOGLE)
1 7 54.178.220.191 16509 (AMAZON-02)
6 23.40.192.188 16625 (AKAMAI-AS)
2 6 35.244.159.8 396982 (GOOGLE-CL...)
3 3 184.26.241.115 16625 (AKAMAI-AS)
6 59.151.139.232 16625 (AKAMAI-AS)
2 2 2600:1f10:4ce... 14618 (AMAZON-AES)
7 12 142.250.196.130 15169 (GOOGLE)
7 7 35.71.131.137 16509 (AMAZON-02)
1 35.79.4.173 16509 (AMAZON-02)
2 6 2406:2600:4::13 55569 (CRITEO-AS...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3.113.64.160 16509 (AMAZON-02)
1 1 124.146.153.167 2514 (INFOSPHER...)
6 2404:6800:400... 15169 (GOOGLE)
1 142.250.196.99 15169 (GOOGLE)
1 74.125.203.155 15169 (GOOGLE)
3 23.50.118.144 20940 (AKAMAI-AS...)
12 207.65.34.87 62713 (AS-PUBMATIC)
14 21 69.173.158.64 26667 (RUBICONPR...)
1 34.49.1.209 396982 (GOOGLE-CL...)
2 2600:140b:1c0... 20940 (AKAMAI-AS...)
3 207.65.34.81 62713 (AS-PUBMATIC)
3 5 162.19.138.116 16276 (OVH OVH SAS)
2 2600:1901:0:d... 396982 (GOOGLE-CL...)
1 2 142.250.206.230 15169 (GOOGLE)
1 202.233.84.10 131957 (MICROAD M...)
1 202.233.84.1 131957 (MICROAD M...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2404:6800:400... 15169 (GOOGLE)
1 3 142.251.91.201 15169 (GOOGLE)
1 142.250.199.97 15169 (GOOGLE)
1 18.178.165.190 16509 (AMAZON-02)
6 2620:1ec:bdf::46 8075 (MICROSOFT...)
3 2620:1ec:bdf::38 8075 (MICROSOFT...)
1 12 103.43.91.58 29990 (ASN-APPNEX)
1 4 98.82.157.137 14618 (AMAZON-AES)
2 2 2406:2000:a4:... 10230 (YAHOO-SG ...)
1 2 52.94.223.37 16509 (AMAZON-02)
1 2620:1ec:50::12 8075 (MICROSOFT...)
2 4 57.181.255.50 16509 (AMAZON-02)
1 1 3.221.107.162 14618 (AMAZON-AES)
1 2 44.237.84.132 16509 (AMAZON-02)
1 1 18.65.207.56 16509 (AMAZON-02)
1 2 3.166.244.127 16509 (AMAZON-02)
2 104.18.41.104 13335 (CLOUDFLAR...)
1 3 13.228.29.185 16509 (AMAZON-02)
3 142.250.77.162 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
6 2600:140b:1c0... 20940 (AKAMAI-AS...)
3 23.192.46.24 20940 (AKAMAI-AS...)
8 13 162.19.138.83 16276 (OVH OVH SAS)
1 2001:41d0:701... 16276 (OVH OVH SAS)
2 162.19.138.82 16276 (OVH OVH SAS)
1 157.240.31.35 32934 (FACEBOOK)
3 2404:6800:400... 15169 (GOOGLE)
3 23.106.50.37 59253 (LEASEWEB-...)
1 1 139.99.69.27 16276 (OVH OVH SAS)
2 157.240.31.5 32934 (FACEBOOK)
1 142.250.199.100 15169 (GOOGLE)
1 1 2406:2600:4::2f 55569 (CRITEO-AS...)
3 10 23.106.127.170 59253 (LEASEWEB-...)
1 1 212.77.112.1 12827 (Wirtualna...)
1 2 151.101.194.49 54113 (FASTLY)
1 1 103.67.201.72 59210 (PHOENIXNA...)
1 141.94.172.236 16276 (OVH OVH SAS)
1 2 52.76.7.142 16509 (AMAZON-02)
3 3 34.111.113.62 396982 (GOOGLE-CL...)
2 2 34.36.216.150 396982 (GOOGLE-CL...)
1 1 185.84.60.20 198622 (ADFORM Ad...)
2 4 13.228.194.215 16509 (AMAZON-02)
2 4 35.186.253.211 396982 (GOOGLE-CL...)
1 203.137.133.37 4694 (IDCF IDC ...)
1 2406:2600:4::2d 55569 (CRITEO-AS...)
1 54.65.81.163 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP VENTE-...)
2 2 35.213.183.23 15169 (GOOGLE)
3 3 185.84.60.23 198622 (ADFORM Ad...)
3 182.161.74.19 55569 (CRITEO-AS...)
2 7 148.251.20.72 24940 (HETZNER-A...)
1 151.101.65.108 54113 (FASTLY)
2 104.18.24.18 13335 (CLOUDFLAR...)
2 51.79.152.76 16276 (OVH OVH SAS)
3 8 104.18.26.193 13335 (CLOUDFLAR...)
8 2406:2600:4::2b 55569 (CRITEO-AS...)
1 1 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 52.195.168.103 16509 (AMAZON-02)
1 1 121.53.223.43 18160 (AS18160-A...)
1 1 80.77.87.166 46636 (NATCOWEB)
2 2 82.145.213.8 39832 (NO-OPERA ...)
1 2 162.159.141.246 13335 (CLOUDFLAR...)
1 1 2406:da18:929... 16509 (AMAZON-02)
2 2 34.231.80.238 14618 (AMAZON-AES)
1 34.96.105.8 396982 (GOOGLE-CL...)
2 2 172.64.150.63 13335 (CLOUDFLAR...)
1 138.113.153.218 54994 (ML-1432-5...)
1 14.0.44.247 54994 (ML-1432-5...)
3 138.113.153.219 54994 (ML-1432-5...)
1 34.36.131.60 396982 (GOOGLE-CL...)
1 202.233.84.3 131957 (MICROAD M...)
2 35.219.187.226 15169 (GOOGLE)
3 3 119.8.187.97 136907 (HWCLOUDS-...)
2 2 2406:da18:a99... 16509 (AMAZON-02)
1 138.113.153.220 54994 (ML-1432-5...)
1 202.233.84.16 131957 (MICROAD M...)
1 6 23.108.103.28 59253 (LEASEWEB-...)
1 198.206.157.242 399668 (E-PLANNING-)
1 1 8.214.60.171 45102 (ALIBABA-C...)
2 2 131.153.206.100 59210 (PHOENIXNA...)
1 207.65.34.77 62713 (AS-PUBMATIC)
3 3.173.219.76 16509 (AMAZON-02)
1 23.52.128.76 20940 (AKAMAI-AS...)
1 57.129.18.111 16276 (OVH OVH SAS)
491 145
1    54.199.193.165 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-199-193-165.ap-northeast-1.compute.amazonaws.com
twinklesphotos.exblog.jp
21    3.164.121.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-4.nrt12.r.cloudfront.net
s.eximg.jp
2    2404:6800:4004:812::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2404:6800:400a:806::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
7    54.230.175.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-175-43.nrt57.r.cloudfront.net
image.excite.co.jp
2    3.164.121.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-122.nrt12.r.cloudfront.net
pds.exblog.jp
18    142.250.194.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-az-in-f2.1e100.net
securepubads.g.doubleclick.net
1    151.101.65.55 (United States)

ASN54113 (FASTLY, US)
flux-cdn.com
3    18.64.132.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-132-164.nrt12.r.cloudfront.net
c.amazon-adsystem.com
4    199.232.148.157 (Tokyo, Japan)

ASN54113 (FASTLY, US)
platform.twitter.com
2    2404:6800:4008:c07::9d (Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    3.173.238.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-16.nrt20.r.cloudfront.net
b.st-hatena.com
1    3.169.5.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-169-5-94.nrt57.r.cloudfront.net
config.aps.amazon-adsystem.com
2    57.144.216.128 (Seattle, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sea5.fbcdn.net
connect.facebook.net
3    2404:6800:4004:813::2001 (Australia)

ASN15169 (GOOGLE, US)
blogger.googleusercontent.com
34    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
ep1.adtrafficquality.google
2    3.173.238.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-99.nrt20.r.cloudfront.net
md.exblog.jp
4    2600:140b:1c00:48::1734:8c3b (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
dmp.im-apps.net
1    54.238.63.60 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-63-60.ap-northeast-1.compute.amazonaws.com
logging.exblog.jp
3    172.66.0.227 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
syndication.twitter.com
analytics.twitter.com
1    3.166.244.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-56.nrt20.r.cloudfront.net
cdn.nidan.d2c.ne.jp
1    2606:4700:10::ac42:ab85 (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700::6810:aee2 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    18.65.125.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-125-95.kix50.r.cloudfront.net
yield-manager.browsiprod.com
7    34.160.89.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.89.160.34.bc.googleusercontent.com
a.flux.jp
1    142.250.194.110 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-bf-in-f14.1e100.net
www.google-analytics.com
1    202.232.238.39 (Jingūmae, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
cnt.fout.jp
2    18.178.205.149 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-205-149.ap-northeast-1.compute.amazonaws.com
js.api.nidan.d2c.ne.jp
nidan.addlv.smt.docomo.ne.jp
11    2606:4700:10::6814:2f50 (None, )

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
10    142.251.42.198 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net
ad.doubleclick.net
2    34.36.200.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.200.36.34.bc.googleusercontent.com
ab.dns-finder.com
1    2606:4700:10::6814:14bd (None, )

ASN13335 (CLOUDFLARENET, US)
btloader.com
4    3.173.197.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-197-46.nrt12.r.cloudfront.net
cdn.browsiprod.com
7    3.173.192.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-192-61.nrt12.r.cloudfront.net
aax.amazon-adsystem.com
1    2606:4700:20::ac43:4bf1 (None, )

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    142.251.42.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f1.1e100.net
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
8    52.68.65.167 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
hb.adingo.jp
6    103.43.90.21 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
4    207.65.34.76 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    124.146.153.165 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
d.socdm.com
4    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
5    3.173.254.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-254-35.nrt12.r.cloudfront.net
ad.as.amanad.adtdp.com
1    35.201.98.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com
sp.gmossp-sp.jp
3    104.18.27.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
3    103.253.24.93 (Singapore)

ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG)
shb.richaudience.com
4    2606:4700:4407::ac40:994e (None, )

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    35.213.17.49 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 49.17.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
3    130.211.23.194 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
9    142.250.194.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lcnrta-bf-in-f2.1e100.net
googleads.g.doubleclick.net
1    2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    172.217.175.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f3.1e100.net
www.google.co.jp
15    35.80.198.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-198-215.us-west-2.compute.amazonaws.com
events.browsiprod.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
8    34.149.40.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
1    3.173.238.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-238-38.nrt20.r.cloudfront.net
pdn.adingo.jp
8    2404:6800:4004:814::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2600:9000:221b:200:a:d2fd:aec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.sx.adingo.jp
2    172.217.31.168 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s22-in-f8.1e100.net
www.googletagmanager.com
4    2404:6800:4004:827::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
1    52.197.230.208 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-230-208.ap-northeast-1.compute.amazonaws.com
sh.adingo.jp
1    2600:140b:1c00:48::1734:8c23 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cf.im-apps.net
1    2600:140b:1c00:48::1734:8c1c (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.audiencedata.net
1    2600:1901:0:2dbc:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
atb.im-apps.net
1    202.232.238.37 (Jingūmae, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
4    35.213.7.90 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
7    54.178.220.191 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
6    23.40.192.188 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-192-188.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
u.openx.net
excite-d.openx.net
3    184.26.241.115 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-241-115.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    59.151.139.232 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a59-151-139-232.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2600:1f10:4ce4:4a02:d10e:9bd:db09:7abb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
hrbh3.publishers.tremorhub.com
12    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
cm.g.doubleclick.net
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.79.4.173 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-4-173.ap-northeast-1.compute.amazonaws.com
aud.adjust-net.jp
6    2406:2600:4::13 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    2606:4700:10::ac42:a937 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    3.113.64.160 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-64-160.ap-northeast-1.compute.amazonaws.com
hs.adingo.jp
1    124.146.153.167 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
bid.socdm.com
6    2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.250.196.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f3.1e100.net
fonts.gstatic.com
1    74.125.203.155 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f155.1e100.net
bid.g.doubleclick.net
3    23.50.118.144 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-50-118-144.deploy.static.akamaitechnologies.com
sync.im-apps.net
12    207.65.34.87 (United States)

ASN62713 (AS-PUBMATIC, US)
ut.pubmatic.com
21    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
1    34.49.1.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.1.49.34.bc.googleusercontent.com
b.im-apps.net
2    2600:140b:1c00:54::1738:2a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
sync6.im-apps.net
3    207.65.34.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31533567.ip-162-19-138.eu
api.id5-sync.com
id5-sync.com
2    2600:1901:0:d959:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
audiencedata.im-apps.net
2    142.250.206.230 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s10-in-f6.1e100.net
10208769.fls.doubleclick.net
1    202.233.84.10 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
universe.send.microad.jp
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
3    2606:4700::6810:afe2 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2404:6800:4004:814::200e (Australia)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
3    142.251.91.201 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s55-in-f9.1e100.net
r4---sn-ogueln66.c.2mdn.net
1    142.250.199.97 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f1.1e100.net
tpc.googlesyndication.com
1    18.178.165.190 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
6    2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
adsdk.bing.net
3    2620:1ec:bdf::38 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdkprod.azureedge.net
12    103.43.91.58 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
sin3-ib.adnxs.com
ib.adnxs.com
4    98.82.157.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-137.compute-1.amazonaws.com
s.amazon-adsystem.com
2    2406:2000:a4:807::1 (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)
ups.analytics.yahoo.com
2    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:50::12 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    57.181.255.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-181-255-50.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    3.221.107.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-107-162.compute-1.amazonaws.com
sync.ipredictive.com
2    44.237.84.132 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-237-84-132.us-west-2.compute.amazonaws.com
ce.lijit.com
1    18.65.207.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-207-56.nrt57.r.cloudfront.net
live.primis.tech
2    3.166.244.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-166-244-127.nrt20.r.cloudfront.net
sync.intentiq.com
syncv4.intentiq.com
2    104.18.41.104 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
3    13.228.29.185 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
3    142.250.77.162 (United States)

ASN15169 (GOOGLE, US)
PTR: maa05s17-in-f2.1e100.net
ade.googlesyndication.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
6    2600:140b:1c00:47::1734:8c93 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
www.bing.com
3    23.192.46.24 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-192-46-24.deploy.static.akamaitechnologies.com
www.bing.com
13    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    2001:41d0:701:1000::42db (France)

ASN16276 (OVH OVH SAS, FR)
lbs.eu-1-id5-sync.com
2    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    157.240.31.35 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-nrt1.facebook.com
www.facebook.com
3    2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
3    23.106.50.37 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ssbsync.smartadserver.com
1    139.99.69.27 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ads22-sgp.stickyadstv.com
ads.stickyadstv.com
2    157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net
static.xx.fbcdn.net
1    142.250.199.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f4.1e100.net
www.google.com
1    2406:2600:4::2f (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
10    23.106.127.170 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
rtb-csync.smartadserver.com
1    212.77.112.1 (Poland)

ASN12827 (WirtualnaPolska Wirtualna Polska Media S.A., PL)
ssp.wp.pl
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    103.67.201.72 (Singapore, Singapore)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
PTR: 1.cpm.sin1.wowcon.net
sync.adkernel.com
1    141.94.172.236 (France)

ASN16276 (OVH OVH SAS, FR)
visitor-waardex.omnitagjs.com
2    52.76.7.142 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-7-142.ap-southeast-1.compute.amazonaws.com
rtb.gumgum.com
g2.gumgum.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    34.36.216.150 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com
pixel-sync.sitescout.com
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
4    13.228.194.215 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-194-215.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
4    35.186.253.211 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    203.137.133.37 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
aladdin.genieesspv.jp
1    2406:2600:4::2d (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
grid-bidder.criteo.com
1    54.65.81.163 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-81-163.ap-northeast-1.compute.amazonaws.com
ad.ad-stir.com
1    45.137.176.88 (France)

ASN60350 (VP VENTE-PRIVEE.COM SA, FR)
sync.adotmob.com
2    35.213.183.23 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 23.183.213.35.bc.googleusercontent.com
s.ad.smaato.net
3    185.84.60.23 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
3    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
7    148.251.20.72 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.72.20.251.148.clients.your-server.de
sync.richaudience.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    104.18.24.18 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
2    51.79.152.76 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip76.ip-51-79-152.net
onetag-sys.com
8    104.18.26.193 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
8    2406:2600:4::2b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ssp-sync.criteo.com
1    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    52.195.168.103 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-168-103.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    121.53.223.43 (Korea, Republic Of)

ASN18160 (AS18160-AS-KR Kakao Corp, KR)
serv.ds.kakao.com
1    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    82.145.213.8 (Amsterdam, Netherlands)

ASN39832 (NO-OPERA Opera Norway AS, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    162.159.141.246 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
www.temu.com
1    2406:da18:929:5a03:836c:255a:e37c:4d81 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    34.231.80.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-80-238.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    172.64.150.63 (Ascension Island)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    138.113.153.218 (Tokyo, Japan)

ASN54994 (ML-1432-54994, CA)
j.microad.net
1    14.0.44.247 (Tokyo, Japan)

ASN54994 (ML-1432-54994, CA)
cdn.microad.jp
3    138.113.153.219 (Tokyo, Japan)

ASN54994 (ML-1432-54994, CA)
cache.send.microad.jp
1    34.36.131.60 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 60.131.36.34.bc.googleusercontent.com
audiencedata.im-apps.net
1    202.233.84.3 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-rtb.send.microad.jp
2    35.219.187.226 (Las Vegas, United States)

ASN15169 (GOOGLE, US)
PTR: 226.187.219.35.bc.googleusercontent.com
pbs-cs.yellowblue.io
cs.yellowblue.io
3    119.8.187.97 (Singapore, Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-119-8-187-97.compute.hwclouds-dns.com
ad.360yield.com
dsp.360yield.com
2    2406:da18:a99:1b02:58d1:101b:f9e8:b95c (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
prebid-match.dotomi.com
1    138.113.153.220 (Tokyo, Japan)

ASN54994 (ML-1432-54994, CA)
cache.send.microad.jp
1    202.233.84.16 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
ssp.send.microad.jp
6    23.108.103.28 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
ads.us.e-planning.net
sync.e-planning.net
u-sin01.e-planning.net
1    198.206.157.242 (New York, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    8.214.60.171 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
gw-iad-bid.ymmobi.com
2    131.153.206.100 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)
prebid.a-mo.net
1    207.65.34.77 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    3.173.219.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-173-219-76.nrt20.r.cloudfront.net
tags.crwdcntrl.net
1    23.52.128.76 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-52-128-76.deploy.static.akamaitechnologies.com
hb.trustedstack.com
1    57.129.18.111 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: haproxy-eu-013.roqad.pl
wt.rqtrk.eu
Apex Domain
Subdomains		 Transfer
54 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 261
stats.g.doubleclick.net — Cisco Umbrella Rank: 191
ad.doubleclick.net — Cisco Umbrella Rank: 168
googleads.g.doubleclick.net — Cisco Umbrella Rank: 62
cm.g.doubleclick.net — Cisco Umbrella Rank: 318
bid.g.doubleclick.net — Cisco Umbrella Rank: 1600
10208769.fls.doubleclick.net — Cisco Umbrella Rank: 577720
409 KB
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 132
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 212
ade.googlesyndication.com — Cisco Umbrella Rank: 396
517 KB
30 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1136
eus.rubiconproject.com — Cisco Umbrella Rank: 700
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 36847
pixel.rubiconproject.com — Cisco Umbrella Rank: 466
37 KB
26 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 636
ads.pubmatic.com — Cisco Umbrella Rank: 644
ut.pubmatic.com — Cisco Umbrella Rank: 1095
image6.pubmatic.com — Cisco Umbrella Rank: 1062
image8.pubmatic.com — Cisco Umbrella Rank: 781
31 KB
21 adingo.jp
hb.adingo.jp — Cisco Umbrella Rank: 41677
pdn.adingo.jp — Cisco Umbrella Rank: 115119
cdn.sx.adingo.jp — Cisco Umbrella Rank: 114811
sh.adingo.jp — Cisco Umbrella Rank: 96468
cs.adingo.jp — Cisco Umbrella Rank: 4658
hs.adingo.jp
30 KB
21 browsiprod.com
yield-manager.browsiprod.com — Cisco Umbrella Rank: 4741
cdn.browsiprod.com — Cisco Umbrella Rank: 4810
events.browsiprod.com — Cisco Umbrella Rank: 4450
115 KB
21 eximg.jp
s.eximg.jp
112 KB
19 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 796
api.id5-sync.com — Cisco Umbrella Rank: 1605
id5-sync.com — Cisco Umbrella Rank: 515
55 KB
19 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 512
dis.criteo.com — Cisco Umbrella Rank: 832
grid-bidder.criteo.com — Cisco Umbrella Rank: 948
mug.criteo.com — Cisco Umbrella Rank: 4028
ssp-sync.criteo.com — Cisco Umbrella Rank: 857
16 KB
19 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 323
sin3-ib.adnxs.com — Cisco Umbrella Rank: 28952
acdn.adnxs.com — Cisco Umbrella Rank: 793
secure.adnxs.com — Cisco Umbrella Rank: 565
58 KB
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 420
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 786
aax.amazon-adsystem.com — Cisco Umbrella Rank: 571
s.amazon-adsystem.com — Cisco Umbrella Rank: 386
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1222
98 KB
15 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 6225
cf.im-apps.net — Cisco Umbrella Rank: 278725
atb.im-apps.net — Cisco Umbrella Rank: 214750
sync.im-apps.net — Cisco Umbrella Rank: 10710
b.im-apps.net — Cisco Umbrella Rank: 111200
sync6.im-apps.net — Cisco Umbrella Rank: 6729
audiencedata.im-apps.net — Cisco Umbrella Rank: 41374
15 KB
13 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 812
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 843
7 KB
13 4dex.io
script.4dex.io — Cisco Umbrella Rank: 5227
mp.4dex.io — Cisco Umbrella Rank: 3109
u.4dex.io — Cisco Umbrella Rank: 2912
27 KB
11 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 643
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 623
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 694
dsum.casalemedia.com — Cisco Umbrella Rank: 1824
9 KB
11 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1142
2 KB
10 microad.jp
universe.send.microad.jp — Cisco Umbrella Rank: 181962
aid.send.microad.jp — Cisco Umbrella Rank: 35428
s-cs.send.microad.jp — Cisco Umbrella Rank: 20667
cdn.microad.jp — Cisco Umbrella Rank: 108800
cache.send.microad.jp — Cisco Umbrella Rank: 118607
s-rtb.send.microad.jp — Cisco Umbrella Rank: 223362
ssp.send.microad.jp — Cisco Umbrella Rank: 232229
46 KB
10 openx.net
us-u.openx.net — Cisco Umbrella Rank: 584
rtb.openx.net — Cisco Umbrella Rank: 635
u.openx.net — Cisco Umbrella Rank: 808
excite-d.openx.net
2 KB
10 richaudience.com
shb.richaudience.com — Cisco Umbrella Rank: 3329
sync.richaudience.com — Cisco Umbrella Rank: 1162
4 KB
9 bing.com
www.bing.com — Cisco Umbrella Rank: 51
57 KB
9 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 8824
4 KB
7 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2809
s.e-planning.net — Cisco Umbrella Rank: 10072
sync.e-planning.net — Cisco Umbrella Rank: 6240
u-sin01.e-planning.net — Cisco Umbrella Rank: 62813
3 KB
7 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 929
tags.crwdcntrl.net — Cisco Umbrella Rank: 1118
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1173
23 KB
7 gstatic.com
csi.gstatic.com
fonts.gstatic.com
40 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 439
4 KB
7 flux.jp
a.flux.jp — Cisco Umbrella Rank: 146920
1 KB
7 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1796
syndication.twitter.com — Cisco Umbrella Rank: 2199
analytics.twitter.com — Cisco Umbrella Rank: 1178
148 KB
7 excite.co.jp
image.excite.co.jp
44 KB
6 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 36312
creativecdn.com — Cisco Umbrella Rank: 592
2 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 44
763 KB
6 exblog.jp
twinklesphotos.exblog.jp
pds.exblog.jp
md.exblog.jp
logging.exblog.jp
44 KB
5 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 341
ep2.adtrafficquality.google — Cisco Umbrella Rank: 348
26 KB
5 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 7764
4 KB
5 btloader.com
btloader.com — Cisco Umbrella Rank: 1045
api.btloader.com — Cisco Umbrella Rank: 1182
33 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 745
2 KB
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 722
2 KB
4 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1344
r4---sn-ogueln66.c.2mdn.net
1014 B
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 453
1 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
imasdk.googleapis.com — Cisco Umbrella Rank: 585
138 KB
4 socdm.com
d.socdm.com — Cisco Umbrella Rank: 68263
bid.socdm.com
4 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 308
12 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 759
dsp.360yield.com — Cisco Umbrella Rank: 1412
1 KB
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 516
1 KB
3 eu-1-id5-sync.com
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1220
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 974
844 B
3 bing.net
adsdk.bing.net — Cisco Umbrella Rank: 3320
41 KB
3 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 661
973 B
3 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 491
pbs.yahoo.com Failed
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 1216
1 KB
3 azureedge.net
adsdkprod.azureedge.net — Cisco Umbrella Rank: 2573
35 KB
3 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 2389
39 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 174
adservice.google.com — Cisco Umbrella Rank: 607
www.google.com — Cisco Umbrella Rank: 2
631 B
3 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10426
2 MB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 64
21 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 951
1 KB
2 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 1716
656 B
2 yellowblue.io
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 2651
cs.yellowblue.io — Cisco Umbrella Rank: 1670
922 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1462
s.tribalfusion.com — Cisco Umbrella Rank: 3408
1009 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
2 KB
2 temu.com
www.temu.com — Cisco Umbrella Rank: 710
845 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 928
2 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 774
2 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 823
cdn.indexww.com — Cisco Umbrella Rank: 1829
2 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 787
549 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 778
969 B
2 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1251
g2.gumgum.com — Cisco Umbrella Rank: 1621
526 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 885
713 B
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 872
140 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1000
623 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1121
syncv4.intentiq.com — Cisco Umbrella Rank: 1636
1 KB
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1060
874 B
2 tremorhub.com
hrbh3.publishers.tremorhub.com — Cisco Umbrella Rank: 807012
657 B
2 dns-finder.com
ab.dns-finder.com — Cisco Umbrella Rank: 1267
233 B
2 fout.jp
cnt.fout.jp — Cisco Umbrella Rank: 212825
sync.fout.jp — Cisco Umbrella Rank: 13196
789 B
2 d2c.ne.jp
cdn.nidan.d2c.ne.jp — Cisco Umbrella Rank: 203906
js.api.nidan.d2c.ne.jp — Cisco Umbrella Rank: 115507
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 235
77 KB
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1405
351 B
1 trustedstack.com
hb.trustedstack.com — Cisco Umbrella Rank: 1520
406 B
1 ymmobi.com
gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 1948
405 B
1 microad.net
j.microad.net — Cisco Umbrella Rank: 246504
31 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1426
170 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 816
444 B
1 kakao.com
serv.ds.kakao.com — Cisco Umbrella Rank: 142830
609 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 9170
471 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 901
463 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 2064
712 B
1 ad-stir.com
ad.ad-stir.com — Cisco Umbrella Rank: 229252
153 B
1 genieesspv.jp
aladdin.genieesspv.jp — Cisco Umbrella Rank: 39588
248 B
1 omnitagjs.com
visitor-waardex.omnitagjs.com — Cisco Umbrella Rank: 3955
79 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1458
809 B
1 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 3466
557 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 958
496 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 123
13 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1820
566 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 988
493 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
539 B
1 adjust-net.jp
aud.adjust-net.jp — Cisco Umbrella Rank: 421807
1 audiencedata.net
cdn.audiencedata.net — Cisco Umbrella Rank: 391768
2 KB
1 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 18424
63 B
1 docomo.ne.jp
nidan.addlv.smt.docomo.ne.jp — Cisco Umbrella Rank: 150132
104 B
1 gmossp-sp.jp
sp.gmossp-sp.jp — Cisco Umbrella Rank: 103154
592 B
1 st-hatena.com
b.st-hatena.com — Cisco Umbrella Rank: 174884
3 KB
1 flux-cdn.com
flux-cdn.com — Cisco Umbrella Rank: 142201
165 KB
0 w55c.net Failed
pm.w55c.net Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 nex8.net Failed
cs.nex8.net Failed
491 104
Domain Requested by
31 pagead2.googlesyndication.com twinklesphotos.exblog.jp
image.excite.co.jp
pagead2.googlesyndication.com
googleads.g.doubleclick.net
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
tpc.googlesyndication.com
ep2.adtrafficquality.google
securepubads.g.doubleclick.net
21 s.eximg.jp twinklesphotos.exblog.jp
s.eximg.jp
18 securepubads.g.doubleclick.net image.excite.co.jp
securepubads.g.doubleclick.net
twinklesphotos.exblog.jp
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
pagead2.googlesyndication.com
17 id5-sync.com 11 redirects cdn.id5-sync.com
ssbsync.smartadserver.com
flux-cdn.com
15 events.browsiprod.com cdn.browsiprod.com
flux-cdn.com
12 ut.pubmatic.com ads.pubmatic.com
12 cm.g.doubleclick.net 7 redirects twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
11 ad-delivery.net btloader.com
10 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
10 pixel.rubiconproject.com 6 redirects twinklesphotos.exblog.jp
10 ad.doubleclick.net 1 redirects btloader.com
twinklesphotos.exblog.jp
imasdk.googleapis.com
9 www.bing.com srcdoc
adsdk.microsoft.com
9 sin3-ib.adnxs.com srcdoc
adsdkprod.azureedge.net
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
twinklesphotos.exblog.jp
9 y.one.impact-ad.jp 4 redirects twinklesphotos.exblog.jp
flux-cdn.com
8 ssp-sync.criteo.com
8 token.rubiconproject.com 5 redirects eus.rubiconproject.com
8 cs.adingo.jp 1 redirects twinklesphotos.exblog.jp
8 u.4dex.io twinklesphotos.exblog.jp
ssbsync.smartadserver.com
ads.us.e-planning.net
8 ib.adnxs.com 2 redirects flux-cdn.com
acdn.adnxs.com
8 hb.adingo.jp flux-cdn.com
7 sync.richaudience.com 2 redirects flux-cdn.com
sync.richaudience.com
pbs-cs.yellowblue.io
7 match.adsrvr.org 7 redirects
7 aax.amazon-adsystem.com c.amazon-adsystem.com
7 a.flux.jp flux-cdn.com
7 image.excite.co.jp twinklesphotos.exblog.jp
image.excite.co.jp
6 csi.gstatic.com imasdk.googleapis.com
6 gum.criteo.com 2 redirects pdn.adingo.jp
flux-cdn.com
cache.send.microad.jp
6 eus.rubiconproject.com pdn.adingo.jp
eus.rubiconproject.com
script.4dex.io
ads.us.e-planning.net
6 ads.pubmatic.com pdn.adingo.jp
script.4dex.io
flux-cdn.com
ads.us.e-planning.net
6 www.googletagmanager.com twinklesphotos.exblog.jp
www.googletagmanager.com
dmp.im-apps.net
5 ad.as.amanad.adtdp.com 1 redirects flux-cdn.com
4 cache.send.microad.jp cdn.microad.jp
twinklesphotos.exblog.jp
cache.send.microad.jp
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 rtb.openx.net 2 redirects flux-cdn.com
excite-d.openx.net
4 c1.adform.net 4 redirects
4 match.prod.bidr.io 2 redirects twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
4 s.amazon-adsystem.com 1 redirects twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
4 us-u.openx.net 1 redirects twinklesphotos.exblog.jp
excite-d.openx.net
4 x.bidswitch.net 4 redirects
4 mp.4dex.io flux-cdn.com
4 prebid-asia.creativecdn.com flux-cdn.com
4 hbopenbid.pubmatic.com flux-cdn.com
4 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 cdn.browsiprod.com flux-cdn.com
cdn.browsiprod.com
4 cdn.jsdelivr.net flux-cdn.com
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
4 dmp.im-apps.net twinklesphotos.exblog.jp
pdn.adingo.jp
dmp.im-apps.net
cdn.microad.jp
4 platform.twitter.com twinklesphotos.exblog.jp
platform.twitter.com
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
3 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
3 mug.criteo.com
3 pixel.tapad.com 3 redirects
3 ssbsync.smartadserver.com script.4dex.io
3 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
3 adsdk.bing.net adsdk.microsoft.com
3 ade.googlesyndication.com twinklesphotos.exblog.jp
3 match.sharethrough.com 1 redirects twinklesphotos.exblog.jp
ssbsync.smartadserver.com
3 adsdkprod.azureedge.net srcdoc
3 adsdk.microsoft.com srcdoc
3 pixel-apac.rubiconproject.com 3 redirects
3 r4---sn-ogueln66.c.2mdn.net 1 redirects twinklesphotos.exblog.jp
3 audiencedata.im-apps.net cdn.audiencedata.net
dmp.im-apps.net
3 image6.pubmatic.com ads.pubmatic.com
cf.im-apps.net
3 sync.im-apps.net cf.im-apps.net
3 secure-assets.rubiconproject.com 3 redirects
3 imasdk.googleapis.com googleads.g.doubleclick.net
twinklesphotos.exblog.jp
3 api.btloader.com btloader.com
3 shb.richaudience.com flux-cdn.com
3 htlb.casalemedia.com flux-cdn.com
3 d.socdm.com flux-cdn.com
3 blogger.googleusercontent.com twinklesphotos.exblog.jp
3 c.amazon-adsystem.com image.excite.co.jp
c.amazon-adsystem.com
3 www.google-analytics.com twinklesphotos.exblog.jp
www.google-analytics.com
www.googletagmanager.com
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 prebid.a-mo.net 2 redirects
2 u-sin01.e-planning.net ads.us.e-planning.net
2 sync.e-planning.net ads.us.e-planning.net
2 ads.us.e-planning.net 1 redirects script.4dex.io
2 prebid-match.dotomi.com 2 redirects
2 ad.360yield.com 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 www.temu.com 1 redirects
2 t.adx.opera.com 2 redirects
2 onetag-sys.com script.4dex.io
ads.us.e-planning.net
2 s.ad.smaato.net 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ssbsync.smartadserver.com
2 static.xx.fbcdn.net www.facebook.com
2 ep1.adtrafficquality.google securepubads.g.doubleclick.net
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
flux-cdn.com
2 capi.connatix.com twinklesphotos.exblog.jp
ssum-sec.casalemedia.com
2 ce.lijit.com 1 redirects twinklesphotos.exblog.jp
2 aax-eu.amazon-adsystem.com 1 redirects twinklesphotos.exblog.jp
2 ups.analytics.yahoo.com 2 redirects
2 10208769.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 sync6.im-apps.net dmp.im-apps.net
flux-cdn.com
2 hs.adingo.jp pdn.adingo.jp
2 hrbh3.publishers.tremorhub.com 2 redirects
2 creativecdn.com 2 redirects
2 ab.dns-finder.com btloader.com
2 yield-manager.browsiprod.com flux-cdn.com
cdn.browsiprod.com
2 btloader.com flux-cdn.com
btloader.com
2 syndication.twitter.com platform.twitter.com
twinklesphotos.exblog.jp
2 md.exblog.jp twinklesphotos.exblog.jp
2 connect.facebook.net twinklesphotos.exblog.jp
connect.facebook.net
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 pds.exblog.jp twinklesphotos.exblog.jp
1 dsp.360yield.com 1 redirects
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 hb.trustedstack.com ads.us.e-planning.net
1 image8.pubmatic.com ads.us.e-planning.net
1 gw-iad-bid.ymmobi.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 cs.yellowblue.io pbs-cs.yellowblue.io
1 ssp.send.microad.jp twinklesphotos.exblog.jp
1 pbs-cs.yellowblue.io sync.richaudience.com
1 s-rtb.send.microad.jp j.microad.net
1 cdn.microad.jp j.microad.net
1 j.microad.net securepubads.g.doubleclick.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 tr.blismedia.com excite-d.openx.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 cs.admanmedia.com 1 redirects
1 serv.ds.kakao.com 1 redirects
1 ds.uncn.jp 1 redirects
1 ad.turn.com 1 redirects
1 secure.adnxs.com 1 redirects
1 js-sec.indexww.com flux-cdn.com
1 acdn.adnxs.com flux-cdn.com
1 excite-d.openx.net flux-cdn.com
1 sync.adotmob.com 1 redirects
1 u.openx.net 1 redirects
1 g2.gumgum.com flux-cdn.com
1 ad.ad-stir.com flux-cdn.com
1 grid-bidder.criteo.com flux-cdn.com
1 aladdin.genieesspv.jp flux-cdn.com
1 rtb.gumgum.com 1 redirects
1 visitor-waardex.omnitagjs.com
1 sync.adkernel.com 1 redirects
1 ssp.wp.pl 1 redirects
1 dis.criteo.com 1 redirects
1 www.google.com ep2.adtrafficquality.google
1 ads.stickyadstv.com 1 redirects
1 www.facebook.com connect.facebook.net
1 lbs.eu-1-id5-sync.com cdn.id5-sync.com
1 s-cs.send.microad.jp 1 redirects
1 syncv4.intentiq.com twinklesphotos.exblog.jp
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 sync.ipredictive.com 1 redirects
1 px.ads.linkedin.com twinklesphotos.exblog.jp
1 adservice.google.com 10208769.fls.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 aid.send.microad.jp cf.im-apps.net
1 universe.send.microad.jp cf.im-apps.net
1 analytics.twitter.com cf.im-apps.net
1 api.id5-sync.com cdn.id5-sync.com
1 b.im-apps.net cdn.audiencedata.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 bid.socdm.com 1 redirects
1 cdn.id5-sync.com pdn.adingo.jp
1 aud.adjust-net.jp pdn.adingo.jp
1 sync.fout.jp pdn.adingo.jp
1 atb.im-apps.net twinklesphotos.exblog.jp
1 cdn.audiencedata.net www.googletagmanager.com
1 cf.im-apps.net twinklesphotos.exblog.jp
1 sh.adingo.jp pdn.adingo.jp
1 fonts.googleapis.com googleads.g.doubleclick.net
1 cdn.sx.adingo.jp pdn.adingo.jp
1 pdn.adingo.jp twinklesphotos.exblog.jp
1 www.google.co.jp twinklesphotos.exblog.jp
1 analytics.google.com www.googletagmanager.com
1 nidan.addlv.smt.docomo.ne.jp cdn.nidan.d2c.ne.jp
1 sp.gmossp-sp.jp flux-cdn.com
1 script.4dex.io flux-cdn.com
1 js.api.nidan.d2c.ne.jp cdn.nidan.d2c.ne.jp
1 cnt.fout.jp dmp.im-apps.net
1 cdn.nidan.d2c.ne.jp flux-cdn.com
1 logging.exblog.jp twinklesphotos.exblog.jp
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 b.st-hatena.com twinklesphotos.exblog.jp
1 flux-cdn.com image.excite.co.jp
1 twinklesphotos.exblog.jp
0 pm.w55c.net Failed ssbsync.smartadserver.com
0 dps.jp.cinarra.com Failed excite-d.openx.net
0 cs.nex8.net Failed excite-d.openx.net
0 pbs.yahoo.com Failed twinklesphotos.exblog.jp
491 193
Subject Issuer Validity Valid
*.exblog.jp
Amazon RSA 2048 M03		 2025-04-13 -
2026-05-12		 a year crt.sh
*.eximg.jp
Amazon RSA 2048 M02		 2025-01-09 -
2026-02-07		 a year crt.sh
*.google-analytics.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.excite.co.jp
Amazon RSA 2048 M03		 2024-12-28 -
2026-01-25		 a year crt.sh
*.g.doubleclick.net
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
flux-cdn.com
Certainly Intermediate R1		 2025-11-03 -
2025-12-03		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M04		 2025-10-20 -
2026-11-18		 a year crt.sh
*.twimg.com
R12		 2025-09-20 -
2025-12-19		 3 months crt.sh
*.b.st-hatena.com
Amazon RSA 2048 M04		 2025-07-23 -
2026-08-20		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-12-22 -
2026-01-21		 a year crt.sh
*.facebook.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-08-17 -
2025-11-15		 3 months crt.sh
*.googleusercontent.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2025-01-10 -
2026-01-10		 a year crt.sh
twitter.com
E7		 2025-10-13 -
2026-01-11		 3 months crt.sh
cdn.nidan.d2c.ne.jp
Amazon RSA 2048 M03		 2025-06-29 -
2026-07-27		 a year crt.sh
btloader.com
WE1		 2025-09-27 -
2025-12-26		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2025-04-25 -
2026-05-04		 a year crt.sh
*.browsiprod.com
Amazon RSA 2048 M04		 2025-10-14 -
2026-11-11		 a year crt.sh
a.flux.jp
WR3		 2025-09-15 -
2025-12-14		 3 months crt.sh
*.fout.jp
RapidSSL TLS RSA CA G1		 2025-01-27 -
2026-02-25		 a year crt.sh
js.api.nidan.d2c.ne.jp
Amazon RSA 2048 M02		 2025-07-01 -
2026-07-28		 a year crt.sh
ad-delivery.net
WE1		 2025-10-30 -
2026-01-28		 3 months crt.sh
*.doubleclick.net
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
ab.dns-finder.com
WR3		 2025-10-22 -
2026-01-20		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2025-03-31 -
2026-04-29		 a year crt.sh
script.4dex.io
WE1		 2025-09-11 -
2025-12-10		 3 months crt.sh
*.adingo.jp
Amazon RSA 2048 M04		 2025-07-16 -
2026-08-14		 a year crt.sh
*.adnxs.com
GeoTrust TLS ECC CA G1		 2025-09-25 -
2026-10-26		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-19 -
2026-03-22		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2025-09-04 -
2026-09-30		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2025-04-17 -
2026-05-02		 a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M01		 2025-11-05 -
2026-12-03		 a year crt.sh
sp.gmossp-sp.jp
WR3		 2025-10-05 -
2026-01-03		 3 months crt.sh
casalemedia.com
E8		 2025-10-02 -
2025-12-31		 3 months crt.sh
*.richaudience.com
RapidSSL TLS RSA CA G1		 2025-02-20 -
2026-02-25		 a year crt.sh
mp.4dex.io
WE1		 2025-10-16 -
2026-01-14		 3 months crt.sh
api.btloader.com
WR3		 2025-09-23 -
2025-12-22		 3 months crt.sh
*.smt.docomo.ne.jp
Cybertrust Japan SureServer CA G4		 2025-05-27 -
2026-06-14		 a year crt.sh
*.google.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.google.co.jp
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
sx.adingo.jp
Amazon RSA 2048 M02		 2025-01-30 -
2026-03-01		 a year crt.sh
upload.video.google.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.audiencedata.net
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-09-22 -
2026-09-21		 a year crt.sh
atb.im-apps.net
WR3		 2025-09-20 -
2025-12-19		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.adjust-net.jp
Amazon RSA 2048 M04		 2025-04-14 -
2026-05-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-03 -
2025-12-06		 3 months crt.sh
id5-sync.com
WE1		 2025-09-19 -
2025-12-18		 3 months crt.sh
*.gstatic.com
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
b.im-apps.net
WR3		 2025-10-28 -
2026-01-26		 3 months crt.sh
audiencedata.im-apps.net
WR3		 2025-10-16 -
2026-01-14		 3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2025-10-06 -
2026-11-07		 a year crt.sh
adsdk.microsoft.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2025-08-01 -
2026-02-01		 6 months crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 07		 2025-10-16 -
2026-04-14		 6 months crt.sh
match.prod.bidr.io
Amazon RSA 2048 M02		 2025-05-17 -
2026-06-13		 a year crt.sh
*.c.docs.google.com
WR2		 2025-10-28 -
2026-01-06		 2 months crt.sh
adsdk.bing.net
Microsoft Azure RSA TLS Issuing CA 04		 2025-10-10 -
2026-04-08		 6 months crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 04		 2025-04-23 -
2026-04-18		 a year crt.sh
eu-1-id5-sync.com
R12		 2025-11-01 -
2026-01-30		 3 months crt.sh
adtrafficquality.google
WR2		 2025-10-13 -
2026-01-05		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
u.4dex.io
WR3		 2025-09-13 -
2025-12-12		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2025-08-12 -
2026-08-19		 a year crt.sh
*.genieesspv.jp
GeoTrust TLS RSA CA G1		 2025-04-07 -
2026-05-08		 a year crt.sh
*.ad-stir.com
Amazon ECDSA 256 M01		 2025-11-05 -
2026-12-04		 a year crt.sh
*.sp-adex-prd-eks-1.ggops.com
Amazon RSA 2048 M03		 2025-03-27 -
2026-04-25		 a year crt.sh
*.one.impact-ad.jp
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-09-16 -
2025-12-10		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2025-04-28 -
2026-05-29		 a year crt.sh
indexww.com
WE1		 2025-09-21 -
2025-12-20		 3 months crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-21 -
2025-12-27		 a year crt.sh
*.temu.com
Go Daddy Secure Certificate Authority - G2		 2025-07-13 -
2026-08-14		 a year crt.sh
tr.blismedia.com
WR3		 2025-11-05 -
2026-02-03		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2025-10-30 -
2026-08-04		 9 months crt.sh
capi.connatix.com
WE1		 2025-10-27 -
2026-01-25		 3 months crt.sh
support13.cdnetworks.net
GlobalSign RSA OV SSL CA 2018		 2025-03-31 -
2026-05-02		 a year crt.sh
jpssl.cdngc.net
GlobalSign RSA OV SSL CA 2018		 2025-09-02 -
2026-10-04		 a year crt.sh
*.yellowblue.io
WR3		 2025-11-01 -
2026-01-31		 3 months crt.sh
ads.us.e-planning.net
R12		 2025-09-08 -
2025-12-07		 3 months crt.sh
*.e-planning.net
R13		 2025-09-08 -
2025-12-07		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M04		 2025-08-09 -
2026-09-07		 a year crt.sh
hb.trustedstack.com
R13		 2025-10-23 -
2026-01-21		 3 months crt.sh

This page contains 55 frames:

Primary Page: https://twinklesphotos.exblog.jp/33443955/
Frame ID: 1F3EA5A596E57EEABA22B03D4A7A3B30
Requests: 214 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Frame ID: 0334CD03EC87C2AE79FA8E42C80FFA02
Requests: 2 HTTP requests in this frame

Frame: https://btloader.com/trustedIframe.html?o=5727730570625024&upapi=true
Frame ID: 5C3527417E2723EC4340A87F242DE49F
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: DDA0899FF43EBC2F061E57E70DCDA0D1
Requests: 1 HTTP requests in this frame

Frame: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: BF9728AF1061A21B1569902D357EF17C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/zrt_lookup_fy2021.html
Frame ID: 2CB3C436E85A76B05FC13447CE96C411
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&adk=433290209&adf=473226989&lmt=1762592350&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349975&bpp=14&bdt=684&idt=392&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4466936478226&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=410
Frame ID: BE9DF81CF344A89FD7B36500C56405A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Frame ID: 40937C0EF8BD3A74143EC0919DA91F18
Requests: 31 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
Frame ID: D9166340297DD580F1B152D91929B6D6
Requests: 2 HTTP requests in this frame

Frame: https://pdn.adingo.jp/p.js
Frame ID: D218D248F7DE3DC169E91ADF8B3E9EC3
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Frame ID: E4D4DEB3309D2FEF126550EEF7B9FF68
Requests: 2 HTTP requests in this frame

Frame: https://cf.im-apps.net/imid/beacon.html
Frame ID: B628120A8A7D5D20AF8F4097E2DE058F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Frame ID: 6F306AF67A90B1B37A998308F3C8978C
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Frame ID: 159CD815E4C6881E85D4E3E7CEB485C8
Requests: 20 HTTP requests in this frame

Frame: https://10208769.fls.doubleclick.net/activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F
Frame ID: 2998C8891AAF72FC09279C6C3C2E26BF
Requests: 2 HTTP requests in this frame

Frame: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 3CFB190AFCCCFFCE11378E739DFBFD5F
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 352CD48F29BD5DCA7682F9460EF689E5
Requests: 3 HTTP requests in this frame

Frame: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 328CA1AEED13B09BAC2A2473BF5DEBBB
Requests: 10 HTTP requests in this frame

Frame: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: AAC5F5003980257C9D222D15253F7E31
Requests: 10 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 8D4106DF55201BFA4C4DD000A7854EE3
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 3AF64A0E3E09C7DCE44EAFCC23CC4F8F
Requests: 9 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: CCB7DA2FEAABEE0134C4550BA4FEBEFD
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: E07EB5A9BC8E917F044976B0CBC3C5D4
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: 88B1CC97EEE758DDAB9083AF9268E70E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Frame ID: FAA619A1629A9D43293A8A2A6225C0B4
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcb1679aceffcc7a8%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ff0a46a20ba7e6cac8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&layout=button_count&locale=ja_JP&sdk=joey
Frame ID: D80C5E5B2F73934ECDD302CA9B7BDB35
Requests: 3 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: A420D2CA56CE8C2BC784C740839B5807
Requests: 6 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: A2897427614F82C5EA8475858C1AB29E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE63A4C0C2387449049D46C56A371301
Requests: 2 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 4052C6D5F480577E40C2438F659D1A35
Requests: 6 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7910311105&rd=1
Frame ID: 23E1E471887E4A4F31169A0112EE2A97
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158977
Frame ID: D655D88E1C29B0EAF8455586FE3C7BBB
Requests: 3 HTTP requests in this frame

Frame: https://excite-d.openx.net/w/1.0/pd
Frame ID: C378AD926599366B022DEF3E70D67F7E
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1B0B5C0BEA65726DD2A5F3FBA6C31D6E
Requests: 3 HTTP requests in this frame

Frame: https://y.one.impact-ad.jp/push_sync
Frame ID: EE54B1AA0437518E93F377EE2F24AB30
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=criteoPrebidAdapter&topUrl=twinklesphotos.exblog.jp&gpp=
Frame ID: A2C0E2CEDC36E2C11C9D1078247BDB62
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EEF0300701D38DC845C7DBC0B9EA704C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 1141F4275580ABE92FDF17FB2463DC3F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: ED0407CF90F36F8A8E39ED8C6B228A10
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBkaaWhKqO_XmDY1CqNPfHFIlpA8yUPnUhfb_AKE8cLO8DqHQV1_qH0uRzCnC3Yry_Cv1A9IeCtRTvbT07Gt_iNoBr5Xvf7Mnj68ZZKDim1wy7-lg-I1_NBmLsgpn8PC9EbDijnAyKT2HiJumvS3PZzls9JpQb5qtBp91utBoXUbiSgsZSRdt0L9BySl0BqSG4B8X-A0558Ot-ryymZ0DFvcX2-Vsaa-uMOCo0uRfgZ3WDF99zC3pthQq6_bJSbS5O26w3A8MpTWZFvv0e7VWsceIgNJybPzc5ZQzz80LGk3MwNN1Dybu9JUACTE5rQbtzIK_enGcxlfjQxThgsin1DoYKLi_T7LupLHdVBai2h_dg24Z4AbI3J0VeRu5XjgZbsDCt1VVd8GPpBvmunM6j7rNV6gkqBCMxpgSgGZF6FIpjJsSjvIeBBAxpJIdQJbE&sai=AMfl-YRL7ZekAhaAJSPBYki4Cc-vf4EiSLj8JzWmIJqbOTrZZshIurUqEwg-RrOK_fNo4XLTgdY7FCzhXvWT7JrZqDGiBmGHND0LOKI0H1P1Snq_lEs15S4ezPzgybQq22oNWR_fNN5dAe-vFKRkMvSk1ReAbl87tfRzkYLyj5qlJ1e4Ej9WttacdJWfZQthQRqTzNrrcUip82kKyJK21nxEEEFxHw5YiPF8e_A49uadPySPmeLUCA8HT4UvmJ_Gq3yCPWhOlA&sig=Cg0ArKJSzI_Uq9yNGEiLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 005E683E60CE0942B3D16BC34BF941A7
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Frame ID: 591C50C00BF121031F1D84EF77A71067
Requests: 4 HTTP requests in this frame

Frame: https://cache.send.microad.jp/fpc/get-tr.html
Frame ID: 3E602A29D6B30847854CBE17020D79F8
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/js/cookie_loader.html
Frame ID: D03EB4F9FD972878F7B1EF3605DDA5E5
Requests: 2 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1dd6ec294bd099ce754202ab353d63bd%3Fgdpr%3D0%26euconsent%3D%26uid%3D[PBS_UID]
Frame ID: 171749FB9ED0BD2E5102E0202560815F
Requests: 3 HTTP requests in this frame

Frame: https://cache.send.microad.jp/fpc/collect.min.js
Frame ID: E4E077CA4A409A4DB0FF9F72A92FE294
Requests: 1 HTTP requests in this frame

Frame: https://cache.send.microad.jp/fpc/get-tr.html
Frame ID: 408C38BEABE10E5270CF05E2306F853F
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Frame ID: 9BB8F53ED3708044D28C9DBEA3A097D5
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Frame ID: 94652939430A9ABAA38460F3DA8B7197
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D3bccfc464e78b742%26uid%3D
Frame ID: 1288C08A6AF18A63A529A8F82BDD4C79
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 7BEE4D82C18215F55690FF38FFE523C3
Requests: 1 HTTP requests in this frame

Frame: https://hb.trustedstack.com/cksync.php?cs=61&type=pln&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&gpp=${GPP}&gpp_sid=${GPP_SID}&redirect=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%3Cvsid%3E%26dc%3D6a5d39baa4d06b94%26fi%3D3bccfc464e78b742
Frame ID: E4F749245AAE5FCA2A20A8C715D28DA1
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=eplanning&it=adg-pb-clt&uid=ADtGCdDL-W7Uy9UT
Frame ID: C985FA78EB9B30798FBFB593C5C16D6F
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 4CA25EB404AFD2C0E0811C2D2947D47A
Requests: 6 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 9AA93730FEDD45C26AC91A22E46BA5A0
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?src=LTJS&s=22%2C33%2C7%2C168%2C164%2C2&lac=true&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 185A8636ED2AB54CA0D6102DC5152CAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Bitcoin and Ethereum : What's the difference? : TWINKLES

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

491
Requests

84 %
HTTPS

22 %
IPv6

104
Domains

193
Subdomains

145
IPs

14
Countries

6024 kB
Transfer

20703 kB
Size

164
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 96
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279398&cb=4835769382&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=24e5dd613c47f03&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=4835769382&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=24e5dd613c47f03&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 106
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279400&cb=52604596374&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=422958af37b9e72&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=52604596374&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=422958af37b9e72&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 109
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279402&cb=61013933126&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=46ded14a8e1afd08&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250 HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=61013933126&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=46ded14a8e1afd08&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Request Chain 136
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1 HTTP 302
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=XRJRDW5EytY_zLVPi1S0ptFIcm70P-Qu1-_5_lL_I48&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Request Chain 169
  • https://x.bidswitch.net/sync?ssp=fluct HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=fluct HTTP 302
  • https://cs.adingo.jp/sync/?from=bidsw&id=fe03c232-5527-4a28-adf1-4ee634c4c112
Request Chain 171
  • https://us-u.openx.net/w/1.0/cm?id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
Request Chain 172
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=fluct&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Request Chain 173
  • https://ad.as.amanad.adtdp.com/v1/sync/ssp?ssp=5 HTTP 303
  • https://cs.adingo.jp/sync/?from=aja&id=s2suidn37BjgjceqjbcA4Ej4WpsQ0AcQgVO2LWvV6h15b_XWdG4b_DosVLEwFRgK0wQqr5oXTAWS
Request Chain 174
  • https://hrbh3.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D HTTP 302
  • https://hrbh3.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D HTTP 302
  • https://cs.adingo.jp/sync/?from=magnite&id=35da0fe52526439fb38f0b680f876ef7
Request Chain 175
  • https://y.one.impact-ad.jp/tbs_cs?callback=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dp1%26id%3D%24UID&ex=p1.com HTTP 302
  • https://cs.adingo.jp/sync/?from=p1&id=f1a42cdd-88d7-47e5-a047-9e1ddf234f49
Request Chain 176
  • https://cs.adingo.jp/adx/go/?nid=fluct_eb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=5fd679a765a7ff85dfd2a9ec5d7679b0
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=dj0pjjk&ttd_tpi=1 HTTP 302
  • https://cs.adingo.jp/sync/?from=tdid&id=246ca134-2766-4e4a-a408-eb2751e5cc6e&ttl=1765184350
Request Chain 184
  • https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&t=.gif HTTP 302
  • https://cs.adingo.jp/sync/?from=scaleout&id=aQ8GXsCo8HAAAGFuDU8AAAAA
Request Chain 208
  • https://ad.doubleclick.net/activity;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=CP-I6peY4pADFQK66QUdTbsJ3Q;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F
Request Chain 209
  • https://10208769.fls.doubleclick.net/activityi;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F HTTP 302
  • https://10208769.fls.doubleclick.net/activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm HTTP 302
  • https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEH1yUxzsCla9MZ2Js5AFkU&google_cver=1
Request Chain 213
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1 HTTP 302
  • https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=246ca134-2766-4e4a-a408-eb2751e5cc6e
Request Chain 225
  • https://gcdn.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/id,itag,source,xpc,ctier,acao,ip,ipbits,expire/signature/2E8CF221DD5301C0E32CC014041CFD65C8A2E809.414FDC8E415365B297C9EFE21D8124CA1AE14F70/key/ck2/file/file.mp4 HTTP 302
  • https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,ip,ipbits,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/29B52FEF26E658A16C2E2E7720CB771A1E1C46CA.5144798BEFA29F89168A3AE7C8A1B4F170E2DDCE/key/cms1/cms_redirect/yes/met/1762592351,/mh/e3/mip/2001:ac8:40:1d::1e/mm/42/mn/sn-ogueln66/ms/onc/mt/1762590730/mv/u/mvi/4/pl/48/rms/onc,onc/file/file.mp4 HTTP 302
  • https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/7FEED1151C0ACD125062E21BE8B8A45C340FCEF7.54270E28C7A7E23E32B50681812859780B88C733/key/cms1/met/1762592351,/mh/e3/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-oguelr7z/rrc/104/fexp/24350737,24350827,24352157,24352274,24352278/req_id/7f162f3f0873a3ee/cms_redirect/yes/ipbypass/yes/mip/146.70.201.171/mm/42/mn/sn-ogueln66/ms/onc/mt/1762590730/mv/u/mvi/4?file=file.mp4
Request Chain 243
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=fluct&khaos=MHQ1Z6EM-1Y-HV8E HTTP 302
  • https://cs.adingo.jp/sync?from=rubicon&id=MHQ1Z6EM-1Y-HV8E
Request Chain 264
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=MHQ1Z6EM-1Y-HV8E&ex=d-rubiconproject.com&status=ok
Request Chain 265
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Request Chain 266
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUhRMVo2RU0tMVktSFY4RQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNFRvQG0ice8RAN_EeGTMo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhRMVo2RU0tMVktSFY4RQ==&google_push=
Request Chain 267
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=HEELmfZHgYJe3_kX-v9UScn5EUdSAgOZEtemQ7w0kco&csrc= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=HEELmfZHgYJe3_kX-v9UScn5EUdSAgOZEtemQ7w0kco&csrc=&verify=true HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tyyrjtlE2oIas8E6RQW_A05CWzR4ljuSmTUKrw--~A
Request Chain 268
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 269
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=246ca134-2766-4e4a-a408-eb2751e5cc6e&gdpr=0&gdpr_consent=&expires=30
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3GTBSqwGvoRdcetupLbcc&google_cver=1
Request Chain 271
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHQ1Z6EM-1Y-HV8E
Request Chain 272
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjAwMWEwMjUyMTgzYjFkYmFjZTA1OWQyODZmMmE0MGE5NWYyN2E2Yg
Request Chain 274
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d9861cf8-3c8b-4df7-b454-4afc6d1091de&expires=30
Request Chain 275
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=MHQ1Z6EM-1Y-HV8E HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=MHQ1Z6EM-1Y-HV8E&dnr=1
Request Chain 276
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange HTTP 302
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MHQ1Z6EM-1Y-HV8E
Request Chain 277
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MHQ1Z6EM-1Y-HV8E HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHQ1Z6EM-1Y-HV8E HTTP 302
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHQ1Z6EM-1Y-HV8E&ckls=true&ci=51mlwLJfOO&nc=false&trid=-981136860
Request Chain 278
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=MHQ1Z6EM-1Y-HV8E&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 279
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHQ1Z6EM-1Y-HV8E
Request Chain 290
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP7anuAFEKeko_cFGN3fhMkCIAEwAQ&v=APEucNWkezOVi2HNAYCc-9KnupNQRmCLezx0DiA8DY_z5frVxeXMqN45FEokNO49g1spgud0tHa-qERZnvAE95SixJJSYYubQ3n3Ih_ib4YNlJ0tswa4CDo HTTP 302
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ZmUyNTUwZGY5NjIzNTAwY2JmZGVlN2FkNTZjYTY2ZmI=
Request Chain 338
  • https://ads.stickyadstv.com/user-matching?id=3656 HTTP 302
  • https://u.4dex.io/setuid?bidder=freewheel&uid=feceb766cb5c1668f6d1082fa9b9c68
Request Chain 350
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3c55f07d-1b63-480a-b694-61c7ada779ab&gdpr=0&gdpr_consent=
Request Chain 351
  • https://ssp.wp.pl/v1/sync/smart/uid?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D55&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=55&partneruserid=dbd3bb6638d27b363584d375d118dcfb%3A8bb697%3A1762592353%3Av3
Request Chain 352
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5337911933238270778&gdpr=0&gdpr_consent=
Request Chain 353
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D170%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D170%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=aQ8GYAACRvp5tQAJ
Request Chain 354
  • https://sync.adkernel.com/user-sync?zone=256788&t=image&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dmadopi%26it%3Dadg-pb-clt%26uid%3D%7BUID%7D HTTP 302
  • https://visitor-waardex.omnitagjs.com/visitor/bsync?uid=f9f79c63be893b97a3364690a09d0b8d&name=WAARDEX_SSP&url=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D256788%26dsp%3D688143%26t%3Dimage%26uid%3DPARTNER_USER_ID
Request Chain 356
  • https://id5-sync.com/i/1159/8.gif?o=api&id5id=ID5*62U9xS_Yhkbfw7gn9fZRQcUDP_z_pDC112_s4DGkU3D__2kPBmBaAAEBCmkPBmAAYDwYrAJ7ds6JM9Ng12i7Kw&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1159/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/2/7/2.gif?puid=409973595572320909&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=246ca134-2766-4e4a-a408-eb2751e5cc6e&ttl=%%TTL%% HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/441/5/4.gif?puid=a_c751668b-0d6a-4c7b-adce-1f8e5da13a22&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/108/4/5.gif?puid=7e78d458-2888-49d8-bd68-35822650d90a&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F3%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F3%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0b25e709-bee6-435a-aef5-5b6c4708b3ed-690f0662-4a50&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F3%2F6.gif%3Fpuid%3D0b25e709-bee6-435a-aef5-5b6c4708b3ed-690f0662-4a50%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/1159/826/3/6.gif?puid=0b25e709-bee6-435a-aef5-5b6c4708b3ed-690f0662-4a50&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1159/10/2/7.gif?puid=5284147940615405056&gdpr=0&gdpr_consent= HTTP 302
  • https://token.rubiconproject.com/token?pid=49266&puid=ID5-e14aoYyP4lGXsYN7oljlS1c2WHHwORFZO-VEv_Ba1A&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/285.gif?puid=MHQ1Z6EM-1Y-HV8E&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/0/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/0/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1159/19/0/9.gif?puid=91060d098c48233660c45abb7e94c6fe&gdpr=0&gdpr_consent=
Request Chain 373
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26it%3Dadg-pb-clt%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&it=adg-pb-clt&uid=f7adbf92-fffd-471a-b003-bea2dd5d4464
Request Chain 380
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=0ca120050046bc22b2bd5baa&gdpr=0&gdpr_consent=
Request Chain 381
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=2b2edb95b6
Request Chain 382
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=5284147940615405056&gdpr=0&gdpr_consent=
Request Chain 383
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=111&partneruserid=ID5-e14aoYyP4lGXsYN7oljlS1c2WHHwORFZO-VEv_Ba1A&redirurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F102%2F8%2F2.gif%3Fpuid%3DSMART_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/102/8/2.gif?puid=5337911933238270778&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F10%2F7%2F3.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/102/10/7/3.gif?puid=5284147940615405056&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=&_bee_ppp=1 HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAGLlE7SHg0AABuD73kgTQ&id5AccountNum=155&numCascadesAllowed=9
Request Chain 388
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&domain=twinklesphotos.exblog.jp&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=oof9RHxoZVczc3FuOFZ4YUtRRVFpL2M2dmJJTnNnN0crNnBZeUVtMlU4aEsyZHRuNWZhZ3RQS2NDNnVndmZxNGZFazB1ek9lZGFCUEwwV2NhRTZLd21aWmhwdWlkNlc0NUxHUkdzUkhDejZCS2ppTElwUUJ0NkdwQlVIcU9wd1VDNStUdEhzNmR5QzlqeUFiazJISm9RZElyL1JqaC9hTFJxeEhQYmR2Q1pIWENoTDE3T3FTNVROaWJZaGlMQXFrcWY5Qjdva1FwUkppOUd6ejdIajJUa2g5dWhVNXQ1cnk1OXd2TzBmRWFadm94alVqTHNsTjA3T1E1eWYyME1wZ2x5ZStwS0lGK3F6ZC84eTlxZWk1VjJFc2NUMkZ6elFUWmdHdWwyTXRybmpHOFJZMFM3cEZvL3p2c2NOdi95cjNEa0E1OVFqU2VaYkJRanVWckFZWnBtMUZDR1E9PXw&cppv=2
Request Chain 389
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7910311105 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=7910311105&rd=1
Request Chain 401
  • https://gum.criteo.com/sid/json?origin=criteoPrebidAdapter&domain=twinklesphotos.exblog.jp&sn=ChromeSyncframe&so=0&topUrl=twinklesphotos.exblog.jp&topicsavail=1&fledgeavail=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=5va5AHxEd1JTY2pwTjMyTkt2aWNlbjgxb2UzeVppZHFrc3RFOE5wZGxxalF2NmV5cFBtcVNYRWJhamszRVhzR3FJRjJRUmxZZkVsdm9WL3VlVnN4OXl5RnBJVDFqM1VTRVpwS0ZjR1Z1eDV2TEkxQXBxVlhPVmdyQmljcDVEUldIM2k2OVlXUTNqZUdQZmYvZlRjNjYxRFFFK1hya3pEKzROMU9rUkkxRklyR2JJczVtMWp4am1UMWRLVGV0bzFIYnZ2WGt4R0QyZjdJMy9VTS9WNUNSN0ZuUFh2UVNBVDQ2bFROa28rRzlNc0daS2Z6YWhUcFAxOUdMbW00ZjZCMnplYWVobW9yNjJDWVNaTSsvc1hRWFJ3MkUzM0JvUmV2VXdjM3FDSTY3V2d5MVg3TFcrMHJFYzU4Y282djFkL2t0dGJpUjVrL25KeC93RlIwZ0xoMnpHKzNFc2c9PXw&cppv=2
Request Chain 403
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 404
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=w-9kA19CJTJCb2hZQk54aXR1R2hrcEdURThuZ3owajQxRk9VVXMwczFiciUyRlg3N0lMcyUzRA&gpp=&gpp_sid=&gdpr=0&gdpr_consent=&us_privacy=&cr_user_id=k-I1LQZimJZIPjw2cxrga2tVm6Q1LFTnsaPUFIeQ HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=w-9kA19CJTJCb2hZQk54aXR1R2hrcEdURThuZ3owajQxRk9VVXMwczFiciUyRlg3N0lMcyUzRA&u=fe03c232-5527-4a28-adf1-4ee634c4c112
Request Chain 405
  • https://secure.adnxs.com/getuid?https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d-jubul9ORDdmTXY0WHNUdDBpWUdxJTJCd2ROMGV5cDNEM2FQMWFHMGh6T3dPbTlLMDglM0Q%26u%3d%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=-jubul9ORDdmTXY0WHNUdDBpWUdxJTJCd2ROMGV5cDNEM2FQMWFHMGh6T3dPbTlLMDglM0Q&u=409973595572320909&gdpr=0&gdpr_consent=
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=commerce_grid_dbm&google_hm=k-I1LQZimJZIPjw2cxrga2tVm6Q1LFTnsaPUFIeQ&google_cm&google_redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dvyj2el8lMkYxJTJCWmpMUUlBJTJCelc5ODJ0QmZieENCOGhQM3RUNWEzTFVrNWh6bmh1eEY4JTNE%26u%3d%25%25GOOGLE_GID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=vyj2el8lMkYxJTJCWmpMUUlBJTJCelc5ODJ0QmZieENCOGhQM3RUNWEzTFVrNWh6bmh1eEY4JTNE&u=CAESEGkYkkG0qj5ap1uErQ1xB2A&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 407
  • https://ad.turn.com/r/cs?pid=75&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?gdpr_consent=&gdpr=0&us_privacy=&dsp=11&buyer_id=8358649587845038654
Request Chain 408
  • https://ds.uncn.jp/mg/0/sync_push HTTP 302
  • https://ssp-sync.criteo.com/user-sync/bidder-initiated?dsp=479&buyer_id=v_fce5a403-4f3a-4e9a-8e93-5c9330104c66
Request Chain 409
  • https://serv.ds.kakao.com/adx/criteo/sync-uid?redirect_uri=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dWhgo6V9jdUswQmolMkZVNmlMU3RnNmtrelo2RXB0ZGFWNjZZTTlUSTZCSDlacVdUVDglM0Q%26x%3d491%26u%3d%24%7bDSP_UUID%7d%26age%3d%24%7bCOOKIE_AGE%7d HTTP 307
  • https://ssp-sync.criteo.com/user-sync/match?p=Whgo6V9jdUswQmolMkZVNmlMU3RnNmtrelo2RXB0ZGFWNjZZTTlUSTZCSDlacVdUVDglM0Q&x=491&u=8034eda54f7f4d5c9eda505b6a2b4f8c%3B1762592354339%3B&age=365
Request Chain 410
  • https://cs.admanmedia.com/e805be652c9053b8f771665f0ac3c361.gif?puid=k-I1LQZimJZIPjw2cxrga2tVm6Q1LFTnsaPUFIeQ&redir=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dNIf_vF9iJTJCM1FvWkoxam5rOWJpQ0NleEVDNEFNJTJGJTJCU0E3WU9iMGp1eUZoTG5yN3dnJTNE%26u%3d%5bUID%5d&gdpr=0&gdpr_consent=&ccpa= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=NIf_vF9iJTJCM1FvWkoxam5rOWJpQ0NleEVDNEFNJTJGJTJCU0E3WU9iMGp1eUZoTG5yN3dnJTNE&u=b7e350d3-7610-4782-9f0a-6afcedc5951e
Request Chain 411
  • https://t.adx.opera.com/pub/sync?pubid=pub13186530141056&gdpr=0&consent=&us_privacy=&gpp=&gpp_sid=&custom_data=dXBgpl9LZCUyQkIxeDJyT1l5UWlyT2xva0VOejlSVUpSUks2d1UwVENhT1RyeFBxeGslM0Q HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=21ccd6c784efbbd6&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub13186530141056%26gdpr%3D0%26consent%3D%26us_privacy%3D HTTP 302
  • https://t.adx.opera.com/sync?vendor=60369&pubid=pub13186530141056&gdpr=0&consent=&us_privacy= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=${REDIRECT_ENCRYPTED_PAYLOAD}&u=OPUecaf9a163a2e4d309cdb138b74346b9f
Request Chain 413
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=pPExO4ETzPwa3s8y1cZ3Ng==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 415
  • https://pr-bh.ybp.yahoo.com/sync/openx/ef60dd43-b839-e79b-cd7d-9570f98880c5?gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073025&val=y-iIvE6mBE2p.O16a59pxLBvw5kPOGODDZD6w-~A
Request Chain 416
  • https://sync.srv.stackadapt.com/sync?nid=268 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537082476&val=pRfRU5fjUGdnP651gMgq7pJGyas&gdpr=&gdpr_consent=
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=aQ8GYW4sBygABCT4D18T6wAAFZkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHTubJzQNG8vZ4ThPzUDxQE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=&gdpr_consent=&google_cver=1&google_gid=CAESEHTubJzQNG8vZ4ThPzUDxQE&google_hm=aQ8GYW4sBygABCT4D18T6wAAFZkAAAIB&google_nid=index&gpp=&gpp=&gpp_sid=&gpp_sid=
Request Chain 422
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=aQ8GYW4sBygABCT4D18T6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENeG225-zX2p3KG7wxnws88&google_cver=1
Request Chain 423
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=246ca134-2766-4e4a-a408-eb2751e5cc6e&expiration=1765184353&gdpr=0&gdpr_consent=
Request Chain 426
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=fe03c232-5527-4a28-adf1-4ee634c4c112&gdpr=&gdpr_consent=&us_privacy=
Request Chain 427
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aQ8GYW4sBygABCT4D18T6wAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=aQ8GYW4sBygABCT4D18T6wAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662124592046875
Request Chain 438
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=apac
Request Chain 442
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=MHQ1Z6EM-1Y-HV8E HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=MHQ1Z6EM-1Y-HV8E
Request Chain 451
  • https://ad.360yield.com/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2048&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.richaudience.com%2F056f32ee5cf49404607e368bd8d3f2af%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.richaudience.com/056f32ee5cf49404607e368bd8d3f2af/?gdpr=0&euconsent=&uid=cfbe676b-770c-4309-af24-910ec9cba0e3
Request Chain 452
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=id0lh84&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.richaudience.com/a16582f729b43087fa6353b148f7ea54/?uid=246ca134-2766-4e4a-a408-eb2751e5cc6e&gdpr=0&euconsent=&domain=sync.richaudience.com
Request Chain 453
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fsync.richaudience.com%2F99f2b3f30bec5a8826333eaec7ce7044%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=500698363dfe21f6&is_secure=true&version=1&networkId=72582&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Fsync.richaudience.com%2F99f2b3f30bec5a8826333eaec7ce7044%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D HTTP 302
  • https://sync.richaudience.com/99f2b3f30bec5a8826333eaec7ce7044/?gdpr=0&euconsent=&uid=AQAK2nbfpu0IcgJCTWJeAQEBAQEBAQCbY7HyrQEBAJtjsfKt&expiration=1762678755
Request Chain 457
  • https://s.ad.smaato.net/c/?adExInit=rise&gdpr=%5BGDPR%5D&gdpr_consent=%5BUSER_CONSENT%5D&redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Ffwrd%3D1%26aid%3D11574%26id%3D%24UID HTTP 302
  • https://cs.yellowblue.io/cs?fwrd=1&aid=11574&id=2b2edb95b6
Request Chain 458
  • https://sync.richaudience.com/1dd6ec294bd099ce754202ab353d63bd?gdpr=0&euconsent=&uid=F14SjuMnk HTTP 301
  • https://sync.richaudience.com/1dd6ec294bd099ce754202ab353d63bd/?gdpr=0&euconsent=&uid=F14SjuMnk
Request Chain 459
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/be96b820e5daac93?ct=1&ruidm=1&du=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Deplanning%26it%3Dadg-pb-clt%26uid%3D%24UID
Request Chain 462
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=a6d11d75-4cf4-49e2-abbd-f0806e5e250d&dc=769fefa8321c94fb&iss=1
Request Chain 463
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=ZXBsYW5uaW5n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&callback=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%7Bym_user_id%7D%26dc%3Ddbfd729d40c9c3fc%26fi%3D3bccfc464e78b742 HTTP 302
  • https://u-sin01.e-planning.net/um?uid=ym_user_f012fd98-9ec3-45b0-b66d-f9e79f26fb43&dc=dbfd729d40c9c3fc&fi=3bccfc464e78b742
Request Chain 464
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy={US_PRIVACY}&cb=https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4cb5e7f09da39e40%26fi%3D3bccfc464e78b742 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F10346%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Df5bd475f-4e90-49c8-901b-fd7107906ed9%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9M2JjY2ZjNDY0ZTc4Yjc0Mg%253D%253D%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/0/10346?gpp=&gdpr_consent=&gdpr=&gpp_sid=&us_privacy=&A=f5bd475f-4e90-49c8-901b-fd7107906ed9&bidder=openx&cbx=aHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9M2JjY2ZjNDY0ZTc4Yjc0Mg%3D%3D&uid=427934c8-910a-463b-9726-439087848f01 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&us_privacy=1---&pu=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F10346%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Df5bd475f-4e90-49c8-901b-fd7107906ed9%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly91LXNpbjAxLmUtcGxhbm5pbmcubmV0L3VtP3VpZD0kVUlEJmRjPTRjYjVlN2YwOWRhMzllNDAmZmk9M2JjY2ZjNDY0ZTc4Yjc0Mg%253D%253D%26uid%3D%23PMUID
Request Chain 465
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-sin01.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D3bccfc464e78b742%26uid%3D%24UID HTTP 302
  • https://u-sin01.e-planning.net/um?dc=8103fa85295fbe60&fi=3bccfc464e78b742&uid=409973595572320909
Request Chain 466
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=apac
Request Chain 473
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=12186&khaos=MHQ1Z6EM-1Y-HV8E HTTP 302
  • https://sync.e-planning.net/um?uid=MHQ1Z6EM-1Y-HV8E&dc=9bcc91305985f0db&iss=1
Request Chain 482
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=5337911933238270778&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 483
  • https://sync.srv.stackadapt.com/sync?nid=339&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=165&partneruserid=pRfRU5fjUGdnP651gMgq7pJGyas&gdpr=0&gdpr_consent=
Request Chain 484
  • https://dsp.360yield.com/dsp_match/275?ssp=45&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D85%26partneruserid%3D$%7BDSP_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=85&partneruserid=cfbe676b-770c-4309-af24-910ec9cba0e3&gdpr=0&gdpr_consent=
Request Chain 485
  • https://id5-sync.com/i/102/9.gif?gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F8%2F2.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ps.eyeota.net/match/bounce/?gdpr=0&gdpr_consent=&bid=1mpr7m0&r=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F123%2F8%2F2.gif%3Fpuid%3D%7BUUID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/123/8/2.gif?puid=19a62b0f947-20010000010e4b8e&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F112%2F7%2F3.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/102/112/7/3.gif?puid=60C07D10E99A8EEF&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AAGLlE7SHg0AABuD73kgTQ&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-e14aoYyP4lGXsYN7oljlS1c2WHHwORFZO-VEv_Ba1A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F3%2F5%2F5.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/3/5/5.gif?puid=19ef690f-0666-4d00-bdc9-278d20e62b54&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F104%2F4%2F6.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/102/104/4/6.gif?puid=fe03c232-5527-4a28-adf1-4ee634c4c112&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=ID5&rurl=https%3A%2F%2Fid5-sync.com%2Fc%2F102%2F163%2F3%2F7.gif%3Fpuid%3D_wfivefivec_%26gdpr%3D0%26gdpr_consent%3D

491 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
twinklesphotos.exblog.jp/33443955/ 		77 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.199.193.165 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-199-193-165.ap-northeast-1.compute.amazonaws.com
Software
nginx / PHP/7.1.33
Resource Hash
6ea5d01ada58f6e3bfe2550fda99eacc5acceed6b22d49d240b5f9edfd2c306e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 08:59:09 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
x-powered-by
PHP/7.1.33
jquery-1.11.3.min.js
s.eximg.jp/exblog/user3/library/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/library/js/jquery-1.11.3.min.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"f03e5a3bf534f4a738bc350631fd05bd"
x-amz-version-id
732s9xuGyB4xP.JlD9YbV0LDsuHxAABF
age
14070
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Yd9NQFq1HvzdLE_o8QiFSQSu4BYRQoBXVXYptUl9Vx7BvUzTWNsDcw==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog.js
s.eximg.jp/exblog/user3/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/exblog.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85959bc05ec04039dce0b3063238c0ba830761ab00ec7084d416c87ca8907738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"7da5f8b7eebc56ea75792432592db35d"
x-amz-version-id
17bW7urhYnPlLfwzL5Ez52s0fqXynhn1
age
14070
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
a8kh3aDa5dEGCEvOelnj8MzAf_s1qulLbRhhiC61VO96x0diHcJl_g==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
jquery-cookie-1.4.1.min.js
s.eximg.jp/exblog/user3/library/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/library/js/jquery-cookie-1.4.1.min.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"4412bf8023109ee9eb1f1f226d391329"
x-amz-version-id
mtZNv6ObwvsP6NZhpfPdfgUaHdnETGJU
age
14070
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
pO3QxkyRZVjmCgUgORegYoohbuhOjh4GxM7EQCAZjYRfde1QzekrSw==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
jquery.inview.js
s.eximg.jp/exblog/user3/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/jquery.inview.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
333012005cd5b3a4a127f3418a3e573111de891dcd221d62b92697fb0dea868a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"d22188e69538818dc40df96cf2726c98"
x-amz-version-id
E9Heb0avEcrFMhulU163hvxR9.e31O_Z
age
14070
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
PjwLNxEdBayNP-WAioG9mm8G1kcasmFjJKSxylV6_sJjTepMKkA83g==
date
Sat, 08 Nov 2025 05:04:40 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
app.js
s.eximg.jp/exblog/user3/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/app.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b8575a49854fbbcd1ab2fa83512644e78406d7cf3e9c605e00a2b7f3c76e09e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"e0369fd622f6883624d34dc34c42f340"
x-amz-version-id
Kw3Sw6m1QcNdhyjKzPpN7HXH9Ul72baM
age
14069
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
IIKwu7j945I0kaeNeeX8ltnQ9d-sA6tslcLU84yU3q_T_V6sbH7KKw==
date
Sat, 08 Nov 2025 05:04:41 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
htmx.min.js
s.eximg.jp/exblog/js/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/js/htmx.min.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fc57ba0e655504d282bb6ec1c3d89240cde9f2ce1c393d5b38a95c5bc6da875

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fda0965a21d4f1da88c0f429c5983923"
x-amz-version-id
UVuIrEucp1VtPHoj2N_WDdogqM9zc41O
age
76481
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
dCowQUDp3jwoqO0cCWLG6-xhPkpWpJKHmPzX32XWuTDkrTfAG54NeQ==
date
Fri, 07 Nov 2025 11:44:29 GMT
content-type
application/javascript
last-modified
Fri, 29 Aug 2025 07:38:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
alpine.min.js
s.eximg.jp/exblog/js/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/js/alpine.min.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
358d9afbb1ab5befa2f48061a30776e5bcd7707f410a606ba985f98bc3b1c034

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"382e629b180f49ed81f57b3025b9497c"
x-amz-version-id
zIiwsuJ5fTBLkGtt_5pjpDm3QeqEkNxB
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
3RHK4MQxRr4DVwWApJO3Q6pRB-7Mtfh-asbDZXgW27_cn0taoouxRw==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
application/javascript
last-modified
Fri, 29 Aug 2025 07:38:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog.profile.v2.css
s.eximg.jp/exblog/user3/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/exblog.profile.v2.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fe9d32e10eedfd0caeb9078619591824bb16d49f7a7fd48db978d4722d77df7a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"bb36afcc86abf89a6a5ede128a59e56a"
x-amz-version-id
iMRUSQ38NkoCuBUUz4LzajoxKgw8IqAL
age
14067
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
dLNt9gjahEUlRiz3uhe8DDrElKcY4tpgIgwdxUIJYJnZ1dm6B7IVWA==
date
Sat, 08 Nov 2025 05:04:43 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
age
1399
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 10:35:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:35:50 GMT
last-modified
Tue, 15 Jul 2025 00:44:26 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20737
server
Golfe2
js
www.googletagmanager.com/gtag/ 		419 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:806::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
043e3fa150fbc0ccd1b5b47d691cdf888ec6389666756b7c9e89b0d971d37256
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 08:59:09 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145514
date
Sat, 08 Nov 2025 08:59:09 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
pc_blog_interstitial.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		1 KB
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_interstitial.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
88be574e0c528801a7136fe617c4addca09a980d1ce6d3c168a3cd93e829087e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"cc45d04f3bf9c397da3fb29f8bf87a44"
age
201
via
1.1 386f14ac9de363c565d435be2317d28c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1SSah6BM8_7onLWIHkMaeo6deYzSRdmmRHtHPuB2I6e9j4KKSBJRiw==
date
Sat, 08 Nov 2025 08:55:49 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Mon, 28 Apr 2025 04:26:16 GMT
x-amz-server-side-encryption
AES256
pc_blog.js
image.excite.co.jp/jp/ox/gpt/ 		34 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0bbbb58003463134857d74b642aae70b80b3b3c7fc7925c31e3377da092cd0b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"c7651bade94a8f849290ed7573709ab2"
age
262
via
1.1 386f14ac9de363c565d435be2317d28c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
RCxpX7SXfeGfJeJ6ny1brA32LRtpkKAW0KGy_NM2miQFe3JUwzygcw==
date
Sat, 08 Nov 2025 08:54:48 GMT
content-type
text/javascript
vary
accept-encoding
server
AmazonS3
last-modified
Wed, 29 Oct 2025 06:09:37 GMT
x-amz-server-side-encryption
AES256
exblog.css
image.excite.co.jp/jp/ox/gpt/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/exblog.css
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fe35a9faa667b765290de5ccc3d72389fe061f1972b9897725f4bb7ebe7f364

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-cf-pop
NRT57-P9
content-encoding
gzip
etag
W/"b46e5a315373ffc27505d3c6f852d137"
age
326
via
1.1 386f14ac9de363c565d435be2317d28c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
umRPe-cMhB46WgBY9sObuN_ZUGU7E4oGzbwzyWusgE3jh6m8riNaRQ==
date
Sat, 08 Nov 2025 08:53:44 GMT
content-type
text/css
vary
accept-encoding
server
AmazonS3
last-modified
Thu, 10 Apr 2025 08:14:55 GMT
x-amz-server-side-encryption
AES256
main.css
s.eximg.jp/exblog/user3/css/ 		49 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06744d7c6fad3342f81eec248a0fee7a91da9e107323a2b258a1cff749d69d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"fe041e6bbcb3d5748cf495e956c7080f"
x-amz-version-id
cg61_m.sftKcSZv9IDxwbw1Hl.EW0lMC
age
14048
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Wi0qIdCo47wFbtzjXLZorwV2L__bUm44r-7hPB1Av2A7gbP9td22RA==
date
Sat, 08 Nov 2025 05:05:02 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
a01401_01.min.css
pds.exblog.jp/skin/css/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pds.exblog.jp/skin/css/a01401_01.min.css
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-122.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c06a5e89dacc8f6b30863312339b881230e92594d3e883b9fb14d24c830079fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
br
etag
W/"807a85c3670b4ce5b6338757afa9937c"
x-amz-version-id
null
age
81902
via
1.1 c425e7db1f80ed9bfda931a198ff10d4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9NecXS0VmA3XfirAASfHfwDN66w5Sc18KIzl3xPbj1BByiedlIGplA==
date
Fri, 07 Nov 2025 10:14:08 GMT
content-type
text/css
last-modified
Wed, 19 Jul 2023 08:15:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
pc_blog_overlay.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		20 B
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_overlay.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ee110dbcd43f529cefff78de1c2c7dcb701f85750803e0434670b888b40cf42

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
etag
"cf0a22e75c80423724aefe3f29d62dcc"
age
223
via
1.1 386f14ac9de363c565d435be2317d28c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
20
x-amz-cf-id
zzRqCuhyrO6TpkGUDCdH8Hub82JhWkIxX6tYLrmY2EFnA5mlkAmp4g==
date
Sat, 08 Nov 2025 08:55:27 GMT
content-type
text/javascript
last-modified
Wed, 22 Nov 2023 03:16:05 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
x-amz-server-side-encryption
AES256
dmp.js
image.excite.co.jp/jp/ox/gpt/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/dmp.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4db37d3b185e5d1141e79fca02dba385de6ec04d19783648466a7b412e0c6c6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
W/"c8711f4eb7d8c39193f20dab0b80d8e7"
age
382
via
1.1 386f14ac9de363c565d435be2317d28c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-_8g0wKxjmKLgdJ9h8Q5wHcybBslm1iSKwe7fvbb3s4R3MXD6p_L1A==
date
Sat, 08 Nov 2025 08:52:48 GMT
content-type
application/javascript
last-modified
Fri, 30 Oct 2020 11:17:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
vary
accept-encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
3442ec0496188a689fe70a3ebcad7b8ad2aa5331e49de25d37ff29580d088921
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
568 / 20400 / m202511040101 / config-hash: 853804471933052373
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33997
x-xss-protection
0
server
cafe
exblog_00138.min.js
flux-cdn.com/client/00125/ 		598 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://flux-cdn.com/client/00125/exblog_00138.min.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6f40b89f97a2021c030bea7f28fef4d47b1ecd859e600f9d63649a5b60b8aeb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=300
content-encoding
br
etag
"51914c9c12c0b9bf9cb0f6ce47ee2ad9"
age
210
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-amz-meta-release_job_id
18567
content-length
169050
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Tue, 04 Nov 2025 00:55:20 GMT
content-type
application/javascript
vary
Accept-Encoding
apstag.js
c.amazon-adsystem.com/aax2/ 		344 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.132.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-132-164.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a22bd3e31a724c89c7872e733cbb00dabbdbd3c126f41ebc2e7a1ea70412451

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"c1f46a99d4a4e5632a4e581187980ae1"
age
757
via
1.1 4313fc64a6afe03d0bac7c0ec16021b8.cloudfront.net (CloudFront), 1.1 925dba8d74793c4ef37e5c9999f4e92a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
uT_uUtm-EI-iLCzlUGjt0xcI4R00GwzlSrxmBJUmAZZkyh3aB8n5cQ==
date
Sat, 08 Nov 2025 08:46:33 GMT
content-type
application/javascript
x-amz-cf-pop
NRT20-P9, NRT12-P1
server
AmazonS3
last-modified
Thu, 06 Nov 2025 21:44:55 GMT
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		327 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:806::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02756d1b52ed099f3099959059158ef6c5cafb5169b928153871251df06eecf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
expires
Sat, 08 Nov 2025 08:59:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 08 Nov 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
114964
x-xss-protection
0
server
Google Tag Manager
pc_blog_billboard.js
image.excite.co.jp/jp/ox/gpt/display/pc/blog/ 		19 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image.excite.co.jp/jp/ox/gpt/display/pc/blog/pc_blog_billboard.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.175.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-175-43.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09359e654a4198a8740f0b735c9d94c00875f46dcf920fb50ba8efc5fabd66d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

etag
"928d76cd7c646339f00d8bc6870b5ee2"
age
186
via
1.1 386f14ac9de363c565d435be2317d28c.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
19
x-amz-cf-id
lRgImpRDb2VHRbcDaxoUKemV-i2gLc91i0-D4m3b0gxrrTxLJPsR1g==
date
Sat, 08 Nov 2025 08:56:04 GMT
content-type
application/javascript
last-modified
Mon, 26 Apr 2021 09:58:36 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P9
vary
accept-encoding
widgets.js
platform.twitter.com/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-nrt-rjtt7900031-NRT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
logo_exblog.svg
s.eximg.jp/exblog/user3/img/header/ 		44 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/header/logo_exblog.svg
Requested by
Host: s.eximg.jp
URL: https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edf44487f4da57757afaa928aebc937dcc957984dfe3beb6a7464070861db172

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"264f4377d5fe2bac95746a671b8e56ec"
x-amz-version-id
k9dnybSkuITTKIJhy2r9zKSho8tBg10G
age
11537
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
RjZqDJFvd_BLNz4ZULpvwCWzCQeZJAsXB6tcR0LvV9nE3tMsiCtUcA==
date
Sat, 08 Nov 2025 05:46:53 GMT
content-type
image/svg+xml
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
btn-search-white.png
s.eximg.jp/exblog/user3/img/header/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/header/btn-search-white.png
Requested by
Host: s.eximg.jp
URL: https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
603b19e63cfe4fc5e1405ffedc90135e5c54400bdcca5711184200bf9e0dda40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://s.eximg.jp/exblog/user3/css/main.css?22b9ae7a0a945844efd971093024fff99c5b2f64

Response headers

x-amz-version-id
KdNINm2BfM5VLCWK3A5ePUeiu0wtdTJo
etag
"c79d41eb7d5a946ae71b8fb8a869f2cc"
age
11520
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1092
x-amz-cf-id
UdLeAnT2xSpDN7vIvya6qNr87aMPGwMsCNrnItyeg6ZN48TFYpntDg==
date
Sat, 08 Nov 2025 05:47:10 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		3 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j102&a=1383782166&t=pageview&_s=1&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&ul=ja-jp&dt=Bitcoin%20and%20Ethereum%20%3A%20What%27s%20the%20difference%3F%20%3A%20TWINKLES&sr=1600x1200&vp=1600x1200&_u=YGBAgAABAAAAACAAI~&jid=433256342&gjid=1900209436&cid=1839057457.1762592350&tid=UA-8858058-55&_gid=881437107.1762592350&_slc=1&cd1=guest&cd3=3m&cd4=0&cd6=True&z=1295698131
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:812::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

report-to
{"group":"ascnsrsgac:211:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:211:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:211:0
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:211:0
content-length
3
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
656 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j102&tid=UA-8858058-55&cid=1839057457.1762592350&jid=433256342&gjid=1900209436&_gid=881437107.1762592350&_u=YGBAgAABAAAAAGAAI~&z=670713247
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9d , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

report-to
{"group":"ascnsrsgdc:147:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:147:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:147:0
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgdc:147:0
content-length
1
server
Golfe2
bookmark_button.js
b.st-hatena.com/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.st-hatena.com/js/bookmark_button.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-16.nrt20.r.cloudfront.net
Software
nginx /
Resource Hash
f09d9fdc476c87ca8574c34d19241af3fd93226d85f6b0048e36760c07984fab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
W/"690303b0-1990"
age
41218
expires
Fri, 14 Nov 2025 21:32:11 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
EEnK_VmOMlIewemi-PYU5YBRv799Zw-cqsDDngC9d8rrnUb1w7vpbQ==
date
Fri, 07 Nov 2025 21:32:11 GMT
content-type
application/x-javascript
last-modified
Thu, 30 Oct 2025 06:20:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=604800
via
1.1 0a93d569e179e335d0cc03a4b2f0dc0a.cloudfront.net (CloudFront)
access-control-allow-origin
https://b.hatena.ne.jp
x-amz-cf-pop
NRT20-P9
server
nginx
3402
config.aps.amazon-adsystem.com/configs/ 		531 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3402
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.169.5.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-169-5-94.nrt57.r.cloudfront.net
Software
CloudFront /
Resource Hash
e247f7b759dfe24cefb94bd6e106bb2cac01b1627678d9a0c6e904d9dc7e3878

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=3600
age
2077
via
1.1 9e5e35c6d8efe0052b3e4204b6e29d9e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
531
x-amz-cf-id
3LX4rdf6mblBA5VfHFG0YbBxLSm6fr2pUiiKknEIBIALI5PXrbpXEw==
date
Sat, 08 Nov 2025 08:24:32 GMT
content-type
application/javascript
x-amz-cf-pop
NRT57-P6
server
CloudFront
config
c.amazon-adsystem.com/cdn/prod/ 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3402&u=https%3A%2F%2Ftwinklesphotos.exblog.jp
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.132.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-132-164.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=21550, s-maxage=21600
age
16650
access-control-allow-credentials
true
via
1.1 925dba8d74793c4ef37e5c9999f4e92a.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Hit from cloudfront
x-amz-cf-id
XONGh9MbodZH5fhpdQFlhdoXMcuQzUoMbgIN7Lz6TwJ03ffsJepI-A==
date
Sat, 08 Nov 2025 04:21:38 GMT
x-amz-cf-pop
NRT12-P1
server
Server
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.132.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-132-164.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
age
16650
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
vhBSuG6oIHNHVkS3if2T-6BZ_dpuJc6OOi72Gs2nuQhrOl-0xprwxA==
date
Sat, 08 Nov 2025 04:21:40 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 80546d18551c7a71d08336dec4af66a6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
sdk.js
connect.facebook.net/ja_JP/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.216.128 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sea5.fbcdn.net
Software
/
Resource Hash
09059ddd93b79e044fa6a15d0304e80c7a9cf2fb8ba451a8e6e6df585dc54999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-md5
dg2KWcITOBbVcrts/PfThA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"8adf3666e4472776ec93de9a51d5c174"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:14:36 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
c94ae0d95d5cb2a76361cdbfb7224b49
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=110, rtx=0, c=23, mss=1232, tbw=4985, tp=9, tpl=0, uplat=2, ullat=-1
x-fb-debug
C7XgSs/zQfpvHUJohVzWoWgEJIkr5xfl5cVmZdw+Z1GIyG7lrU/2xBzY1B4T1gddZ4OtHo9qEIJOhFr7EUzIDA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
1687
origin-agent-cluster
?1
1.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixHYxudOaePU6HVV7UqLPNHRa1mgBUjK2aJe2D4CbRsYYiAeoVVOMczSOQyREwTxo8FCb4N72nO526i62zfZ86Bop1qN94ArYU4ANvVZevQ7Wd3mAvtXcJLkc7cJByg94h6mfLCLmwJ2Z6-XBx... 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEixHYxudOaePU6HVV7UqLPNHRa1mgBUjK2aJe2D4CbRsYYiAeoVVOMczSOQyREwTxo8FCb4N72nO526i62zfZ86Bop1qN94ArYU4ANvVZevQ7Wd3mAvtXcJLkc7cJByg94h6mfLCLmwJ2Z6-XBx1TPAJk9erGA29OfXZ77Qte-1Mq3ZjLc6gkdtLWUs-ilF/s16000/1.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
e357b745fe30d4304063b729cb6a30f345e2dca9b1cf8dcd19fe22c87cf7517b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v49b"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
267759
date
Sat, 08 Nov 2025 08:59:10 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="1.jpg"
2.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJwsBoDf0j-Nv8wRFRpVJOSaYHqjQ4cn_CzwviWHbScNUoVS9sdLgVeUrMDbAwXFOur5Ny1-GLrtTxKDvI-pKbgHhcTitSmENPAozc0Qx7dc7swXC6CWBuTg4bM7XGxIB_ywWZcBWMcBcgpAed... 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjJwsBoDf0j-Nv8wRFRpVJOSaYHqjQ4cn_CzwviWHbScNUoVS9sdLgVeUrMDbAwXFOur5Ny1-GLrtTxKDvI-pKbgHhcTitSmENPAozc0Qx7dc7swXC6CWBuTg4bM7XGxIB_ywWZcBWMcBcgpAedjsIgOe0kb34q2QjvgEomcKMxb5u9as3qU3Ot4u-NgLMq/s16000/2.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
142cd3a5fb350857001b79d3b1178b719d2881240d512b43aea98da8fba61d57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v49e"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2298461
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="2.jpg"
3.webp
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYiuAiVq2mumzPuLXYTdaVJyqNS9CXf3Z9YJaPpUbSIIe0-rtV43I6gws9bOp2H_zkGsNxJWiuDMZ1_pbDiX3rX3EX7Su6BdmNnxS3NWlZtLu4PqEtQJN3S8-BVoquEQR439acNEusbBRAqhOa... 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYiuAiVq2mumzPuLXYTdaVJyqNS9CXf3Z9YJaPpUbSIIe0-rtV43I6gws9bOp2H_zkGsNxJWiuDMZ1_pbDiX3rX3EX7Su6BdmNnxS3NWlZtLu4PqEtQJN3S8-BVoquEQR439acNEusbBRAqhOaFhF5e5vufFSRnzxOu23paONJ5AWMpLXcG10JOfHzDH6K/s16000/3.webp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
942e1295e707d486f152357ff12608f59eb771f63d3069d11fc61cc756da80f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v49f"
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48451
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="3.jpg"
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		160 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
6b4b3719b31eb0e2f455804068ea8107efd7175a4e055a6d10863cc4e3a8a1f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
9769030045322823102
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55308
x-xss-protection
0
server
cafe
e043743820240118094946.png
pds.exblog.jp/logo/1/197001/01/38/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pds.exblog.jp/logo/1/197001/01/38/e043743820240118094946.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-122.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcdeaeebab1faae706be2c05fc793f3b723031845d687e492376584c8d6a2f92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
null
etag
"62d5ba881269012d098df4991e72d4f5"
age
9868
via
1.1 c425e7db1f80ed9bfda931a198ff10d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8115
x-amz-cf-id
v38LrXkGnDL73neW57RPaYpU9GjLrTgsNGleIaUzMLBTP-N8EbJP3w==
date
Sat, 08 Nov 2025 06:14:42 GMT
content-type
application/octet-stream
last-modified
Thu, 18 Jan 2024 00:49:47 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
banner_l_17-5.gif
md.exblog.jp/img/genre/banner/2/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md.exblog.jp/img/genre/banner/2/banner_l_17-5.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-99.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1075dbd8e50dbefedaa0a8e6251f654cbdc25c58d41060d902aeba6b8648fb57

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
null
etag
"192e0bd33628b6c54b4d176281f3df23"
age
72353
via
1.1 3eb3661a656b87ae525ed798454aefe2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
7405
x-amz-cf-id
e-391syYWXv65CyOD20VrySyoz_gIqBMI6bkBerZLPEua65_enuGeg==
date
Fri, 07 Nov 2025 12:53:17 GMT
content-type
image/gif
last-modified
Mon, 10 Apr 2023 06:27:01 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P9
x-amz-server-side-encryption
AES256
banner_l_17-2.gif
md.exblog.jp/img/genre/banner/2/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://md.exblog.jp/img/genre/banner/2/banner_l_17-2.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-99.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feda41fd13b033c850fed32cc18e53490ac4e28b1bddaae427edbde4beab610f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
x-amz-version-id
null
etag
"2aa4f3965ce5c54bb7eb1f177d5fa84c"
age
34315
via
1.1 3eb3661a656b87ae525ed798454aefe2.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
8689
x-amz-cf-id
bkUkxxyvfiloq94o92-d0FqVW5s72h7z4h5gces9Rh3rmtK3qYepzA==
date
Fri, 07 Nov 2025 23:27:15 GMT
content-type
image/gif
last-modified
Mon, 10 Apr 2023 06:27:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P9
x-amz-server-side-encryption
AES256
logo-to-excite.gif
s.eximg.jp/exblog/user3/img/layout/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/layout/logo-to-excite.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d61b2e1e812644b72ee86c38dca895266813d59360f92cb7c3f365978129708

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
5oPSHXl56MX3XKULF8WWZnT1AHC24kX1
etag
"4e6e76b265d31b59bee6c00d9f40c01c"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2417
x-amz-cf-id
VT76DNizxAfrgrqGIkiH3YS2MrR7W3OIsz-ebLHk3PeCJvxlZX2BKg==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:32 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
exblog-facebox.js
s.eximg.jp/exblog/user3/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/js/exblog-facebox.js?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
90289b868561ed36a7007e3ff1a12b0674210c56aa55cae278f9ec80f8cb6bf3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"c09e1520d4f1d21f89379c7fd0b1f8b8"
x-amz-version-id
E3U_03UnBE1IFtNhVLDYIjAed1XRu_91
age
14063
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hV5vH9CsVSMHTl5FGfoXXtsxkZnOQhWZSnkGlSs-k-3IoSyazGk1cA==
date
Sat, 08 Nov 2025 05:04:47 GMT
content-type
text/javascript
last-modified
Fri, 17 Oct 2025 04:58:35 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
facebox.css
s.eximg.jp/exblog/user3/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.eximg.jp/exblog/user3/css/facebox.css?22b9ae7a0a945844efd971093024fff99c5b2f64
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bbdf8eefbcdec2d9f88f7e452316b39228bdf9ac58b7523964d8f2ff84e9236

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
content-encoding
gzip
etag
W/"5cf0b6d214131267e85f774cf8bb5406"
x-amz-version-id
1p5C4jBqoeRkoqRO_REL0y8O29mtxFnu
age
14065
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
S4Gmcxw902ZJ0-7yrAj90_XV1flNC8FGhFzHWlmvhs3KeF13IRUt1A==
date
Sat, 08 Nov 2025 05:04:45 GMT
content-type
text/css
last-modified
Fri, 17 Oct 2025 04:58:30 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
icon-close.gif
s.eximg.jp/exblog/user3/img/facebox/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/icon-close.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc3c8f67291b46b0b7c26148f146db5c486d049c5a4996643bcdbfb005917082

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
flX9yc3TgSzPyKGNzrYBTJM.AxsQlLic
etag
"0e5462b0b4f00432eac4b33d5fa31c5a"
age
11540
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
979
x-amz-cf-id
01DhaE9f69PFBXHANk09E-zaCA55Kj_hzfIJES21mZOvRTs8gaCDAg==
date
Sat, 08 Nov 2025 05:46:50 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
itm.js
dmp.im-apps.net/js/8266/0001/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/js/8266/0001/itm.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
ea89d46b95924261fc238dfb667fe2c2e89f0d461a6faf3e0d20bd7927f288cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=9365
content-encoding
gzip
etag
"04bf9faf0991be622104832434aac5b9"
x-amz-version-id
BCOYcpwo.YY1NadU_svr_9qfq4z7GSSN
expires
Sat, 08 Nov 2025 11:35:14 GMT
accept-ranges
bytes
access-control-allow-origin
*
akamai-loopback-request
8096267
content-length
780
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Fri, 15 Jan 2016 09:30:56 GMT
content-type
application/javascript
vary
Accept-Encoding
/
logging.exblog.jp/ 		43 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://logging.exblog.jp/?request_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&blogid=e0437438&serial=33443955&referer=&login_blogid=&tag=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.238.63.60 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-238-63-60.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache
content-length
43
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.22.1
img-loading.gif
s.eximg.jp/exblog/user3/img/facebox/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-loading.gif
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
81ea81be1d862d36c34b6dc4f12aefb87b656e319003263d8274974b48ccf869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
yvjH3nWmrBo2zhl_6Y3bDyEOXIGryah5
etag
"7e99e1159a3686f6aa4f90043c554483"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2767
x-amz-cf-id
P7v6ojcYs3XjNewtkKC2KaWdk-3QplEGmYVZyBQ20cnuqswNX84h4Q==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/gif
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-top-left.png
s.eximg.jp/exblog/user3/img/facebox/ 		132 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-top-left.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f52bc51c65a9e30cf1733c3a54b7eebc13edba95834cd9f7184131dc06ddbfe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
V5aOcUzn2Zw3q43T51njLl_FiaS3L6rr
etag
"02e125bbaed0093265655bc9bb36265f"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
132
x-amz-cf-id
EhWs8dzwTcn1zs3X6Txddm08gPKsHWOiS7XhPEs5Mwh4QIkRmWK_7Q==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border.png
s.eximg.jp/exblog/user3/img/facebox/ 		84 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5ea0feb6780869811fbc088a8f8f2e2d715b09540885306edd228b1dafdbcc4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
0QcbId0kkrIPFpaHTPgW6qR3cHCnhKqh
etag
"6d5ebfa02c59a2ba7bc8906e888911c8"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
84
x-amz-cf-id
g2juaPWuhLelPXP7TjTVFwerMP71XLKWg30gzTtS0hDu1DkalfEQ6Q==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-top-right.png
s.eximg.jp/exblog/user3/img/facebox/ 		125 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-top-right.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c964938d7c06e404dd521487654a489fdbbcbf8f55c79fe5693808b7aed4305c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
sE9lp8PlArAo7lDvsIkW2O2p6cb2v6B.
etag
"7b0f5e3d1dee42a15daa83c543d3ed03"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
125
x-amz-cf-id
HL7niQy_hrr--a0hmYbWFnZD9lehtLsyIbhx3iV7r9PPglfJL78tKA==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-bottom-left.png
s.eximg.jp/exblog/user3/img/facebox/ 		124 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-bottom-left.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0d19d08cb31495a801c0a81631d5e81c0528981f403cda57fa0134a526d1fc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
3FRBIH.Yf3ACBZeukSoejFvKLuNPsqzv
etag
"1dc6e3caf8defd8df126cb8d0631c58b"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
124
x-amz-cf-id
Pyl_HTiRFepsK4CShZwSPpjzMRtFwU30Le8qkhOukiiK4wb6EgkJQg==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
img-border-round-bottom-right.png
s.eximg.jp/exblog/user3/img/facebox/ 		124 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.eximg.jp/exblog/user3/img/facebox/img-border-round-bottom-right.png
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-4.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff56024d51fb27ab3b6212239c8e38972681b84e1eff17e9bbe0d59e392d6559

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-version-id
m_1vvQ.rqNC9GbW5.MQ2mkfXvifx8FFc
etag
"e674cba1293fb82871366299f905f669"
age
11538
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
124
x-amz-cf-id
YYxjmhPXDvzJhY6iDDX8RHxaRfTbdnSE8OflGDhjp3NJgS0eR-jnfA==
date
Sat, 08 Nov 2025 05:46:52 GMT
content-type
image/png
last-modified
Fri, 17 Oct 2025 04:58:31 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P3
x-amz-server-side-encryption
AES256
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 0334 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Sat, 08 Nov 2025 08:59:09 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-nrt-rjtt7900026-NRT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		159 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8544321996124660
Requested by
Host: image.excite.co.jp
URL: https://image.excite.co.jp/jp/ox/gpt/pc_blog.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
addde7ab6fc49c9d5c2259c63ea52b58a9d5cd12c0d8b18ff022cdfbdd2d7fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
5901587059873295275
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
55227
x-xss-protection
0
server
cafe
settings
syndication.twitter.com/ Frame 0334 		870 B
951 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=38aeee6990225948527d9140826b68b92ddd6651
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Ftwinklesphotos.exblog.jp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://platform.twitter.com/

Response headers

x-transaction-id
a99799fb69626d40
content-encoding
gzip
cf-cache-status
DYNAMIC
x-response-time
7
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/json; charset=utf-8
vary
Origin, accept-encoding
perf
7402827104
x-served-by
t4_p
strict-transport-security
max-age=631138519; includeSubdomains
cache-control
must-revalidate, max-age=600
origin-cf-ray
99b3df6a3cb8afb8-SEA
access-control-allow-credentials
true
cf-ray
99b3df6a3cb8afb8-NRT
access-control-allow-origin
https://platform.twitter.com
content-length
338
server
cloudflare envoy
index.js
cdn.nidan.d2c.ne.jp/1.0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.nidan.d2c.ne.jp/1.0/index.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.166.244.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-244-56.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dde9ced87fcbee6180d08642a89eccdcacae929c63d0f873b4c1f82f8c4435c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"6f71da711220ce0f35c311a838a11bb0"
x-amz-version-id
null
age
6778
via
1.1 5970c35f31e33324509ad974cb7a8128.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
RjpO3yGtnY9-Hzxp6nMBUFye06zWWUEMLBdnFEYAseN2EuKo4H6new==
date
Sat, 08 Nov 2025 07:06:12 GMT
content-type
text/javascript
last-modified
Wed, 08 Oct 2025 07:05:03 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P6
x-amz-server-side-encryption
AES256
tag
btloader.com/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5727730570625024&upapi=true
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:ab85 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41afd2f3734221881cf67e89567dab76a5a136e7c3474e7afb6b3a8727a92623

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=300, stale-if-error=3600, stale-while-revalidate=300
content-encoding
gzip
cf-cache-status
HIT
etag
"b2b12b16145a3b6b3f1e32ecdc34f5dc"
via
1.1 google
cf-ray
99b3df6a7a76d4f7-NRT
access-control-allow-origin
*
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/javascript
last-modified
Sat, 08 Nov 2025 08:13:26 GMT
server
cloudflare
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:aee2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1796d2e5d57af5bfaf616113335dbd63c050b0325c995c0f8e4f97a47259fce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"64c-bP93R9Rg2gXa4z8l9y0bpLwrZsQ"
age
569
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E2b0lGaIyWy8oLfBpUrbI5HkAxlEbaajIoqB3rQ56SqQoG0%2FzWtmURQpiBdbxuiudxsX3u1DC3qqUGRImKS3Kz45rO52%2Fu25PA4VLgbJZR%2F7OJaeadapfst%2B%2FWuKUaEzLpV2%2B5BjmSEJ%2Bfzu%2Fro%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220102-FRA, cache-nrt-rjtt7900070-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b3df6aa9dae357-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
854
server
cloudflare
x-jsd-version
1.0.2603
v2
yield-manager.browsiprod.com/prebid/ 		220 B
538 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/prebid/v2?sk=exblog&pk=excite&sw=1600&sh=1200&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&eu=false&t=1762592349866&pvid=77af46eb-796b-4291-b9db-39ea90e58c42&us=%7B%7D&at=Bitcoin%20and%20Ethereum%20%3A%20What%27s%20the%20difference%3F%20%3A%20TWINKLES
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.125.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-125-95.kix50.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
d4e474c3a018d9e5074a26422bbd6f944893435ae146930a00aad871cee30839

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 f401b2fa5646a7624939d261a748e02c.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
x-amz-cf-id
7EhJbJOqtS3X-g7jNZ91bZzAaLh08n4DVrWfTizw3E_oYc7l-EGJ8w==
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
text/plain; charset=UTF-8
x-amz-cf-pop
KIX50-P3
server
akka-http/10.2.1
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 		600 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
ea47742e94e6a95b08832e9e5875a5a73ab2ea3bc740e6938d927c39e03273bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
14735669544948044405
age
73351
x-content-type-options
nosniff
expires
Sat, 07 Nov 2026 12:36:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 12:36:38 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
193950
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		375 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:806::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a6eabfb5832681d3a7386d4e2c216a1fd3e8b8bfd21c4e7fb8e295ce9810225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 08:59:09 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134683
date
Sat, 08 Nov 2025 08:59:09 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
js
www.googletagmanager.com/gtag/ 		419 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSPWGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:400a:806::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28d1358ebc548f7b1daef9c9a84890b6cbc0e0b7c9d397c6cc4078f8779485d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sat, 08 Nov 2025 08:59:09 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145522
date
Sat, 08 Nov 2025 08:59:09 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Sat, 08 Nov 2025 08:59:09 GMT
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200086-IAD, cache-nrt-rjtt7900031-NRT
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2620
x-amz-server-side-encryption
AES256
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-02abf57940a1f70ecd4c584d270e0035-654a8366e77e6284-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
02abf57940a1f70ecd4c584d270e0035/7298790624101032580
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z6VR2N8KNZ&gtm=45je5b50v9174502665za200zb71867219zd71867219&_p=1762592349400&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1839057457.1762592350&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528501~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638&sid=1762592349&sct=1&seg=0&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&dt=Bitcoin%20and%20Ethereum%20%3A%20What%27s%20the%20difference%3F%20%3A%20TWINKLES&en=page_view&_fv=1&_ss=1&_ee=1&tfd=992
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z6VR2N8KNZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:106:0
report-to
{"group":"ascnsrsggc:106:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:106:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:106:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
text/plain
server
Golfe2
audience
cnt.fout.jp/segapi/ 		15 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.fout.jp/segapi/audience?callback=_itm_.sa_cb&cvid=mHDmdffSCFxfWgmjsQ
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8266/0001/itm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.39 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bc96117cb3eea4c79f15172c6be567e3675d7b32ed0d617f7e4175f4e5c1c675

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
Access-Control-Allow-Origin
*
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 08:59:10 GMT
Content-Type
application/javascript; charset=utf-8
Server
nginx
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/ 		501 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c67b67498d4a538f47e089bb36c003d924c56cb33b8fb691f3687cd4487e8cb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
12022265679802278726
age
73125
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 12:40:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 12:40:24 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
169325
x-xss-protection
0
server
cafe
pre
js.api.nidan.d2c.ne.jp/id/nidan/ 		52 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.api.nidan.d2c.ne.jp/id/nidan/pre?callback=d2c.nidan.ns&origin=https%3A%2F%2Ftwinklesphotos.exblog.jp&domain=twinklesphotos.exblog.jp&referrer=&nv=2
Requested by
Host: cdn.nidan.d2c.ne.jp
URL: https://cdn.nidan.d2c.ne.jp/1.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.178.205.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-205-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7dd63079c6e0bfd01452083e7d0be52fbf4b0486f0a60fa0b0b28dae92743aa3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
max-age=7200
content-length
52
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/javascript; charset=UTF-8
px.gif
ad-delivery.net/ 		43 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.30898559821870075
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983121
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:10 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df6bcda162d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.6099583718200821
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
110 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.3455371313227993
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983121
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:10 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df6bcda662d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
dns
ab.dns-finder.com/meta/ 		2 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.dns-finder.com/meta/dns
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.200.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers
X-Resolver
x-resolver
default
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/plain; charset=utf-8
vary
Origin
trustedIframe.html
btloader.com/ Frame 5C35 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://btloader.com/trustedIframe.html?o=5727730570625024&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:14bd -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d777e3df9814ec252061059134ea3be6e0d9fcb692c08f43f8683b50b28eda7

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=3600, stale-while-revalidate=3600
cf-ray
99b3df6bd8cde0ac-NRT
content-encoding
br
content-type
text/html
date
Sat, 08 Nov 2025 08:59:10 GMT
server
cloudflare
vary
accept-encoding
sdk.js
connect.facebook.net/ja_JP/ 		256 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ja_JP/sdk.js?hash=980985d9f313483bcd55506277250823
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
57.144.216.128 Seattle, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-sea5.fbcdn.net
Software
/
Resource Hash
f2bee78d72ca06d508f99612584316455ce3038aaa28834d6c503baec90d8f59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-md5
Y7axlxh3Rwuozl+qHY9vWw==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"351a94d88f7db4382696ac3020ecb28e"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sun, 08 Nov 2026 07:31:07 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
f8e552347dd157358685f4a968061f8d
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=109, rtx=0, c=27, mss=1232, tbw=8889, tp=15, tpl=0, uplat=0, ullat=-1
x-fb-debug
IDhcWotuONUchF0GjNfhGs/N7fKvBHxW0XSKSx+cXuqvBsBH1bI8ayx6YED/tBJk1Qbmjtqpnuo1viNqk8LI7Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
77080
origin-agent-cluster
?1
bootstrap.js
cdn.browsiprod.com/bootstrap/ 		56 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/bootstrap/bootstrap.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.197.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-197-46.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b362da3617d82c0a21be6255810aa40acc8e1f6640af0c418fe6e63e25a07fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=3600
content-encoding
br
x-amz-version-id
AtXFtaQ.gkG4VQMOtIVf0pwxM7jVXFts
etag
W/"45333f10311ac91fa33fef08a89414fa"
age
1730
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
YJLZ3TIK1VOtZWbiosU1FGU4lexGIQHRwHoi0NyXPrZ4ldae5XaSqg==
date
Sat, 08 Nov 2025 08:30:21 GMT
content-type
application/javascript
last-modified
Sun, 02 Nov 2025 08:34:13 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P8
x-amz-server-side-encryption
AES256
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 08:59:09 GMT
server
Server
via
1.1 a9d37456b91f962deeb364728ebd872a.cloudfront.net (CloudFront)
x-amz-cf-id
lFEyWLq9hl3gndFo2vfPi0LhUp8a7s13KDrOBQXeieR8rnhQrR1wqg==
x-amz-cf-pop
NRT12-P8
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
server
Server
via
1.1 a9d37456b91f962deeb364728ebd872a.cloudfront.net (CloudFront)
x-amz-cf-id
H9i5no4mtllDlW4YQE8xkW4HQ_gGbXRc9a90qpYcxo-5EcFA4PNeig==
x-amz-cf-pop
NRT12-P8
x-cache
Miss from cloudfront
bid
aax.amazon-adsystem.com/e/dtb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-encoding
gzip
content-length
0
date
Sat, 08 Nov 2025 08:59:09 GMT
server
Server
via
1.1 a9d37456b91f962deeb364728ebd872a.cloudfront.net (CloudFront)
x-amz-cf-id
zPXxJFGJZKS0aWAwBzuIKDbSWd5vtQPq5OW8ZEi2ndKLIBVUOmKP-A==
x-amz-cf-pop
NRT12-P8
x-cache
Miss from cloudfront
adagio.js
script.4dex.io/a/latest/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/a/latest/adagio.js
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
299314ceedf1362e55e1caf70d8ab51202c931224793b9b5463c86411ae42721

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
br
cf-cache-status
HIT
etag
W/"b5ccbcc2259cdb10e0b65bbd0798ca7d"
Age
7674
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4KvdsK5NfQRfJV19GDQ14ACKKPqib1G5%2FYH5sWc9CY7rESgJYSMEay%2BMhcvPRbaJYHYVUtVzN0Ip0b%2BMxuOOqTYUb8mwy6d8vi%2FcZj%2FMMuKZq5chPEo4e7c%3D"}]}
Expires
Sat, 08 Nov 2025 09:29:10 GMT
Date
Sat, 08 Nov 2025 08:59:10 GMT
Content-Type
application/javascript
Last-Modified
Wed, 10 Sep 2025 13:49:52 GMT
Vary
Accept-Encoding
Transfer-Encoding
chunked
Cache-Control
public, max-age=1800
Nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Connection
keep-alive
CF-RAY
99b3df6c7f5b31a1-NRT
Server
cloudflare
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
397 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
7dc78c5c119373b361b76d7e9c1b2759725163789661df908ee4cd8faf842676

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
sUVGoYtBmIzKhUflPysREiwk3E57i3Z3YfrresdG-XSJn8hYfBHf4w==
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT12-P8
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
f9407c584179c346760e40a7f07d14807fdd268510692529d44d0e2bd9379ac0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
cCmrCMGLqfRHYiMA4yvgEZ5Ao8r1RHH9xjo9Ge4ylta6KcYJ97KxQQ==
date
Sat, 08 Nov 2025 08:59:09 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT12-P8
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
5ba40df0b5475745c6ca953e7cbbdf7ee5feeaf3ea29782607c6dc31c6b0c173

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
NVbtg2HZQos-9ihqV6JkV42vPl4UljTrDCDZPsRM1P-B426iDBVufA==
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT12-P8
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame DDA0 		105 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
sffe /
Resource Hash
018185e30fbbce704be5b336095797ee6594f767c5c81ebc4945257994adad3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2673
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29887
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:14:37 GMT
expires
Sat, 08 Nov 2025 09:04:37 GMT
last-modified
Mon, 03 Nov 2025 20:43:45 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=167238123525377&correlator=4183075366412466&eid=83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&dids=gpt_unit_%2F18333008%2FPC_blog_int&sfv=1-0-45&ists=1&fas=8&fsapi=1&sc=1&cookie_enabled=1&abxe=1&dt=1762592350215&lmt=1762592350&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762592349291&idt=788&adks=381580271&frm=20&eoidce=1&pbbce=1&td=1&egid=49490&tan=954987fa-dda1-4fca-960d-4544cb9807ce&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
14ab0dc6da031133985d169b016c7984a782c82aea282999ebcfaaa267c5c4e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
google-lineitem-id
5984413840
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138388250744
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
17773
x-xss-protection
0
server
cafe
container.html
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame BF97 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Sat, 08 Nov 2025 08:59:10 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
081f94d2c63723df86834268d381fcb54bbeda3566e1ca95f3c7ea1f7f1dc217
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
13914731579438644706
age
70814
x-content-type-options
nosniff
expires
Sat, 07 Nov 2026 13:18:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 13:18:56 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
19818
x-xss-protection
0
server
cafe
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_left&tagId=44737%3A1000303245&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 08:59:10 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
a23b81ea736323334c6d099600d193f3c049a247cb61f338ae1c3e9974df81fd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=302
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
d4239e44-144f-4e89-87d6-e355a15d784b
x-xss-protection
0
server
nginx/1.25.5
translator
hbopenbid.pubmatic.com/ 		0
70 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:10 GMT
server
nginx
prebid
hb.adingo.jp/ 		0
342 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_left&tagId=44737%3A1000303245&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
server
nginx
access-control-allow-credentials
true
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209341&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.165 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
caeba8b541d07e1bcea183cc128c72b0f90b4e8e9eefbeea10696f347ce88c00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-ng44.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 08:59:10 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad283
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209341&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.171","key":"aQ8GXsCo8JAAAP.Y384AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad283"}
X-SO-HostName
m-ad283.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ8GXsCo8JAAAP.Y384AAAAA
Content-Length
94
X-SO-IP
146.70.201.171
X-SO-Ads-Time
27
Server
nginx
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
187 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
812 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=hlQJ4BI55&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_left&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&prebid_id=1435b07b1a01fbf&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d5e97b0-4f6d-493e-8fa0-c931cebe7ae6%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.254.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-254-35.nrt12.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
s_CVqBKRXOSASHhFmF57BlHbkcWgi9fVB4gADk1eVVgKnYABHfRJOQ==
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 50979cf9aec23385883dc6e2fd176c12.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT12-P9
query.ad
sp.gmossp-sp.jp/hb/prebid/ 		0
592 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sp.gmossp-sp.jp/hb/prebid/query.ad?tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&bid=163706b899bc05&ver=9.37.0&sid=g945014&shared_id=2d5e97b0-4f6d-493e-8fa0-c931cebe7ae6&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&meta_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&cur=JPY&dnt=0&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
24.98.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-methods
GET, POST, PUT, OPTIONS
observe-browsing-topics
?1
expires
Thu, 01 Dec 1994 16:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/html; charset=UTF-8
x-cloud-trace-context
b0ed82e16387af3a9ab2b33869c4522c
access-control-allow-headers
Origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private, max-age=0, no-cache
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
0
server
Google Frontend
pbjs
htlb.casalemedia.com/openrtb/ 		132 B
717 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173250
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0f19bdc470c136286106a0c2102a83665584d9c107f9f8cee9028246da7aa1e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4QPhtWG59gbx71xUvl7tXvvG0nv9uNHRttsj1JKHbzvkP5Hq6tu9AwCTD4UvtV5yDfAFrkl12VcYJm0yx7qs4%2FQbrOd7sK2VjF9BmT%2FGCeoTiTw%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b3df6d4f08e36d-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
117
server
cloudflare
/
shb.richaudience.com/hb/ 		0
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.93 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77fcc0c0f90bc729cb19ce531b5d49abdfe15b4b6953dc7b618f6ad80c67c1d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3df6d4ab58eb8-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279398&cb=4835769382&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=24e5dd613c47f03&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&uc=gpt_pc_blog_inar...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=4835769382&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=24e5dd613c47f03&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&uc=gpt_pc_blo...
133 B
365 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=4835769382&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=24e5dd613c47f03&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
3d51383740e24bf3b6c6adbb8e8b3988c69affe381ee30f87077803d97f935ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279398&cb=4835769382&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=24e5dd613c47f03&tid=cc7e3cf9-2f4e-4223-bedd-06bf205f03a8&uc=gpt_pc_blog_inarticle_rec_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_2_left&tagId=44737%3A1000303249&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 08:59:10 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209343&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.165 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
43d863d9d557775e3b81a2c95376385accf64437a2acb92aefcf3c3b5a063c22

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-tgng21.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 08:59:10 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad252
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209343&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.171","key":"aQ8GXsCo8XkAADfdO24AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad252"}
X-SO-HostName
m-ad252.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ8GXsCo8XkAADfdO24AAAAA
Content-Length
94
X-SO-IP
146.70.201.171
X-SO-Ads-Time
23
Server
nginx
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
809 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=M0bww75HL&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_2_left&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&prebid_id=30b0b0904db16908&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d5e97b0-4f6d-493e-8fa0-c931cebe7ae6%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.254.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-254-35.nrt12.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
Yhr4_WaBYpoSBuT053bpILegjQe6J2smfYiXd1Hup_Y2NojgRrcGFw==
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 50979cf9aec23385883dc6e2fd176c12.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT12-P9
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_2_left&tagId=44737%3A1000303249&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
server
nginx
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.93 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
9cc713584d20b3ac78b2b100b4625811a77bab0188e5c424b101b9cdfbc33222
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=202
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
3ec75018-dfdf-4fed-ba53-256e3d8e970b
x-xss-protection
0
server
nginx/1.25.5
translator
hbopenbid.pubmatic.com/ 		0
421 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:10 GMT
server
nginx
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3efcaebef785fe5a0f37c648fa176d2a7e6c19c82c780b8e2a95b7cf74ff992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
expires
0
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3df6d4ab88eb8-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
server
cloudflare
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279400&cb=52604596374&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=422958af37b9e72&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&uc=gpt_pc_blog_ina...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=52604596374&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=422958af37b9e72&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&uc=gpt_pc_bl...
133 B
368 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=52604596374&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=422958af37b9e72&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
aecfc252b2ddbc7510683fd05413e328a49ab8ee1a0f5c0e997b0919c95e3655

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279400&cb=52604596374&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=422958af37b9e72&tid=7b95023d-7f0b-4e1d-ad58-76270f668ce3&uc=gpt_pc_blog_inarticle_rec_2_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		131 B
716 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173252
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e885b6fb2e8262eba0abb4ccccd1588eab357db4d6d77fd558d77cee439d2963

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XGmHalsU5TZ6VEUr21iownVPs%2FAxyhsSS24dE2tMIT394VQH%2BmSXaxIIavFf587z7OY7Hdip3VPELmr%2FXlQtwpMebzOxTeDdtjCptlPj6wZiik0%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b3df6d4f24e36d-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
115
server
cloudflare
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_3_left&tagId=44737%3A1000303251&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 08:59:10 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
h_bid
y.one.impact-ad.jp/ul_cb/
Redirect Chain
  • https://y.one.impact-ad.jp/h_bid?v=hb1&p=279402&cb=61013933126&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=46ded14a8e1afd08&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&uc=gpt_pc_blog_in...
  • https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=61013933126&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=46ded14a8e1afd08&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&uc=gpt_pc_b...
134 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=61013933126&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=46ded14a8e1afd08&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
84333dcc42d3420c9e2a9d3834ed9bc5f5aab60c27f29c32b3e784f33e036732

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279402&cb=61013933126&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=46ded14a8e1afd08&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&uc=gpt_pc_blog_inarticle_rec_3_left&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		131 B
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=1173254
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d7cd865b81413828ffea2ab968079e0a3e06b6cc0e95225db4620c7d4eb67e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ior6ipltVUa%2F59U3sIBAwUFZ2x8iR3NmETbVOI61wiNdDr7HD1WRa9nFEryGUASkoT63zkQocHxL%2F7JEdLvtuloskRsFmb5iVs1t6KGNJxtMRFc%3D"}]}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
99b3df6d5f44e36d-NRT
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
115
server
cloudflare
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_inarticle_rec_3_left&tagId=44737%3A1000303251&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
server
nginx
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376368a7709b43df73e4a686854701d66e81f2dbc0ffaccdb5f9d53bb39e7b7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Shapings: no adunits with size and seat and mapping
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3df6d5ad68eb8-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
prebid
d.socdm.com/adgen/ 		92 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://d.socdm.com/adgen/prebid?id=209345&posall=SSPLOC&sdktype=0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.165 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
7dce0b62c7100361d1cedb8d03e67f566d9afa92333f8d2f1b16375b0515417c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

Content-Encoding
gzip
X-SO-LB-Hostname
m-ng12.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 08:59:10 GMT
Content-Type
application/json; charset=utf-8
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1086
X-SO-LB-Data
{"ban":false,"clean_query":"\/adgen\/prebid?id=209345&posall=SSPLOC&sdktype=0","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.171","key":"aQ8GXsCo8HAAAGFuDU8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1086"}
X-SO-HostName
m-ad1086.dc4p.scaleout.jp
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
X-SO-Key
aQ8GXsCo8HAAAGFuDU8AAAAA
Content-Length
94
X-SO-IP
146.70.201.171
X-SO-Ads-Time
73
Server
nginx
/
shb.richaudience.com/hb/ 		0
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.253.24.93 , Singapore, ASN133210 (ENTECHNOLOGIES-AS-AP EN Technologies Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
86400
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
server
nginx/1.14.1
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
810 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=aj0f2cOHk&skt=5&gpid=%2F18333008%2FPC_blog_inarticle_rec_3_left&tid=23bbe1f7-bb8f-4bd4-9457-f5d26ed4210f&prebid_id=6004eab81850d6b8&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=2&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d5e97b0-4f6d-493e-8fa0-c931cebe7ae6%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.254.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-254-35.nrt12.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
GTVWpFARikO-JSqu82wdrbkLb-o4wMxBGmOKwci04ARZWXRm3a0-0g==
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 50979cf9aec23385883dc6e2fd176c12.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT12-P9
prebid
ib.adnxs.com/ut/v3/ 		15 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
8d83a1189694ee0650d56f34e947459049c7dc4c7d4026bdf4c9c49f02a1bdd5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=291
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
39cb6aa5-9764-4584-ab93-4934942ad516
x-xss-protection
0
server
nginx/1.25.5
translator
hbopenbid.pubmatic.com/ 		0
70 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:10 GMT
server
nginx
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-1d442d162fbe11b2cd4c584d270e0695-e0788bb3a8a27710-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
1d442d162fbe11b2cd4c584d270e0695/16174831665445762832
px.gif
ad-delivery.net/ 		43 B
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.18216243356431516
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983121
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:10 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df6d68e362d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
exd
api.btloader.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/exd?tid=Y9naVqovce-KLCYszjV-9a62b0df35&sid=1N9Vblii5v-HtWnNYabP-9a62b0df36&cv=2.1.167&upapi=true
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
vary
Origin
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/ Frame 2CB3 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20251105/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f2.1e100.net
Software
cafe /
Resource Hash
c13094a9d546c24747d3d0b33dc5662b36f83790cc35deedf764ab898b2ace61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

age
72281
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
3880
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 07 Nov 2025 12:54:29 GMT
etag
7188602577369524748
expires
Fri, 21 Nov 2025 12:54:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=gpt_pc_blog_overlay&cls=gpt_pc_blog_overlay&ign=false&pw=1600&ph=1200&x=0&y=1130.4
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ads
googleads.g.doubleclick.net/pagead/ Frame BE9D 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&adk=433290209&adf=473226989&lmt=1762592350&plat=1%3A16777216%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&pra=5&wgl=1&asro=0&aiapm=0.1542&aiapmd=0.1423&aiapmi=0.16&aiapmid=1&aiact=0.5423&aiactd=0.7&aicct=0.7&aicctd=0.5799&ailct=0.5849&ailctd=0.65&aimart=4&aimartd=4&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349975&bpp=14&bdt=684&idt=392&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4466936478226&frm=20&pv=2&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fsapi=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=410
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Sat, 08 Nov 2025 08:59:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4093 		110 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202511040101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f2.1e100.net
Software
cafe /
Resource Hash
85dc28d5078f9f7da057c2ecaa9c01fcb09427ca2313bd748d3082695b60f6fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28601
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Sat, 08 Nov 2025 08:59:10 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
platform.twitter.com/widgets/ Frame D916 		34 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.ja.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Tokyo, Japan, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
02d04afec46359550b450ac2c48d9cd4cf13a0299d32fff3047056f06cee188d

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
12889
content-type
text/html; charset=utf-8
date
Sat, 08 Nov 2025 08:59:10 GMT
etag
"b4ee8875191d05848bcb34575c58675f+gzip"
last-modified
Mon, 11 Dec 2023 17:19:48 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kcgs7200162-IAD, cache-nrt-rjtt7900026-NRT
embeds
syndication.twitter.com/i/jot/ 		43 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Excite_blog%22%2C%22language%22%3A%22ja%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1762592350413%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=38aeee6990225948527d9140826b68b92ddd6651
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

server
cloudflare envoy
strict-transport-security
max-age=631138519; includeSubdomains
x-transaction-id
b7ccbcfe792342d4
cache-control
must-revalidate, max-age=600
origin-cf-ray
99b3df6e1ba6e39b-SEA
cf-cache-status
DYNAMIC
cf-ray
99b3df6e1ba6e39b-NRT
x-response-time
8
content-length
43
date
Sat, 08 Nov 2025 08:59:10 GMT
last-modified
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/gif
vary
Origin
perf
7402827104
x-served-by
t4_p
truncated
/ Frame D916 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.013780405086517789
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983121
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:10 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df6e7b2162d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
sync
nidan.addlv.smt.docomo.ne.jp/id/daisy/ 		18 B
104 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nidan.addlv.smt.docomo.ne.jp/id/daisy/sync?callback=d2c.nidan.ds&origin=https%3A%2F%2Ftwinklesphotos.exblog.jp&domain=twinklesphotos.exblog.jp&referrer=&ncid=1IP8EQI323s2Xb8Nozhb-
Requested by
Host: cdn.nidan.d2c.ne.jp
URL: https://cdn.nidan.d2c.ne.jp/1.0/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.178.205.149 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-205-149.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
f3a7bcd0a6c9eb7e05d4149db3c93e49a0e12b50aae2ac460c33da92f43ba2c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/javascript; charset=UTF-8
content-length
18
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-SK7DRSBW10&gtm=45je5b50v886322701z871867219za200zb71867219zd71867219&_p=1762592349400&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=1839057457.1762592350&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115616985~115938466~115938469~116217636~116217638&sid=1762592350&sct=1&seg=0&dl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&dt=Bitcoin%20and%20Ethereum%20%3A%20What%27s%20the%20difference%3F%20%3A%20TWINKLES&en=page_view&_fv=1&_ss=1&ep.contents_type_foreign=not_set&tfd=1544
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:164:0
report-to
{"group":"ascnsrsggc:164:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:164:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:164:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
300 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SK7DRSBW10&cid=1839057457.1762592350&gtm=45je5b50v886322701z871867219za200zb71867219zd71867219&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115616985~115938466~115938469~116217636~116217638
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SK7DRSBW10&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c07::9d , Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:132:0
report-to
{"group":"ascnsrsggc:132:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:132:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:132:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.co.jp/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SK7DRSBW10&cid=1839057457.1762592350&gtm=45je5b50v886322701z871867219za200zb71867219zd71867219&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115616985~115938466~115938469~116217636~116217638&tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~105322303~115480710~115583767~115616985~115938466~115938469~116217636~116217638&z=1447265880
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 08:59:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=M_bKS@$mxr!fedAKL_sE
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:10 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
v5
yield-manager.browsiprod.com/supply/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yield-manager.browsiprod.com/supply/v5?sk=exblog&pk=excite&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&bid=M_bKS%40%24mxr!fedAKL_sE&at=Bitcoin%20and%20Ethereum%20%3A%20What%27s%20the%20difference%3F%20%3A%20TWINKLES&sw=1600&sh=1200&rp=false&ga=%7B%22t%22%3A1762592350553%2C%22eu%22%3Afalse%7D&pvid=77af46eb-796b-4291-b9db-39ea90e58c42&l=ja
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.125.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-125-95.kix50.r.cloudfront.net
Software
akka-http/10.2.1 /
Resource Hash
a5d3f0a0f796bd9d06616d16ea391a92acf69d580cbe97177f5b4ed24995c053

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 f401b2fa5646a7624939d261a748e02c.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
x-amz-cf-id
nP43j7adM0E1yIj8jAKmdrmGfbreKkp39yBBVLity1jl_CAcMZcjKg==
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json
x-amz-cf-pop
KIX50-P3
server
akka-http/10.2.1
setuid
u.4dex.io/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=
  • https://creativecdn.com/cm-notify?pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
  • https://u.4dex.io/setuid?bidder=rtbhouse&uid=XRJRDW5EytY_zLVPi1S0ptFIcm70P-Qu1-_5_lL_I48&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
0
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rtbhouse&uid=XRJRDW5EytY_zLVPi1S0ptFIcm70P-Qu1-_5_lL_I48&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin, Accept-Encoding

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://u.4dex.io/setuid?bidder=rtbhouse&uid=XRJRDW5EytY_zLVPi1S0ptFIcm70P-Qu1-_5_lL_I48&pi=fradagio-pbs&gdpr=0&gdpr_consent=&us_privacy=&tc=1
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
pragma
no-cache
vary
Accept-Encoding
p.js
pdn.adingo.jp/ Frame D218 		88 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdn.adingo.jp/p.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.238.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-238-38.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78f70c33af86e3e19b2e72af3ed6096ac60cd1b8e4e9685d806bdfcf291b432f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
x-amz-version-id
68SSrNMo4P.HyQuumtqYJW7fVvLTTKM.
etag
"e36f48717bf9c17e9f11a49ef2bd6645"
age
373
x-cache
Hit from cloudfront
x-amz-cf-id
GjN_upZaeCh0YveAzSHCVOKsziLKZF-wbHd3HzviCBgqAQHouG-7Bg==
date
Sat, 08 Nov 2025 08:52:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 22 Sep 2025 02:14:34 GMT
cache-control
max-age=600, s-maxage=600, immutable
via
1.1 1375f5159b5e792617846e37988e54de.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
20368
x-amz-cf-pop
NRT20-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D218 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
11779502037942753168
age
948
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 08:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/ Frame E4D4 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83c8faff109ba90cf68a5d7d0d02716e96e66de5feb4113028c092eed5e954cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
8658142367797687823
age
41280
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 21:31:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 21:31:10 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
6628
x-xss-protection
0
server
cafe
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/ Frame E4D4 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8fbd5b5d257438d5c1b781491859472bef148a2f3f747be72b8d6caef431367
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
etag
2165137149068350384
age
41280
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 21:31:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 21:31:10 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9578
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D218 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D218 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D218 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
middy-desktop-4.51.1233.js
cdn.browsiprod.com/sd/apps/middy/ 		383 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/bootstrap/bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.197.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-197-46.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75e2e4d47e7c7596d591fcacd56dffa46ac630c7302b3501f8984d04d50cdec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
cache-control
public,max-age=31536000
content-encoding
br
x-amz-version-id
qi40OgQStYwY28IH0dpt62eF5pGhjteu
etag
W/"6c6a64e422dda1334df7e6e9a6cf7b8e"
age
255954
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
HSsLAqBd7T_1BahvZbNP9MEhkwUl1k26LtLfGFevgG3Q6bRvQXIJJg==
date
Wed, 05 Nov 2025 09:53:17 GMT
content-type
application/javascript
last-modified
Wed, 05 Nov 2025 09:50:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P8
x-amz-server-side-encryption
AES256
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.006439293878615859
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
cb.js
cdn.sx.adingo.jp/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sx.adingo.jp/cb.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:200:a:d2fd:aec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e896507e687129617fcf7ee9f55216897bfdbbd55393322f8277b1c97a9cd9c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding
cache-control
public, immutable, max-age=900, s-maxage=7200, stale-while-revalidate=14400, stale-if-error=864000
content-encoding
gzip
x-amz-version-id
KDLxO8S11dj67KRguKFHiOmEm.f76YaC
etag
W/"80eec4d215a36a33af61f94523b88a65"
age
3444
via
1.1 181d3dc873bbebf835e197df6141b7be.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
YYUnHqPJkuAFRNjpnM1twndxlF8nStbAM3wlCnKTsT_vuiZ1dIxz7Q==
date
Sat, 08 Nov 2025 08:01:47 GMT
content-type
text/javascript
last-modified
Mon, 14 Jul 2025 07:03:25 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
x-amz-server-side-encryption
AES256
rtd_supply
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_supply?p=77af46eb-796b-4291-b9db-39ea90e58c42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
rtd_supply
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_supply?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
gtm.js
www.googletagmanager.com/ 		335 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/8266/0001/itm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
dd6c9bc08999e975aaceb99d59c2a3ace886e9efbb20eeca788fc4ece16fd4f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
expires
Sat, 08 Nov 2025 08:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 08 Nov 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
121413
x-xss-protection
0
server
Google Tag Manager
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:10 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
abd.js
cdn.browsiprod.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/abd.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.197.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-197-46.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
481d713552f587d3bc0e3683557f8541ea69543e4d7abb7e4299c646ab10fd03

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://twinklesphotos.exblog.jp
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3000
content-encoding
br
x-amz-version-id
rKwk7MJeT07HcAaaVBBDA7s6dDzRWDJ1
etag
W/"bc70a2c30105ea2f98d83f5ad623fc39"
age
16650
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
Wb-MVdi066pcrQcWfVXdexgaVKVg2GyXEH3Ly3sGhSLJSHfOs8ZGpQ==
date
Sat, 08 Nov 2025 04:21:41 GMT
content-type
application/javascript
last-modified
Sun, 08 Jul 2018 12:47:26 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
via
1.1 a9d37456b91f962deeb364728ebd872a.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT12-P8
server
AmazonS3
web-vitals-4.2.3.js
cdn.browsiprod.com/web-vitals/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.browsiprod.com/web-vitals/web-vitals-4.2.3.js
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.197.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-197-46.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cf3e6d0ce85a08fee4fd2a90152a1a50e8b829c10003981d8f79da6cc2e874c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

vary
accept-encoding, Origin
content-encoding
br
etag
W/"368295c3c1ca25cab006d95cf23bf675"
x-amz-version-id
auY5YQzsiUXHB2pR679xyleBGL_hEO7t
age
41197
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
jkxz9bQE4y6buJ2Q9F08v8uhm4h4FXL29swe3fBgFQpkiRXPkriBRw==
date
Fri, 07 Nov 2025 21:32:58 GMT
content-type
application/javascript
last-modified
Mon, 26 Aug 2024 12:35:42 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P8
x-amz-server-side-encryption
AES256
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:10 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=167238123525377&correlator=4425491213147248&eid=83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_2_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&dids=gpt_pc_blog_inarticle_rec_2_le&adfs=1415872560&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D45b99841308ddba0%3AT%3D1762592350%3ART%3D1762592350%3AS%3DALNI_MbYWD77wgvSx4oSqkGYUUNQDylszQ&gpic=UID%3D000011b0dcb2e30d%3AT%3D1762592350%3ART%3D1762592350%3AS%3DALNI_MahdqpmSpJQrtUifvgVJR1D7vYP_w&abxe=1&dt=1762592350811&lmt=1762592350&adxs=510&adys=1889&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskw8Y0FO457wyMddtDcAldWKCQ2sch7yRK3yS6NtrIHyevbmTENNzEMHhrsWtFCHqdKNA7LnYmMFDX_CPuZfTfuV3EtlNVf2OXg0uxH5Q&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762592349291&idt=788&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D2.00%26hb_adid%3D65b9a2b2c01c0b9%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=2701395909&frm=20&eo_id_str=ID%3D177a7f8f47bd5216%3AT%3D1762592350%3ART%3D1762592350%3AS%3DAA-AfjYy-q_osEICvHqvU9chr29p&gblpids=%2F18333008%2FPC_blog_inarticle_rec_2_left&pb_szs=300x250&pbbce=1&td=1&egid=49490&tan=954987fa-dda1-4fca-960d-4544cb9807cf&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
4a6c325020b08ae3734e2334d911d061efc8247fae819a11fe5eeefc9e369265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
google-lineitem-id
5406912171
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315327170
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
12387
x-xss-protection
0
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/ Frame 4093 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d84ccd933e0ca4f34a93445eb9390ed32540ca67dec0a7a00cf8b65a54e59a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
7620285204421265707
age
47602
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:45:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:45:48 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8505
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 4093 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6182b1cbcd08174f2dc7eb2d65036aa68cd510971385d1f5cf7d5aea1c72604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 08 Nov 2025 08:11:12 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/ Frame 4093 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
age
169054
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 10:01:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 10:01:36 GMT
last-modified
Mon, 27 Oct 2025 10:37:46 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
2920
x-xss-protection
0
server
sffe
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/ Frame 4093 		380 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa6508c96e32ad5e667aca92b92341b14c4133abf04cea7dfd244d5c7745b15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
age
166582
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 10:42:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 10:42:48 GMT
last-modified
Mon, 27 Oct 2025 10:37:46 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
134737
x-xss-protection
0
server
sffe
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/ Frame 4093 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20251106/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1d42955e69aae005efd7d5a24d10ffc36dabebd9867cca1e5b8dbb998e273a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
etag
11924741404489600640
age
47603
x-content-type-options
nosniff
expires
Fri, 21 Nov 2025 19:45:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 07 Nov 2025 19:45:47 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8624
x-xss-protection
0
server
cafe
/
sh.adingo.jp/p/ Frame D218 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sh.adingo.jp/p/?G=1000142419&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&R=&serial=46011220488515&guid=ON&kv=%7B%22page_title%22%3A%5B%22Bitcoin%20and%20Ethereum%20%3A%20%20What%27s%20the%20difference%3F%20%3A%20TWINKLES%22%5D%2C%22keywords%22%3A%5B%22TWINKLES%22%2C%22%E3%83%96%E3%83%AD%E3%82%B0%22%5D%7D&api=2&protocols=2%2C3%2C5%2C6&mimes=application%2Fjavascript%2Cvideo%2Fmp4%2Cvideo%2Fogg%2Cvideo%2Fwebm&fluct_uid=00b58c72-b2ed-405e-8b8c-d3cee4479e3a
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.197.230.208 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-230-208.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8e2386a152ab65d43ce523b1792af11d57bdbf8274862214d6c38e9202f3173e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
x-content-type-options
nosniff
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
server
nginx
last-modified
Sat, 08 Nov 2025 08:59:10 GMT
access-control-allow-headers
Content-Type
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=167238123525377&correlator=3923359815789448&eid=83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_3_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&dids=gpt_pc_blog_inarticle_rec_3_le&adfs=3886661196&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D45b99841308ddba0%3AT%3D1762592350%3ART%3D1762592350%3AS%3DALNI_MbYWD77wgvSx4oSqkGYUUNQDylszQ&gpic=UID%3D000011b0dcb2e30d%3AT%3D1762592350%3ART%3D1762592350%3AS%3DALNI_MahdqpmSpJQrtUifvgVJR1D7vYP_w&abxe=1&dt=1762592350868&lmt=1762592350&adxs=510&adys=2506&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskw8Y0FO457wyMddtDcAldWKCQ2sch7yRK3yS6NtrIHyevbmTENNzEMHhrsWtFCHqdKNA7LnYmMFDX_CPuZfTfuV3EtlNVf2OXg0uxH5Q&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762592349291&idt=788&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D8.00%26hb_adid%3D6742359ae5d1146%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=2659255272&frm=20&eo_id_str=ID%3D177a7f8f47bd5216%3AT%3D1762592350%3ART%3D1762592350%3AS%3DAA-AfjYy-q_osEICvHqvU9chr29p&gblpids=%2F18333008%2FPC_blog_inarticle_rec_3_left&pb_szs=300x250&pbbce=1&td=1&egid=49490&tan=954987fa-dda1-4fca-960d-4544cb9807d0&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
2d079b9f5c374c80fd738aecc65fd186fac4417e515ab4e86f07d926cf36b3fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
google-lineitem-id
5406912180
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315363300
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
12400
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=167238123525377&correlator=1769650597487141&eid=83321073&output=ldjh&gdfp_req=1&vrg=202511040101&ptt=17&impl=fifs&iu_parts=18333008%2CPC_blog_inarticle_rec_left&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&dids=gpt_pc_blog_inarticle_rec_left&adfs=1463933253&sfv=1-0-45&eri=1&sc=1&cookie=ID%3D45b99841308ddba0%3AT%3D1762592350%3ART%3D1762592350%3AS%3DALNI_MbYWD77wgvSx4oSqkGYUUNQDylszQ&gpic=UID%3D000011b0dcb2e30d%3AT%3D1762592350%3ART%3D1762592350%3AS%3DALNI_MahdqpmSpJQrtUifvgVJR1D7vYP_w&abxe=1&dt=1762592350884&lmt=1762592350&adxs=510&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&vis=1&psz=760x280&msz=300x0&fws=0&ohw=0&psts=AOrYGskw8Y0FO457wyMddtDcAldWKCQ2sch7yRK3yS6NtrIHyevbmTENNzEMHhrsWtFCHqdKNA7LnYmMFDX_CPuZfTfuV3EtlNVf2OXg0uxH5Q&topics=3&tps=3&htps=10&nt=1&psd=WzMxLFtdLG51bGwsM10.&dlt=1762592349291&idt=788&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D4.00%26hb_adid%3D6911cb46770d286%26hb_bidder%3Dappnexus&cust_params=contents-type%3Dexblog-%25E5%2586%2599%25E7%259C%259F%25E3%2583%25BB%25E3%2582%25AB%25E3%2583%25A1%25E3%2583%25A9%26contents-category%3Dexblog-%25E6%259C%25AA%25E5%2588%2586%25E9%25A1%259E%26contents-tag%3D%26blog_pc_referrer%3D%26isBot%3D%26flux_test_flag%3Dprd%26publisher_id%3D138&adks=3140661673&frm=20&eo_id_str=ID%3D177a7f8f47bd5216%3AT%3D1762592350%3ART%3D1762592350%3AS%3DAA-AfjYy-q_osEICvHqvU9chr29p&gblpids=%2F18333008%2FPC_blog_inarticle_rec_left&pb_szs=300x250&pbbce=1&td=1&egid=49490&tan=954987fa-dda1-4fca-960d-4544cb9807d1&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
c174a5167ffd7efbe92f008be24fef42d79ba60a1a6f3f38be2773df04c38597
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
google-lineitem-id
5406912174
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138315363297
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
12390
x-xss-protection
0
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-f714d2076329bb02e19a78b268c59937-59f4caa2a38cbcd6-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
f714d2076329bb02e19a78b268c59937/6482028563570408662
destination
www.googletagmanager.com/gtag/ 		322 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10208769&l=itm_dl1&cx=c&gtm=4e5b50
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.31.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s22-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b6e8ebbb6037aa1a48a56344122acbd839c64e985ba179ed4bfa5e821b6dc709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
zstd
report-to
{"group":"ascgsrsghrgc:72:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgsrsghrgc:72:0"}],}
expires
Sat, 08 Nov 2025 08:59:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 08 Nov 2025 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgsrsghrgc:72:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgsrsghrgc:72:0
content-length
118107
x-xss-protection
0
server
Google Tag Manager
beacon.html
cf.im-apps.net/imid/ Frame B628 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cf.im-apps.net/imid/beacon.html
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c23 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
21d68041de9a1b20d2ac2ba4956903eea7e785c5bbc7b0fddb498827b13a57a6

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
gzip
content-length
1381
content-type
text/html
date
Sat, 08 Nov 2025 08:59:10 GMT
etag
"ed9e18514d99c699494df0787acbca6f"
expires
Sun, 09 Nov 2025 08:59:10 GMT
last-modified
Wed, 18 Dec 2024 10:34:56 GMT
p3p
CP="NOI PSD OTR"
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
pageview.js
cdn.audiencedata.net/js/v1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GNL8X&l=itm_dl1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c1c Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
76cf7c805375b29f196da2ca5194c23e3e81e6f15cbde447ac9c5f373b2ce27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
PENDING
Cache-Control
max-age=259200
Content-Encoding
gzip
ETag
"192e6646ecb83536f1d67f794080ddb3"
Connection
keep-alive
Expires
Tue, 11 Nov 2025 08:59:11 GMT
Accept-Ranges
bytes
Content-Length
2033
P3P
CP="NOI PSD OTR"
Date
Sat, 08 Nov 2025 08:59:11 GMT
Last-Modified
Thu, 28 Nov 2024 02:55:43 GMT
Content-Type
text/javascript
Vary
Accept-Encoding
x-amz-server-side-encryption
AES256
/
atb.im-apps.net/a/imsync/8266/622274/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atb.im-apps.net/a/imsync/8266/622274/?token=98e0054c7674dd6ac62e58bc78c5af30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2dbc:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
sync
sync.fout.jp/ Frame D218 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.fout.jp/sync?xid=fluct
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.37 Jingūmae, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Sat, 08 Nov 2025 08:59:11 GMT
Content-Type
image/gif
Server
nginx
/
cs.adingo.jp/sync/ Frame D218
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fluct
  • https://x.bidswitch.net/ul_cb/sync?ssp=fluct
  • https://cs.adingo.jp/sync/?from=bidsw&id=fe03c232-5527-4a28-adf1-4ee634c4c112
43 B
402 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=bidsw&id=fe03c232-5527-4a28-adf1-4ee634c4c112
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
54.178.220.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
//cs.adingo.jp/sync/?from=bidsw&id=fe03c232-5527-4a28-adf1-4ee634c4c112
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6F30 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=142608
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame D218
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=ac0458b7-2dc5-40a0-a758-f0c82d454c93&r=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dopenx%26id%3D
pragma
no-cache
x-forwarded-for
146.70.201.171
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/plain; charset=utf-8
vary
Accept, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 159C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=fluct&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
59.151.139.232 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a59-151-139-232.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Sat, 08 Nov 2025 08:59:10 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
location
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
server
AkamaiGHost
/
cs.adingo.jp/sync/ Frame D218
Redirect Chain
  • https://ad.as.amanad.adtdp.com/v1/sync/ssp?ssp=5
  • https://cs.adingo.jp/sync/?from=aja&id=s2suidn37BjgjceqjbcA4Ej4WpsQ0AcQgVO2LWvV6h15b_XWdG4b_DosVLEwFRgK0wQqr5oXTAWS
43 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=aja&id=s2suidn37BjgjceqjbcA4Ej4WpsQ0AcQgVO2LWvV6h15b_XWdG4b_DosVLEwFRgK0wQqr5oXTAWS
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
54.178.220.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
LQFmc7GxBkiuaxr8ZRyhcpRzV-ouPxS7WL_f_UeCAvHHYgXWLXCUBw==
date
Sat, 08 Nov 2025 08:59:10 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://cs.adingo.jp/sync/?from=aja&id=s2suidn37BjgjceqjbcA4Ej4WpsQ0AcQgVO2LWvV6h15b_XWdG4b_DosVLEwFRgK0wQqr5oXTAWS
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 50979cf9aec23385883dc6e2fd176c12.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
0
x-xss-protection
0
x-amz-cf-pop
NRT12-P9
/
cs.adingo.jp/sync/ Frame D218
Redirect Chain
  • https://hrbh3.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D
  • https://hrbh3.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dmagnite%26id%3D%5Btvid%5D
  • https://cs.adingo.jp/sync/?from=magnite&id=35da0fe52526439fb38f0b680f876ef7
43 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=magnite&id=35da0fe52526439fb38f0b680f876ef7
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
54.178.220.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

location
https://cs.adingo.jp/sync/?from=magnite&id=35da0fe52526439fb38f0b680f876ef7
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 08 Nov 2025 08:59:11 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame D218
Redirect Chain
  • https://y.one.impact-ad.jp/tbs_cs?callback=https%3A%2F%2Fcs.adingo.jp%2Fsync%2F%3Ffrom%3Dp1%26id%3D%24UID&ex=p1.com
  • https://cs.adingo.jp/sync/?from=p1&id=f1a42cdd-88d7-47e5-a047-9e1ddf234f49
43 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=p1&id=f1a42cdd-88d7-47e5-a047-9e1ddf234f49
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
54.178.220.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://cs.adingo.jp/sync/?from=p1&id=f1a42cdd-88d7-47e5-a047-9e1ddf234f49
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:10 GMT
pixel
cm.g.doubleclick.net/ Frame D218
Redirect Chain
  • https://cs.adingo.jp/adx/go/?nid=fluct_eb
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=5fd679a765a7ff85dfd2a9ec5d7679b0
170 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=5fd679a765a7ff85dfd2a9ec5d7679b0
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_hm=5fd679a765a7ff85dfd2a9ec5d7679b0
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/html; charset=UTF-8
server
nginx
/
cs.adingo.jp/sync/ Frame D218
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=dj0pjjk&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=dj0pjjk&ttd_tpi=1
  • https://cs.adingo.jp/sync/?from=tdid&id=246ca134-2766-4e4a-a408-eb2751e5cc6e&ttl=1765184350
43 B
401 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cs.adingo.jp/sync/?from=tdid&id=246ca134-2766-4e4a-a408-eb2751e5cc6e&ttl=1765184350
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
54.178.220.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

location
https://cs.adingo.jp/sync/?from=tdid&id=246ca134-2766-4e4a-a408-eb2751e5cc6e&ttl=1765184350
content-length
213
date
Sat, 08 Nov 2025 08:59:10 GMT
server
Kestrel
fltids
aud.adjust-net.jp/adfrontserver/ Frame D218 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aud.adjust-net.jp/adfrontserver/fltids?val=5fd679a765a7ff85dfd2a9ec5d7679b0
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.4.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-79-4-173.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:11 GMT
server
nginx
content-length
0
sync
gum.criteo.com/ Frame D218 		56 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=167&r=2&gdpr=0&j=fluctAdScript.rtus_cb
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::13 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
dd7fefb994e22052f611ba65c8023f4ef628a03af1f3322a6728975e488940d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=3600
content-encoding
gzip
server-processing-duration-in-ticks
445125
expires
60
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
server
Kestrel
id5-api.js
cdn.id5-sync.com/api/1.0/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac42:a937 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17e84af7ba998526041e90409fec0d80e0bf436fecd99cd94ea4124f1047141
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"9d3ef6e0b1008a729462806417366a8e"
age
4
expires
Sat, 08 Nov 2025 09:59:10 GMT
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/javascript;charset=utf-8
vary
accept-encoding
last-modified
Tue, 04 Nov 2025 08:00:55 GMT
x-amz-id-2
gvx5QQHR0KlOWDlZ3Xr+G6TtbJC9Aaju5X1KTq21INrp96d/61XrUY4z7M4FRA61bLz6APDLKYY=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
PRPEQ4VMKZP2Q3CX
cf-ray
99b3df719e78978f-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
pmt.js
dmp.im-apps.net/pms/r7RdVKlj/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
17642f269032d70bd80f65a51b29ff2dfbd2562fab3388a0ff566e5e5ec4f0f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=5951
content-encoding
gzip
etag
"88b28808d3e1b7c043cd159dea364df6"
x-amz-version-id
C5aMNXmeNAE94deWOfnzY1s.dApqvpPr
expires
Sat, 08 Nov 2025 10:38:21 GMT
accept-ranges
bytes
content-length
2442
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 08:59:10 GMT
last-modified
Tue, 28 Oct 2025 06:58:42 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
taglog
hs.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hs.adingo.jp/taglog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.64.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-64-160.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length
0
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Wed, 17 Sep 1975 21:32:10 GMT
pragma
no-cache
taglog
hs.adingo.jp/ Frame D218 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hs.adingo.jp/taglog
Requested by
Host: pdn.adingo.jp
URL: https://pdn.adingo.jp/p.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.64.160 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-113-64-160.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:10 GMT
access-control-allow-origin
*
content-length
0
/
cs.adingo.jp/sync/ Frame D218
Redirect Chain
  • https://bid.socdm.com/rtb/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&t=.gif
  • https://cs.adingo.jp/sync/?from=scaleout&id=aQ8GXsCo8HAAAGFuDU8AAAAA
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=scaleout&id=aQ8GXsCo8HAAAGFuDU8AAAAA
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
54.178.220.191 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-178-220-191.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

X-SO-LB-Hostname
m-ng9.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Sat, 08 Nov 2025 08:59:10 GMT
Cache-Control
private
Location
https://cs.adingo.jp/sync/?from=scaleout&id=aQ8GXsCo8HAAAGFuDU8AAAAA
X-SO-Cluster-ID
0
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adingo&sspid=adingo&tp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&pp=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&t=.gif","cluster_id":0,"gdpr":false,"ipv4":"146.70.201.171","key":"aQ8GXsCo8HAAAGFuDU8AAAAA","privacy_sensitive":false,"uid":"aQ8GXsCo8HAAAGFuDU8AAAAA","upstream_id":"m-ad1086"}
X-SO-Upstream-ID
m-ad1086
X-SO-HostName
m-ad1086.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
146.70.201.171
X-SO-Key
aQ8GXsCo8HAAAGFuDU8AAAAA
Content-Length
0
X-SO-Ads-Time
2
X-SO-UID
aQ8GXsCo8HAAAGFuDU8AAAAA
Server
nginx
usync.js
eus.rubiconproject.com/ Frame 159C 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
59.151.139.232 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a59-151-139-232.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
37589a4616b391d7893085171a60ef159a6921d920d69331a623d702f80c3bff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=fluct&endpoint=apac

Response headers

cache-control
max-age=54429
content-encoding
gzip
expires
Sun, 09 Nov 2025 00:06:20 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11431
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Sat, 08 Nov 2025 00:06:20 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame 4093 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~mhq1z66z&c=1041434686691&slotId=520717343345&qqid=CI33upeY4pADFR7uFgUdFUUAIA&fb=outstream-lima&sei=44746068%2C44752538%2C95363795%2C420706098%2C789179015%2C798227501&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C75259414%2C95329494%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v49/ Frame 4093 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/

Response headers

age
161202
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 12:12:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 12:12:29 GMT
last-modified
Mon, 08 Sep 2025 18:08:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4093 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C84D0XgYPaY3QG57c29gPlYqBgAKU7ZSqgwHA0NfioBWF99ib_EUQASDY6d8jYInzxYT0E6AB367D4CrIAQWoAwHIA5sEqgSvAk_QMNo4QgJTKQeIheqXDzScw6WC6Xkqxrd_S98j1SMmUVqzjKP_AUvvnL9PYct0pV8mWydBQztxgjZJX3TfaB6TNBFMxO12CTW0R_YImksRWqh8aBWwFprL7JqcFU8IkElEqGNc077vHICNFVkuo8xh5l1eWzL4WxZHLPG1JTcnZWp1Maz-0dakng4HFK4Mxy_LcqVQbByegvgMQ8MAyzTQ-FOjumCrOt-ZRUs1oYcduZrpTy1T81FsnSFiOi8OvCN9T8I5-P9w8TFUgzlVLh_M9M_O4RRK6Ei3mnjU3dJNozc_pCO4DRT_V10LR1ZYE0UY9j0jZwyV1oXcmfjhfFxUhIdE89-0RaBSTIoTHl_mkiGNf4vdRHqwHOeN3rlUE_EdykGVIE85dfJQLkMdWMAEqebbkawF4AQDiAWZk4S7VJAGAaAGToAH3-aTwAWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB-fXsQLYBwDSCC8IgGEQARifATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliQ3bqXmOKQA4AKAZgLAcgLAYAMAaoNAkpQ6g0TCJy6zZeY4pADFR7uFgUdFUUAIIgOCbAT14mOH9gTDYgUA9gUAdAVAcoWAgoA-BYBgBcBshcOGAIqCjY0NTAxMzY1NDOqGBcJAOBGfjJT8UASCjY0NTAxMzY1NDMYAbIYCRIChVQYTiIBALIZATXQGQE&eventType=clickstring&clientTime=1762592351031&ai=C84D0XgYPaY3QG57c29gPlYqBgAKU7ZSqgwHA0NfioBWF99ib_EUQASDY6d8jYInzxYT0E6AB367D4CrIAQWoAwHIA5sEqgSvAk_QMNo4QgJTKQeIheqXDzScw6WC6Xkqxrd_S98j1SMmUVqzjKP_AUvvnL9PYct0pV8mWydBQztxgjZJX3TfaB6TNBFMxO12CTW0R_YImksRWqh8aBWwFprL7JqcFU8IkElEqGNc077vHICNFVkuo8xh5l1eWzL4WxZHLPG1JTcnZWp1Maz-0dakng4HFK4Mxy_LcqVQbByegvgMQ8MAyzTQ-FOjumCrOt-ZRUs1oYcduZrpTy1T81FsnSFiOi8OvCN9T8I5-P9w8TFUgzlVLh_M9M_O4RRK6Ei3mnjU3dJNozc_pCO4DRT_V10LR1ZYE0UY9j0jZwyV1oXcmfjhfFxUhIdE89-0RaBSTIoTHl_mkiGNf4vdRHqwHOeN3rlUE_EdykGVIE85dfJQLkMdWMAEqebbkawF4AQDiAWZk4S7VJAGAaAGToAH3-aTwAWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB-fXsQLYBwDSCC8IgGEQARifATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliQ3bqXmOKQA4AKAZgLAcgLAYAMAaoNAkpQ6g0TCJy6zZeY4pADFR7uFgUdFUUAIIgOCbAT14mOH9gTDYgUA9gUAdAVAcoWAgoA-BYBgBcBshcOGAIqCjY0NTAxMzY1NDOqGBcJAOBGfjJT8UASCjY0NTAxMzY1NDMYAbIYCRIChVQYTiIBALIZATXQGQE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
csi
csi.gstatic.com/ Frame 4093 		0
534 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~mhq1z67t&c=1041434686691&slotId=520717343345&qqid=CI33upeY4pADFR7uFgUdFUUAIA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.hu&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
vast
bid.g.doubleclick.net/dbm/ Frame 4093 		40 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CMbDQqQh3tTX6Nik-umT6tc1QFmqlHCBonPSYm4yKX6E_IRICHWVtGPfaOjCqJ6MOV-TlXnz1oXfzqmNkrWjIoZcz5Dw&cry=1&dbm_d=AKAmf-DRSRiK8xGvdQ12olRcPp9a9Daq54Jnfr9ZZVfpJp7ZT-JMo7BHGqXbp5_r5m-VEmHZgpZpUXHTPNI9Sa0zLhB0on2s4C8FUcFpRBjQlqKGfLMkX6vOlwdXfWqKCU0QCgbOz43ZeU-IS8DcaK30OJ1I8ocNiYi70aEzxDKwPv5NRA9Wkq7wax6DrHmwYEBwQf8g_fxG0CupJryakxwT4ap733wg5KdBtj-Sn-OMIjq9XmssXdphvHmZ-QLtio_0ayqd5ClnTL_7Yjb-vDNT8GND0OSVNot-FY5ZnLk_M0u3IjiKpPigusds6gPA2d8gb2tHW56iQV_wzHPuWCz6ui2Y9gyqcF2cHq0PNPgd8DFbHLrnfnrwwh4px8RZjol6EdRyOW_U0Zo2brkEDJcggUkcaMOBeJDnzl8mLgMm9D4znF5ae_pDBmLVLQmoRBlSCOgGwPYxySRHxvJMmZgRyqYq7SZvUVhnfbnPMIAkRmT6MpWT_5LuD9v0Fw0qKxrmbqJlsYFBRhKi6pLttgWxCP62yUmOT0kew4MR6RVECkrlMhJUxvE9wrGOfsjCkfBGV4pGtePuCwocu2x6prz-Z-enVaXjzMTowVp8VbbB3QlZalRQ57Zlo3jNMtKN5cqq9M2pZfZ8Gw_V__uGhWeKt2ltn0E6IZat1LEjaa_mlpR2UztXsHlGjgbfvV9Ngn3AVW7p47klpwyXTI25qVqS2kCpGqt-_c-5VfoHQqNoQlYhjgHfNXYPiO8wxfVFbO-tGL-sREOLvpv7gazOaw4EOcyp3XkqOVFwqOg2MSARwxjXChlvSuA6LhutoBrJXVip8WepKzlSVlwyIjbXada4CI8uzZnTWv1VUpioqpY28meZHHRsYdVqrgSOIJpoawrkLGXuAvQImexsLWxC0LJJykzK3ozByoVWD_lI9pBwxLif-gdCwdcT8FmHvKEQE6mt_DZ3fL9vYfv-Up7ebKIiH2e0zvKKnYQvGsPZyJ1EYdyOxEPKy-i7Su40H-RDn4XVsw0u0vSAmeCLg97ah6GtEcu0ABol34Y963HZl1qDVQh99A9DxmHx9fMCqb3o6wE1ay7iWHJAvFHee5zrzICvQnOS83QV60E7hzabhyblSkGPTC91LbjnZOAHV4sePp48KKJcvGl22tQBCq8HTJFEbr5itOUvZUDmQsT4NR9U7b6TKqBbq9Va20mCgS2bA8yYXnLe-QSRLZ7xfM9BJfzVsppSZiwWb3XmNgvmDr3nTNowtKv2OVfAQbMLOPJPStRdq9VvMW-Rpw5OCM_5ipI3FSAeVWaeJsX5l5EjSEjK3np9_czcCiMs9t5pFOTQBw_2UQQQBmywJ5aTIMsxGlPh-XVpeengD1YiatXtpZ2BO0UnKyF5N9eOE__5GNmFw5QGrVewnspMjiRD9C3EGL_iqAbfGyjVVQ4igaXEvXS2HbASGep6UUF2ZOjOjH4U0s4cUvyCPe7zUParQeKWzBYKWiBgovb_lwuM9C_9vsmPqZHfsPpxo9OtVrxVVvc0UwbPwz9SuRSZB8AYdAJVkZG9R-ecmGMcewJ39TaQMxLsfYsGk1esJoFhzAllSB5tP5AGwfued8GMUSKpIfnrM5y3cxrV3cXjcAn2tDLQUCKeqI5lIbsYjKW-h1eVmAK6H2nkA2LAqUPqQaYGUlVCoehtKaaxYh70lVITze2v3TcSNQdT9vjIttK7cXZQyumNToBZoEO4jxlWnRcnvvPt2ZLwOpP7H1hQi67Eglix3Ay9M7HFbfsc63qqA5jE8lfURUnjs6OrhuxG4ru9QdZhPwuWcAACsBwnrzqUHPCc3FwomKifCi8ayNSKmBse_8K62D2LWGfgsQy9RIONdQvU8UbDpoVa3ZFIqDNIfPo5bIaMT4rdTR-D3uQ5EuggW7-GByin5ERAMQQFuxQIEtkb7wjyrmTlzqxgk4vFfrT1i1in-JHHMiguaIyih2LaJVZtSl1u28c5_0tyJP3alsirlTRbsbDRw805r5KQwAfnBHW0lxIPc7gfJhQyQ4pSiRmeYd7VCdcTrgfLbvbRCFar0UqwcL5o84QlXPa8LqtrZ1c5xnVMB_8qAgRUyIbwiGlmo7lWmi-WqDBYz1p-kJLCd6dDF1EI1lMScQegJMG02loyCbLWcZ0f8NW-t4gTaizPeSay0_m2OOXb9ZNNo6sAbDY__gOgqcNqoH0dEK5msykGlHyHTl8kI5JSDJAs5SP6-OHw96RgP0tv8LkvmrD158ZVkW9cu5qUGGm-NYTN_-K9Dyegk5cLJ1TPoX6NE1TzOEWv20qNHqizi1kTtwdB1hfLoj2biueIRCb16REjZXuGpSe0hoaIHQL4bNr24QMSyWNivR4KlMb5yvAHjG50uXPl8_jb4JnmzZyl8HyW1E9qfso7W1U-IDk9JVBSlJWZALh38RFhyVIWhl9-cVvWkK1yX5-u-apusiU2CC-6zOwQjPEt6RmhMXZokLrHt3JO7qO9Z9S5O_DZdPi53Rg21AHB7bL9ARw5hjVQQkAJPIobTEacrGMd3jBJGIcvsx5D5jtnd0zvv_BY2vE_fP62ns6Hp3TMNIdFunU2Pfw8M2rrkvZgtnDNFGOv4BbRtnWdzGFVdOjxg_TlTz5yTXFSv4oRARaiPMrXWINheWdPCWTVTz_pbiTAW_gJ_0pudrLQOCEeDESfRtOa7wH8ig2OfRfJWySTTbCpy6T1HJ5EAOz1k4yj3D8LvmgnLFW-Y3RuY4AoK_fdsq4pJv4LifJ2-3dn5koTK1i7wJO-40rBc7XVkl2CZaM8pY8pmCW33_9EaasMGSX9jJ9WgI5ITtkIGAfZeZtlgSxooFWJJ-b5A1wxyrN6Bsj5obk1qf4ckGAuL98juwMJs8NTWCy1ZWHJU5NDYErpyJLjI0qbJvhjHRnImljDLpl7ocDblQbx09vDfe2hThsvaZC2nNjvo3uIAgfkt2Si2oPhGX5UI7y367dpAwQSjlX0cWN6VNvITuFs67i-doRjhJ_yZvLIjK5whAJXRWMpvJygOsHTs6SYYHjrA4CNokeZSEIPSg1QJUEy4h5Uj_kg-qW0eUO6hzrqX1T_bhES61eSBkLwwq_QERzW9G0kQTbjPeplX1r8HsvX86-K0ES-S4TPlhKGLDGlJQ7ygPsw_s3GtWDxQAVP6fbDf_3f5cstvnbQvijlyzEw69JHBjTMuXd6gkyEjRcmLJKS5IuRM-UqcJbINhi40n-blkCzD51VHiv6SCY0uZekPggi7AUM9RHCNQ446Ki5EFwbc9jxHk0W_bx4cE8YXdaQ89Zo21XOYf5bCqA5K39OsFWJW3VbFv8CRDwczBI4l_TLQ1Jh_AbgQpQp_-LCPdNsyGpClwTCEdQqTnT_nrGVCf_Lwzudqv8GKg2OE-WDV53uFP2MQ6-VmiszZXtfayYDIDwTAVsLB4AcRGP8HammsfFo0OKH1XxxOiR8ELVJa0MGJrMx4mU5G05N19ZnwNrx3yOwtlP_86H2skCJ_P24f9noUINtKoVePbudNMd4SY8vGBSRZU29gEUs5U6dgXUQGHYvDgGjuJ9sR2UlhMlPOH_ndUpPRoHny2U24Psn8cqNSll3skW0xWZox-TEwfpiABXom77VVBGVhD52Q9bQLobCv4wJMWgrpCNw3tdX5hrfASa6Vk1jqhEjK1D4hIeyFK5hPbH-EoGCdHuv0c5AzocnLRQtDCYg6Ee21uMI4RD04LsJ_uepjmdtmU-9_K3X9CTFzekR3b1bVDBH82VOxuAze_M-f0gq9FzYbzqX9pDQoWtv1wqJAfw2iZLaRkRACI6rwrPW6UigVwTHb83FLgKWbcb3gFF82kDWpsB-Oql0sCVBcIfXye_J_aEvrkawKG_B2PP53od4UisRgGZrWPUfMxvB_xS5y4z_tME3gok5rCjdKmwhSrhBAXYz0SINOmqTQiIy13d7yAlX-B78NvvwoG4znIIumTxWeEq1MmYJY_pExZbKJazrBIPlkXt9zdInRINton12xj67jgNwBroENuojUP40F-1cyhs63sdGK1-B9oayRJ_dDAZkwB2CYSHE8HK_wk4YqeV3-7Hb04bRJ5ZGeyCgSUho5xmslAJ4Fn6DP3rLme0uExd5wPeefxKIxVQCcfJvy4sK3xclVA6Z_LOeOKIWL1hsNaM0SfBuxwBYG_mfTU4enpFGCZbgPN82jX1I0Db0Yiv-YDrZO8hJcE8BiPcQCXipGTTWLCSpdGI5LjHeU7sLA-yVmDHq1Nj3qkWuc5_V_swmJJLtZngORuTwv4iLFEXZnxOjtsE-FRk1OqfGi1P402R65q0nbCCAXKmETAt1qR5mHx-5NPqMbJzZhWzF&cid=CAQSsgEAwksa0fVF72FXID4LTYpJF7Gw0TdcS6Du_urquNTZyMX2w7iCIgWih6YjdCzLV2p9WyYlQyWgJGmCZsxM5ONuAzv1Ntqbu--ry-42uvbs3CCZQpc3l00PYrkIG-fHXHKfUWy_2eqSxleoWhxoLe7ZO7YSJw8_wltLT8zT7BCp7HlDVLD8_n8LKW6RzllBnYJZGsLJqlrORABGSFQySONeG2wEhcsuJmymEnfgc43MCBRNGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.203.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
th-in-f155.1e100.net
Software
cafe /
Resource Hash
d1624d4350c574462ad7ce399c45a3b1688d8a9ee30baaa4a26424a8f27e6562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
br
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/xml; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://googleads.g.doubleclick.net
content-length
20270
x-xss-protection
0
server
cafe
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=77af46eb-796b-4291-b9db-39ea90e58c42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=77af46eb-796b-4291-b9db-39ea90e58c42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ 		0
107 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
rtd_demand
events.browsiprod.com/events/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/rtd_demand?p=77af46eb-796b-4291-b9db-39ea90e58c42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-max-age
1800
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
set
sync.im-apps.net/imid/ Frame B628 		43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?no_sync=1
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.50.118.144 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-118-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 08:59:11 GMT
Content-Type
image/gif
Connection
keep-alive
geo
ut.pubmatic.com/ Frame 6F30 		22 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
khaos.json
token.rubiconproject.com/ Frame 159C 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
7
content-type
application/json; charset=UTF-8
adview
googleads.g.doubleclick.net/pagead/ Frame 4093 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C_pfHXgYPaY3QG57c29gPlYqBgAKU7ZSqgwHA0NfioBWF99ib_EUQASDY6d8jYInzxYT0E6AB367D4CrIAQWoAwGqBKwCT9Aw2jhCAlMpB4iF6pcPNJzDpYLpeSrGt39L3yPVIyZRWrOMo_8BS--cv09hy3SlXyZbJ0FDO3GCNklfdN9oHpM0EUzE7XYJNbRH9giaSxFaqHxoFbAWmsvsmpwVTwiQSUSoY1zTvu8cgI0VWS6jzGHmXV5bMvhbFkcs8bUlNydlanUxrP7R1qSeDgcUrgzHL8typVBsHJ6C-AxDwwDLNND4U6O6YKs635lFSzWhhx25mulPLVPzUWydIWI6Lw68I31Pwjn4_3DxMVSDOVUuH8z0z87hFEroSLeaeNTd0k2jNz-kI7gNFP9XXVNGpHMbL7nEr9DWraxzJNglZaPTwVJkOlMTSvtwqoJFowvSx2PQjjLxt_Nc8mC58G1BJmg_6exO-KyFG-5Xr5JtwASp5tuRrAXgBAOIBZmThLtUkgUGCAMQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAff5pPABagHp8yxAqgHpr4bqAfMzrECqAfz0RuoB5bYG6gHqpuxAqgHjs4bqAeT2BuoB_DgG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAfZtrECqAf3wrEC2AcA8gcKEPfkBxjd34TJAtIILwiAYRABGJ8BMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WJDdupeY4pADgAoByAsB2gwQCgoQsIGw1O2K_PdgEgIBA6oNAkpQ6g0TCJy6zZeY4pADFR7uFgUdFUUAIIgOCbAT14mOH8gTj8SQ5gPYEw2IFAPYFAHQFQHKFgIKAPgWAYAXAbIXKgoaCAASFHB1Yi04NTQ0MzIxOTk2MTI0NjYwGAAYAioKNjQ1MDEzNjU0M6oYFwkA4EZ-MlPxQBIKNjQ1MDEzNjU0MxgBshgJEgKFVBhOIgEA0BkB&sigh=VyE50E9fPVU&uach_m=%5BUACH%5D&ase=2&cid=CAQSsgEAwksa0fVF72FXID4LTYpJF7Gw0TdcS6Du_urquNTZyMX2w7iCIgWih6YjdCzLV2p9WyYlQyWgJGmCZsxM5ONuAzv1Ntqbu--ry-42uvbs3CCZQpc3l00PYrkIG-fHXHKfUWy_2eqSxleoWhxoLe7ZO7YSJw8_wltLT8zT7BCp7HlDVLD8_n8LKW6RzllBnYJZGsLJqlrORABGSFQySONeG2wEhcsuJmymEnfgc43MCBRNGAE&vt=10&nis=6
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
private
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
truncated
/ Frame 4093 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30c8115ca89b2bc0fabc2d7e0228820b140a1c599b439b77356065a1d96be31c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
bh.json
b.im-apps.net/ 		38 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.im-apps.net/bh.json?d=twinklesphotos.exblog.jp
Requested by
Host: cdn.audiencedata.net
URL: https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.1.49.34.bc.googleusercontent.com
Software
/
Resource Hash
f01d4b0261697b938e570b50030b7481cd314604df5feb4d63fca848ec4f0b69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
private, no-store
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
access-control-allow-credentials
true
im-uid.js
dmp.im-apps.net/sdk/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:48::1734:8c3b Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
db3ae6ff73fea8460f224a488eee66454435d68b2d8d02bcc0adcf7696645ad7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-amz-replication-status
COMPLETED
cache-control
max-age=10800
content-encoding
gzip
etag
"4b1c4bdb22699af828f7e87a97a75eef"
x-amz-version-id
GN0oOyMAQCREmQzkynYHexmbDUQdEVgx
expires
Sat, 08 Nov 2025 11:59:11 GMT
accept-ranges
bytes
content-length
2738
p3p
CP="NOI PSD OTR"
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Fri, 07 Feb 2025 09:28:46 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
segment
sync6.im-apps.net/6837/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/6837/segment?token=X19pbV9zaWRzMw
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/pms/r7RdVKlj/pmt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:54::1738:2a Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
a37ce3f95639be94b9df711c53a23077eed91ca2f5ba026f0b655e7b852aee21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

Cache-Control
private, max-age=1800
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://twinklesphotos.exblog.jp
Content-Length
2523
Date
Sat, 08 Nov 2025 08:59:11 GMT
Content-Type
application/json
Vary
Origin
PugMaster
image6.pubmatic.com/AdServer/ Frame 6F30 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1486141&p=156313&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 08 Nov 2025 08:59:11 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
id5-api-js
api.id5-sync.com/analytics/1159/ 		1 KB
691 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.id5-sync.com/analytics/1159/id5-api-js
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
83de9801a4f07263f867436b33b6a63fd660f2f343dd4467ce19c0ea41e0a313
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=300
access-control-expose-headers
Access-Control-Allow-Origin
content-encoding
gzip
access-control-allow-origin
*
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
pageview
audiencedata.im-apps.net/ 		0
195 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/pageview
Requested by
Host: cdn.audiencedata.net
URL: https://cdn.audiencedata.net/js/v1/pageview.js?owner_id=8266&site_id=news
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d959:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-credentials
true
activity;dc_pre=CP-I6peY4pADFQK66QUdTbsJ3Q;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F334...
ad.doubleclick.net/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2...
  • https://ad.doubleclick.net/activity;dc_pre=CP-I6peY4pADFQK66QUdTbsJ3Q;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwi...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/activity;dc_pre=CP-I6peY4pADFQK66QUdTbsJ3Q;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F?
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://ad.doubleclick.net/activity;dc_pre=CP-I6peY4pADFQK66QUdTbsJ3Q;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F?
pragma
no-cache
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33...
10208769.fls.doubleclick.net/ Frame 2998
Redirect Chain
  • https://10208769.fls.doubleclick.net/activityi;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2...
  • https://10208769.fls.doubleclick.net/activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%...
890 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10208769.fls.doubleclick.net/activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10208769&l=itm_dl1&cx=c&gtm=4e5b50
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f6.1e100.net
Software
cafe /
Resource Hash
58d23c876f805e41e0d101ba2eeac10ab69208a4f3554087807fda26cddb48fb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
533
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:11 GMT
expires
Sat, 08 Nov 2025 08:59:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:11 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10208769.fls.doubleclick.net/activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
geo
ut.pubmatic.com/ Frame 6F30 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156313
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156313&predirect=https://cs.adingo.jp/sync/%3Ffrom%3Dpubm%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
set
sync.im-apps.net/imid/ Frame B628
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=intimatemerger_dmp&google_cm
  • https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEH1yUxzsCla9MZ2Js5AFkU&google_cver=1
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEH1yUxzsCla9MZ2Js5AFkU&google_cver=1
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Server
23.50.118.144 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-118-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 08:59:11 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

cache-control
no-cache, must-revalidate
location
https://sync.im-apps.net/imid/set?cid=5660&tid=gid&uid=CAESEEH1yUxzsCla9MZ2Js5AFkU&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
305
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
adsct
analytics.twitter.com/i/ Frame B628 		43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_id=980&p_user_id=AmFk6NFURICVcaxT_A7LCw
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare envoy /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubdomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=631138519; includeSubdomains
x-transaction-id
13e462d5e0860ca5
cache-control
no-cache, no-store, max-age=0
origin-cf-ray
99b3df730eb7afb8-SEA
cf-cache-status
DYNAMIC
cf-ray
99b3df730eb7afb8-NRT
x-response-time
6
content-length
43
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare envoy
x-served-by
t4_p
set
sync.im-apps.net/imid/ Frame B628
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=intmerger&ttd_tpi=1
  • https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=246ca134-2766-4e4a-a408-eb2751e5cc6e
43 B
694 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=246ca134-2766-4e4a-a408-eb2751e5cc6e
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Server
23.50.118.144 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-118-144.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Cache-Control
private, max-age=3000
Content-Length
43
Date
Sat, 08 Nov 2025 08:59:11 GMT
Content-Type
image/gif
Connection
keep-alive

Redirect headers

location
https://sync.im-apps.net/imid/set?cid=5664&tid=tdid&uid=246ca134-2766-4e4a-a408-eb2751e5cc6e
content-length
215
date
Sat, 08 Nov 2025 08:59:11 GMT
server
Kestrel
tr
universe.send.microad.jp/ Frame B628 		43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://universe.send.microad.jp/tr?service_id=10193&cbt=210997&kv_set=%5B%7B%22unv_member_id%22%3A%22AmFk6NFURICVcaxT_A7LCw%22%7D%5D
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.10 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=86400;
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=86400;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
1; mode=block
content-type
image/gif
server
nginx
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
asr
aid.send.microad.jp/ Frame B628 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/asr?v=1&code=9KxCwSzdigA&format=pixel&enc_params=AmFk6NFURICVcaxT_A7LCw
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

Strict-Transport-Security
max-age=3600
Connection
close
Access-Control-Allow-Origin
*
Content-Length
43
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Date
Sat, 08 Nov 2025 08:59:11 GMT
Content-Type
image/gif
Server
Apache
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B628 		0
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fb6.im-apps.net%2F1007854%2Fmap%2F%23PM_USER_ID
Requested by
Host: cf.im-apps.net
URL: https://cf.im-apps.net/imid/beacon.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://cf.im-apps.net/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/html; charset=UTF-8
container.html
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 3CFB 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Sat, 08 Nov 2025 08:59:10 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 3CFB 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 3CFB 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:afe2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
13933
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1O4KypdDm%2FhLaxs3%2B4in66Kvx%2FZ2FGR8%2BWOtRvlNKKVVeza8cEUpj75rTTG6%2FXx4s2oniXOuzJ7dYfd%2Fq5sJdCYfj7%2BfNBMdEiEGMpBBcEq7X7njUFuIZKGgWvMb4vvtgGzgMVDc31TuszMkzAc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b3df730b9ae09c-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3CFB 		223 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
949
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 08:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
get
audiencedata.im-apps.net/imuid/ 		34 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6837&vid=01K9HB1RV6VM8D0KBM5YF1YXWA
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d959:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
7e53c9c75eb0e9d7de5e776dcd9400cef0fe72489122b84a8cbe200b03996f89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
access-control-allow-credentials
true
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202510140101/gpt
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
2505b331cfe3905b07926e49104c7949bf384b8c4b4ff6f3709e91c6f5cd6366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
13283420341987886150
age
65035
x-content-type-options
nosniff
expires
Fri, 14 Nov 2025 14:55:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 07 Nov 2025 14:55:16 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23314
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202510140101"
csi
csi.gstatic.com/ Frame 4093 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~mhq1z686&c=1041434686691&slotId=520717343345&qqid=CI33upeY4pADFR7uFgUdFUUAIA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 4093 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

content-encoding
gzip
age
839
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:35:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:45:12 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
15407
x-xss-protection
0
server
sffe
4
r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,... Frame 4093
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/id,itag,source,xpc,ctier,ac...
  • https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,ex...
  • https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,ex...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/7FEED1151C0ACD125062E21BE8B8A45C340FCEF7.54270E28C7A7E23E32B50681812859780B88C733/key/cms1/met/1762592351,/mh/e3/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-oguelr7z/rrc/104/fexp/24350737,24350827,24352157,24352274,24352278/req_id/7f162f3f0873a3ee/cms_redirect/yes/ipbypass/yes/mip/146.70.201.171/mm/42/mn/sn-ogueln66/ms/onc/mt/1762590730/mv/u/mvi/4?file=file.mp4
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Server
142.251.91.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s55-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Thu, 06 Nov 2025 05:50:58 GMT
content-type
video/mp4
vary
Origin
cache-control
private, max-age=86400
timing-allow-origin
null
client-protocol
quic
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-origin
null
content-length
6062243
server
gvs 1.0

Redirect headers

cache-control
private, max-age=900
location
https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/7FEED1151C0ACD125062E21BE8B8A45C340FCEF7.54270E28C7A7E23E32B50681812859780B88C733/key/cms1/met/1762592351,/mh/e3/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-oguelr7z/rrc/104/fexp/24350737,24350827,24352157,24352274,24352278/req_id/7f162f3f0873a3ee/cms_redirect/yes/ipbypass/yes/mip/146.70.201.171/mm/42/mn/sn-ogueln66/ms/onc/mt/1762590730/mv/u/mvi/4?file=file.mp4
timing-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
access-control-allow-origin
null
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Wed, 02 May 2007 10:26:10 GMT
vary
Origin
server
gvs 1.0
content-type
text/html
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 4093 		453 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-8544321996124660
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

age
386
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:42:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:52:45 GMT
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
content-type
image/png
cache-control
public, max-age=3000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
453
x-xss-protection
0
server
sffe
csi
csi.gstatic.com/ Frame 4093 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~mhq1z6d2&c=1041434686691&slotId=520717343345&qqid=CI33upeY4pADFR7uFgUdFUUAIA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2067&mt=video%2Fmp4&vs=576x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.mw~atrd.n5~videopreviewvisible.n7&ua_e=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 352C 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f1.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:13:15 GMT
expires
Sat, 08 Nov 2025 09:03:15 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 328C 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Sat, 08 Nov 2025 08:59:10 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 3CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2YFnfg9kd7RpYMgy7GURyeLhxf5qP3PKNNPfle9aadMYeHaNlDKcTDjCgRzY6BWmLpThvN-bhSnOhZM0Wwvcg6MHp0FcYFbOPoqlizn4Iza4hRXVdeRuNsKGfp-E7zMTX28jGSCvipeR9km3t1ZxUmJKF84f7h17D1PCqvBwjvYX4ShDCI_v-xV6C8z6FymAxIdogqLdm0n70RJDsVB0IK24gh9qWSgmCCab3VVGl5aOhRv9kmJngvNcj5rpjjPqcvJTivG2-kOlPh7o0npFv7oGNUrvA1Pxl_cInwnLqXl5mvFdMjqAqGfBuPzBQeWK2s71Yqp-IL9S9fU3TtEhjLAHo2f1-V1y6xpxDKl20fU-8gy8fgY33YDacKde3j6JdLgqx4EcYniv9Fn7fk0A3Ig0ihv4-9z2G19QFUiFEklpG0NKYfiwqbYCT0aLH5IDvopgtn722z_WFtMz0e89cFOhS&sai=AMfl-YRCA1PLtlBahIAcCTsw3gHW-tnL3nRmcOKl_JlX-7wN5Yj83cF1RHvRS-2c3iXr-YTV5Ltr6MWVcSPKAT6DJj62DreX2RlLrgQC3LdslMdSqY7u9nQTSApJ7JVch4qMS4kEPFPvRIdOmoL8VNsawr4XS2SownkoAkXr8MooI61_Hz3fd5rggKre3Is1AZLJ2vic1TSWLB_R2KaoOjVmZcoRF5ORCII_9Jdfrxc8XVmymIM4xSTDyKk-W6tGHla54NJmBA&sig=Cg0ArKJSzLa1LTuqihdyEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
container.html
45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame AAC5 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:10 GMT
expires
Sat, 08 Nov 2025 08:59:10 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-0a030daca583352de19a78b268c59add-3e8db4c7865b6038-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
0a030daca583352de19a78b268c59add/4507457571113361464
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 328C 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 328C 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:afe2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
13933
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1O4KypdDm%2FhLaxs3%2B4in66Kvx%2FZ2FGR8%2BWOtRvlNKKVVeza8cEUpj75rTTG6%2FXx4s2oniXOuzJ7dYfd%2Fq5sJdCYfj7%2BfNBMdEiEGMpBBcEq7X7njUFuIZKGgWvMb4vvtgGzgMVDc31TuszMkzAc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b3df730b9ae09c-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 328C 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
949
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 08:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 328C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq1NObIraUSsTjgXbQ_DIyodlkt6VqbdpU883-ju3sN9vZnP2q3NM4Ta_9Sbt06JBOKf7QBvYCwrp6vJKPz7BIamKVWiL1XQ9ZvR4BHTOQ7lfAcB9qcBGfozmwcbLdF3bRIb5l4Ed893uIeKFMAziX6FueZGb2Vdj6JMDUAu14_vproxoNZSot2g3JMtt0YMJQOiCgb-sk-PwG6Q7PBTEIa-wyqgrT_OsXukPbOXNFYgnqXhgG1hySp9UKMaZSMUMC8gTMupfXansMzN2SFJjFlI-lQDck970_7RnFO9QFDJENSC5Mp2IzKOBKyLKNQ0SFhS7fUiEBEIg149bWWJ1Hd9cLTWN2qXGDvm1Us9gP1-K7O79Eo1YlCLGR7eZmmh2-Eocob6zVXj7WIDStwJy9HDNA-qQ32udLYiGYCpoOAycVRJ1pCF_pNS7ceL1wnV0uo_2KyVKfMU5MtOLa_fwpMg2YOg&sai=AMfl-YQkQrsOz1wFSd5qiuUqLgukh37Dw0zYelPT9VAFlklDF4JbU21B6gnuQ4h9Iw3rAt35JS_xg_Xyo0pWQu7X7rtcyRapo6JfHEGuFs4XpG2WFTNLIzmsL-AhVe9oK3WPsI6Ab-RuSfMagK2E9zKDJIAPswerL5n16qF8EZ3EOtQUXhXE_8ggtHjHH1ZoovARc2JfV6K3-7pAC5WcswPBA6AO21BqBckY0dEWvDZm88hViAc20meGE-nUEvd--2mYAowZ-g&sig=Cg0ArKJSzN-cYHj_QN_IEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 328C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 328C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 3CFB 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45b03bc226f1c6c01cbe81956986f23f2ceadc914e73f4d85c6127debd27efc3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
sync
cs.adingo.jp/ Frame 159C
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=fluct&khaos=MHQ1Z6EM-1Y-HV8E
  • https://cs.adingo.jp/sync?from=rubicon&id=MHQ1Z6EM-1Y-HV8E
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync?from=rubicon&id=MHQ1Z6EM-1Y-HV8E
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
18.178.165.190 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-178-165-190.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:11 GMT
pragma
no-cache
content-type
image/gif
server
nginx

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cs.adingo.jp/sync?from=rubicon&id=MHQ1Z6EM-1Y-HV8E
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
content-length
0
Content-Type
text/html
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame AAC5 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:814::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame AAC5 		28 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:afe2 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo"
age
13933
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1O4KypdDm%2FhLaxs3%2B4in66Kvx%2FZ2FGR8%2BWOtRvlNKKVVeza8cEUpj75rTTG6%2FXx4s2oniXOuzJ7dYfd%2Fq5sJdCYfj7%2BfNBMdEiEGMpBBcEq7X7njUFuIZKGgWvMb4vvtgGzgMVDc31TuszMkzAc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-etou8220076-FRA, cache-itm1220065-ITM
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
99b3df730b9ae09c-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
9763
server
cloudflare
x-jsd-version
1.17.2
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AAC5 		223 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1ca0d5744e4f39ea464be06f38e214eabd97b2ca934e919a3673f0a62f76368c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11779502037942753168
age
949
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 09:43:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sat, 08 Nov 2025 08:43:22 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
70282
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame AAC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstBkt0WLs8Amd4r74ZspfrbGZHLo2mJfwi5Yo3ZXa4aCIm1ME-6-1JD-5g-BwKwC_zGkphYBq67CSjNvdCbaTMy1kkVftVUCtfJ-HTTRsakbbDOUXtZEAoHJfxmiG383AEzTg8_NpqQykPQPDHWO4F1ih0pctCS4bJ1ddW8iUI0R_FAQaUVz-sBFK-QOxXqLxWCUIprD0N4GwEU9G1Ri-XWllwzssMSZQUHKZkfEsviNPStoPLucjgTqXVZtpFwigPz7MuoAQRUHlznTZbBa0QUEGyF6Upp4uwjOPZMkZMgRVxyTChf34Fy-52KUpbvGISkpSYZ65pnM5U7zZNSdkAi29Cw-2VcOLlPYhcgul5JFRfPfcQ9mpkoTowJ25t1VOuP_7fiir9tl4xZxO8k5mJMDBDboN1vFyfZ_J62QfWW352luxEnu-wTCZSBCv1WMGnpWkFq7XHnee46kiBaVB1BY4U&sai=AMfl-YSMJiwkMKt00F-kv95XcY81DwuKiWIQ2EtxaQnlO8WXtjIDx64dEX-mgfz6RpnMf7L92iIGEgSqDVMVAo6AW1t3V6U01BCt-7dfgqJ54-IIJxVnWyjF72q4_2skhlpPqiY2cnCUNjt72cqjbPjUfdvpnWwwbP1MK4sLFFF7Hr3l5A80sw5dOGlqp38Rr2VP11Rci1CBI6eZvodeiun5aJ2KF9yURhDsbLa5w4_VHt7sk9IbXXG4iKzWoNmG6w08mh7yCw&sig=Cg0ArKJSzPc9O4-Ceno2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
URL: https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 328C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
TOCvFO5frGAUu_dYJQMz6Rf6wi7NrrHIMK70wbLAQEo.js
pagead2.googlesyndication.com/bg/ Frame 352C 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TOCvFO5frGAUu_dYJQMz6Rf6wi7NrrHIMK70wbLAQEo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
4ce0af14ee5fac6014bbf758250333e917fac22ecdaeb1c830aef4c1b2c0404a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

content-encoding
br
age
174514
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 08:30:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 08:30:37 GMT
last-modified
Mon, 03 Nov 2025 09:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
20351
x-xss-protection
0
server
sffe
gen_204
pagead2.googlesyndication.com/pagead/ Frame AAC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 328C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e6a201686c98c8525d8c9c50c1f4204a6c35c4d327b4c7a8b96eba08fa3123da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=*;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame 2998 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=*;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F
Requested by
Host: 10208769.fls.doubleclick.net
URL: https://10208769.fls.doubleclick.net/activityi;dc_pre=CNn67peY4pADFVVcwgUdK6kY0g;src=10208769;type=invmedia;cat=im8db0;ord=2884994430990;npa=0;auiddc=1937907493.1762592351;u1=8266;u2=news;u3=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KFA;gtm=45fe5b50v9181790672z871862534za200zb71862534zd71862534xea;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=101509157~103116026~103200004~103233427~104527906~104528500~104684208~104684211~104948813~115480710~115583767~115616986~115938466~115938468~116217636~116217638;epver=2;dc_random=1762592351_CFgL-g2i_DnvGuMAB-ysCFrqd29ZOivFaw;_dc_test=1;~oref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://10208769.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame AAC5 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e0d8a8f17ccc289e0d05a1fcccad98f94d257267ab868159137b4388d698f478

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
px.gif
ad-delivery.net/ 		43 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.4118154211249213
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983122
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:11 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df74695562d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.5667349128806147
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.4519717152236443
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983122
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:11 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df74695862d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
dns
ab.dns-finder.com/meta/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ab.dns-finder.com/meta/dns
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.200.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.200.36.34.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=180, stale-if-error=180, stale-while-revalidate=180
access-control-expose-headers
X-Resolver
x-resolver
default
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sat, 08 Nov 2025 08:59:10 GMT
content-type
text/plain; charset=utf-8
vary
Origin
Collect
a.flux.jp/analytics.collect.v1.CollectService/ 		2 B
47 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.flux.jp/analytics.collect.v1.CollectService/Collect
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.160.89.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.89.160.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-expose-headers
Accept, Accept-Encoding, Accept-Post, Connect-Accept-Encoding, Connect-Content-Encoding, Content-Encoding, Grpc-Accept-Encoding, Grpc-Encoding, Grpc-Message, Grpc-Status, Grpc-Status-Details-Bin
content-encoding
gzip
via
1.1 google
traceparent
00-1ac7437639d85646e19a78b268c59d5d-c826d76c6c99a717-00
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
accept-encoding
gzip
content-length
26
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
vary
Origin
server
Google Frontend
x-cloud-trace-context
1ac7437639d85646e19a78b268c59d5d/14422451717379041047
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 8D41 		128 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b77gh7qxhC1TYOzgd000000013fg00000000k9ux
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
c87e9a7f-901e-008e-4712-4d24d9000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame 8D41 		153 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b7755dkhhC1TYO3ay8000000144g00000001479g
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
83639624
x-ms-request-id
58f434d6-b01e-0095-13e4-4f53c8000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
it
sin3-ib.adnxs.com/ Frame 8D41 		0
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443955%252F&e=wqT_3QLkCKBkBAAAAwDWAAUBCN6MvMgGEJCnoamenpe9RxgAKjYJAAAAEJ_ikz8RAA0JJBkAAACgR-HqPyERGwApEQn0GAQxAAAA4FG4rj8w0OfdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeNbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgPlAwr5Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTUxOTk5MzhmLWZjMDEtNDEyZi05Nzg4LWFlMWM4Y2I4MzM3MCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1ITyZpbXBJZD01MTUwNTMxMzE3ODUzMDgyNTEyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzkzMGQ3NWItN2YxZS00ZjM0LTk3NjUtN2E3NDRiYWY3YmIzJnJlZ2lvbj1hcGFjJnJ0eXBlPW51cmwmdGFnSWQ9MzUwOTE0MDgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJnViZXJHcm91cD1ob3JlXzNjJnViZXJTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTE1MDUzMTMxNzg1MzA4MjUxMiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREk1TkRRNE1UUTJNelUzT0Rrak1qTXpORGMwTkRJeU16QXpNakEwTlE9PUgAwAPYBMgDANgDh-o04AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0Ni43MC4yMDEuMTcxqAQAsgQSCAAQARisAiD6ASgAMAA4AkIAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWj-fGOnruKyDvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXK16sB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgH1tIF0gcPCQAAAAAAAAAAEAAYACAA2gcGCAAQABgA4AcA6gcCCADwB-vaBIoIRwpDAAABmmKw3zBHelzx5ShTkJI9idTO68LnfAoRqUYbPK7EwmJytkUcLAhTtGBtJ7MAI03yAbLOabVjOIDIzeFobG9ntBABlQgAAIA_mAgBwAj8Q9IICwjz_9-7gB4QABgA2ggECAAgAOAIAOgIAA..&s=7b3e642a490a497911977bd4200cdd4c8ecd303c
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
a83b3971-979b-4908-b97a-4c92de1e9605
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
ecm3
s.amazon-adsystem.com/ Frame 159C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=MHQ1Z6EM-1Y-HV8E&ex=d-rubiconproject.com&status=ok
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=MHQ1Z6EM-1Y-HV8E&ex=d-rubiconproject.com&status=ok
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-157-137.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
TWSV0PSKE8GWQCNSTGTR
Content-Length
43
Date
Sat, 08 Nov 2025 08:59:12 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://s.amazon-adsystem.com/ecm3?id=MHQ1Z6EM-1Y-HV8E&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
content-length
0
Content-Type
text/html
dcm
s.amazon-adsystem.com/ Frame 159C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
98.82.157.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-82-157-137.compute-1.amazonaws.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
KP3QXDT8D94HP2AC1Y31
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 08:59:12 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
6Y985ZYFX85KP20BRHHA
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 08:59:11 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
pixel
cm.g.doubleclick.net/ Frame 159C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUhRMVo2RU0tMVktSFY4RQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNFRvQG0ice8RAN_EeGTMo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhRMVo2RU0tMVktSFY4RQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhRMVo2RU0tMVktSFY4RQ==&google_push=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUhRMVo2RU0tMVktSFY4RQ==&google_push=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame 159C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=HEELmfZHgYJe3_kX-v9UScn5EUdSAgOZEtemQ7w0kco&csrc=
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=HEELmfZHgYJe3_kX-v9UScn5EUdSAgOZEtemQ7w0kco&csrc=&verify=true
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tyyrjtlE2oIas8E6RQW_A05CWzR4ljuSmTUKrw--~A
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tyyrjtlE2oIas8E6RQW_A05CWzR4ljuSmTUKrw--~A
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tyyrjtlE2oIas8E6RQW_A05CWzR4ljuSmTUKrw--~A
age
0
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
text/html
server
ATS
dcm
aax-eu.amazon-adsystem.com/s/ Frame 159C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
95GD4MBV10BTTTFZY6K1
Content-Length
43
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 08:59:12 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
HKRB59FXP1WCCE7KHHNG
Content-Length
0
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date
Sat, 08 Nov 2025 08:59:12 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
tap.php
pixel.rubiconproject.com/ Frame 159C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=246ca134-2766-4e4a-a408-eb2751e5cc6e&gdpr=0&gdpr_consent=&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=246ca134-2766-4e4a-a408-eb2751e5cc6e&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=246ca134-2766-4e4a-a408-eb2751e5cc6e&gdpr=0&gdpr_consent=&expires=30
content-length
289
date
Sat, 08 Nov 2025 08:59:11 GMT
server
Kestrel
tap.php
pixel.rubiconproject.com/ Frame 159C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3GTBSqwGvoRdcetupLbcc&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3GTBSqwGvoRdcetupLbcc&google_cver=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC3GTBSqwGvoRdcetupLbcc&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
setuid
px.ads.linkedin.com/ Frame 159C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHQ1Z6EM-1Y-HV8E
0
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHQ1Z6EM-1Y-HV8E
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1AEBF5A88B184E54B3FF332D98756C6B Ref B: TYAEDGE0719 Ref C: 2025-11-08T08:59:11Z
x-li-fabric
prod-lva1
x-li-uuid
AAZDEYMEi2VMUDwSSvb62w==
x-li-proto
http/2
alt-svc
h3=":443"; ma=86400
x-cache
CONFIG_NOCACHE
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MHQ1Z6EM-1Y-HV8E
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 159C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjAwMWEwMjUyMTgzYjFkYmFjZTA1OWQyODZmMmE0MGE5NWYyN2E2Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjAwMWEwMjUyMTgzYjFkYmFjZTA1OWQyODZmMmE0MGE5NWYyN2E2Yg
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjAwMWEwMjUyMTgzYjFkYmFjZTA1OWQyODZmMmE0MGE5NWYyN2E2Yg
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
Pragma
no-cache
content-length
0
rp
match.prod.bidr.io/cookie-sync/ Frame 159C 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.181.255.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-181-255-50.ap-northeast-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
no-cache, must-revalidate
pragma
no-cache
Connection
keep-alive
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
Content-Length
43
Date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/gif
Server
gunicorn
tap.php
pixel.rubiconproject.com/ Frame 159C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d9861cf8-3c8b-4df7-b454-4afc6d1091de&expires=30
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d9861cf8-3c8b-4df7-b454-4afc6d1091de&expires=30
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

X-CI-RTID
cf7df611-acb8-4ac9-9acf-e61eb644a781
Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=d9861cf8-3c8b-4df7-b454-4afc6d1091de&expires=30
Content-Length
144
Date
Sat, 08 Nov 2025 08:59:12 GMT
Content-Type
text/html; charset=utf-8
Connection
keep-alive
merge
ce.lijit.com/ Frame 159C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=MHQ1Z6EM-1Y-HV8E
  • https://ce.lijit.com/merge?pid=80&3pid=MHQ1Z6EM-1Y-HV8E&dnr=1
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=MHQ1Z6EM-1Y-HV8E&dnr=1
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
44.237.84.132 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-237-84-132.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/gif
vary
Accept-Encoding

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
location
https://ce.lijit.com/merge?pid=80&3pid=MHQ1Z6EM-1Y-HV8E&dnr=1
pragma
no-cache
expires
Fri, 20 Mar 2009 00:00:00 GMT
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 08:59:12 GMT
vary
Accept-Encoding
setuid
pbs.yahoo.com/ Frame 159C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-yahoo-exchange
  • https://pbs.yahoo.com/setuid?bidder=rubicon&uid=MHQ1Z6EM-1Y-HV8E
0
0
ProfilesEngineServlet
syncv4.intentiq.com/profiles_engine/ Frame 159C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MHQ1Z6EM-1Y-HV8E
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHQ1Z6EM-1Y-HV8E
  • https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHQ1Z6EM-1Y-HV8E&ckls=true&ci=51mlwLJfOO&nc=false&trid=-981136860
43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHQ1Z6EM-1Y-HV8E&ckls=true&ci=51mlwLJfOO&nc=false&trid=-981136860
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
3.166.244.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-166-244-127.nrt20.r.cloudfront.net
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 9d33abc9b369e83018afd4810022d30a.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/gif
x-amz-cf-pop
NRT20-P6
x-amz-cf-id
3bie7nuSqyTIWEQ-x_yE-tDlWqPwrw7zhqtteDTJc-53PTmS4lg5qA==

Redirect headers

patent
https://www.almondnet.com/ip
cache-control
no-cache, no-store, must-revalidate
location
https://syncv4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MHQ1Z6EM-1Y-HV8E&ckls=true&ci=51mlwLJfOO&nc=false&trid=-981136860
pragma
no-cache
via
1.1 f93e179d1b1a552c89c83ee369ac624a.cloudfront.net (CloudFront)
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/gif
x-amz-cf-pop
NRT20-P6
x-amz-cf-id
HhDVdEQDna0Nsq-QVcag4Q9nfmpRpGQ99G-sHhnuK4hsLm69L-Jzpw==
pixel
capi.connatix.com/us/ Frame 159C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=MHQ1Z6EM-1Y-HV8E&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=MHQ1Z6EM-1Y-HV8E&pId=11&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Server
104.18.41.104 , Ascension Island, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
99b3df782ce5869d-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
text/plain;charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://capi.connatix.com/us/pixel?puid=MHQ1Z6EM-1Y-HV8E&pId=11&gdpr=&gdpr_consent=&us_privacy=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e2b6b837307e4a2cb84d126fbaf2cea2
content-length
0
Content-Type
text/html
v1
match.sharethrough.com/sync/ Frame 159C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHQ1Z6EM-1Y-HV8E
68 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHQ1Z6EM-1Y-HV8E
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Server
13.228.29.185 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=MHQ1Z6EM-1Y-HV8E
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
content-length
0
Content-Type
text/html
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 3AF6 		128 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b77gh7qxhC1TYOzgd000000013fg00000000k9ux
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
c87e9a7f-901e-008e-4712-4d24d9000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame 3AF6 		153 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b7755dkhhC1TYO3ay8000000144g00000001479g
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
83639624
x-ms-request-id
58f434d6-b01e-0095-13e4-4f53c8000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
it
sin3-ib.adnxs.com/ Frame 3AF6 		0
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443955%252F&e=wqT_3QLqCKBqBAAAAwDWAAUBCN6MvMgGEJH_2Zrv3cnsZBgAKjYJAADAR_eEsj8RAA0JJBkAAADgo3DlPyERGwApEQn0jAMxAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeMbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgPrAwr_Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY0YTdmOTEyLWExMTctNDA3Ni05MGUyLWY4OGZjMmQzMTQzMSZiaWRJZD0yJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmaW1wSWQ9NzI2Njg4MjI4MTQ2NTYxMDEyOSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWFlODJhM2IyLWM5YzEtNGJlYy05MTQ4LTc3ODljZDAxOTMzNCZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDEwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9b2VuYXFfZm5zcmdsJnViZXJHcm91cD1ob3JlXzNjJnViZXJTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzI2Njg4MjI4MTQ2NTYxMDEyOSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREkyTmprNU5ETXlNREUxTURnak1qTXpORFEyT1RNME5URXlPRGM0Tnc9PUgAwAPYBMgDANgDh-o04AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0Ni43MC4yMDEuMTcxqAQAsgQSCAAQARisAiD6ASgAMAA4AkIAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXDwf7-jNmDr1vABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXK16sB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHxtIF0gcPCQAAAAABayQQABgAIADaBwYIBQvwfuAHAOoHAggA8Afr2gSKCEcKQwAAAZpisN8wZNkm7vNWf5FyFwZv2RfprF-CXiuy6sfvxQhBuZYS4TQ22lYwHFFjEzSBZBQR0ik_Q1nls6CNP08z0dYQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=25541cfa48e061bd0b811ba1972eb0d0c5efe2ae
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
8db7e314-4fa6-4b1b-8dbf-756e42a7dd11
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
4
r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,... Frame 4093 		6 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-ogueln66.c.2mdn.net/videoplayback/id/679c82e8bc29c3ec/itag/347/source/web_video_ads/xpc/EgVovf3BOg%3D%3D/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3906856496/sparams/acao,ctier,expire,id,ip,ipbits,ipbypass,itag,met,mh,mip,mm,mn,ms,mv,mvi,pl,rms,source,xpc/signature/7FEED1151C0ACD125062E21BE8B8A45C340FCEF7.54270E28C7A7E23E32B50681812859780B88C733/key/cms1/met/1762592351,/mh/e3/pl/24/rms/onc,onc/redirect_counter/1/rm/sn-oguelr7z/rrc/104/fexp/24350737,24350827,24352157,24352274,24352278/req_id/7f162f3f0873a3ee/cms_redirect/yes/ipbypass/yes/mip/146.70.201.171/mm/42/mn/sn-ogueln66/ms/onc/mt/1762590730/mv/u/mvi/4?file=file.mp4
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.91.201 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s55-in-f9.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Thu, 06 Nov 2025 05:50:58 GMT
content-type
video/mp4
vary
Origin
cache-control
private, max-age=86400
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
access-control-allow-credentials
true
Content-Range
bytes 0-6062242/6062243
accept-ranges
bytes
access-control-allow-origin
https://googleads.g.doubleclick.net
Content-Length
6062243
server
gvs 1.0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame CCB7 		128 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abe49d464f7ebe6abd145e344a1d9e01fab48ec5eed83e3138e2bb0cc44d5444

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b77gh7qxhC1TYOzgd000000013fg00000000k9ux
cache-control
private, max-age=3600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
c87e9a7f-901e-008e-4712-4d24d9000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Thu, 23 Oct 2025 20:23:32 GMT
banner.js
adsdkprod.azureedge.net/viewability/versions/v5.8.21/ Frame CCB7 		153 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::38 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
64b68a094d5f6395acacd5c56e7005235fe456ed0daf0859f9030a4dca44e157

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b7755dkhhC1TYO3ay8000000144g00000001479g
cache-control
public, max-age=2628000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-fd-int-roxy-purgeid
83639624
x-ms-request-id
58f434d6-b01e-0095-13e4-4f53c8000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 06:29:47 GMT
it
sin3-ib.adnxs.com/ Frame CCB7 		0
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sin3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Ftwinklesphotos.exblog.jp%252F33443955%252F&e=wqT_3QLlCKBlBAAAAwDWAAUBCN6MvMgGENOOo6exzve5QxgAKjYJAfZv_tE-pT8RAQ0JJBkAAAAgXI_qPyERGwApEQn0GQQxAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeM_RBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgPmAwr6Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWNkZWJiNGQ1LWZkNDYtNDg4NS04MDE0LTlkNmNkNmU4ZjYyNSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjgmaW1wSWQ9NDg2MDQ3MzAwODcxNjMwMjE2MyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWFhMzBmN2I1LWMwOWItNDE5OS1hMzU3LTI3OWU0NDM5NDI4MSZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDA2JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9ZXJmcmVpciZ1YmVyR3JvdXA9aG9yZV8zYyZ1YmVyU3ViR3JvdXA9ZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NjA0NzMwMDg3MTYzMDIxNjMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJME5qTTNOemcxTkRBMk9ESWpNak16TkRJMk16RTROamMyTVRJeU53PT1IAMAD2ATIAwDYA4fqNOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDYuNzAuMjAxLjE3MagEALIEEggAEAEYrAIg-gEoADAAOAJCALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFgtfcg9HBpqJAwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyterAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB8_RBdIHDwkAAAAAAAAAABAAGAAgANoHBggAEAAYAOAHAOoHAggA8Afr2gSKCEcKQwAAAZpisN8wQ3PecxTox1Pqn0Fp4W9jevew5fPxU_-ERXJO3Wf2i1gWqONi4LbX3rE6dQDPJX1We66-UGzKfQtDchQQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=5bd065fe525f2a378aa0fdc6d4284942f5e2f15c
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f0fcd650-6750-4797-861b-15d1d0bd641d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
ad.doubleclick.net/pcs/ Frame 4093 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvMWkPoBZMTFSPSqcUETF0wH-_i3sslaGLGvT1apahCgXWhUdEfNcdWyu-5weyYrHtce1QbpAskrbZuxnpjhzckxzWesExEKAk2tc_5I9LIj31mOk7o_9QkmJIleeT2ydm5Ocm7i7YBuucUFEVuPOOjvVLKLBgib2EBQI4s0Cl7cn2jMRCGPS-nm6MKvQczubdiygu1uM-cNfl-VUPqmSKMCAUc32u6zt06ulOciA27UdCUnYTq2_sUeHcFQrxorvscMzArHG5xG45T1Vm1bi28Ok62lEpdN-i7EttONsHiBLn25MblflLRQ2Suq1qYUXkoXQkpU69wizaQo8V6vtyOdI11YezAi2JtHAPs8kgcoU_2FKEB4DyastY6E0dc62US_QF6kqXymrb5YoioWOmtQ7TKCIM5TUYEQ5o1J6wdvHcEq3E5OKas2UkYDBSJY0o4PHsHYjOafKnYydFoPir3bnNWiMu8B1LSiFRMkzDgfKLeTbOhGLMmOzpELWsGduenj4vJLAXQDoU9uj3dH398lzrUxUxHFsqIoalKu16wq9aOqeneqsMEomW2pLiKKr-gCJIPLnCq-X7GBkuD8SrqPx39UDL7dyvQek3eTOjoBdLNGG__-YF2u4Ko6bau1GiIG_EbXc0knck16M9BLmUUM5-vpmt9hyBIkiMLJuzD6TBWCBRTXJtsK9VcPRxnWrUP2-np0QMFxjZvHnyxGJ0XmhOT6vAYdrfdw2AY_2Urjl-blhmGR72bijkdbE3NaQ1pDiHRxmRFz5_1jtGQVWAhPkTEFSs1dngelWI95NRd8LpSjYl2GzqWf7qJZKzSqKHtEGAOt9DUbHFnH_0c3HWLSQ4ihgNUWu26ajx0_9A_Q0gUM6hhg9GxLDq9LlBsOo5Yo7SR9lBV3EMU1n0FTjLcjP2Yb-iIM0luNDNtieEXUgSFigRW4S_CzCKBwCBrwgdMLHLqsxVKkymdUO8AL3iqN5fg4CvRDw-n2JEEehT5rVBEZgWM0pNCLbxiKdSbHhAkKITS7R7Xr3WdSbh31xoYbtbrgb5Umyft7djHLXVxsMKruq8Ax4dSGqzgRCs331tFRJ_CpEXPad_RruL9KwpeBWv1ygJCDH0G5p6-96wL7KT7dumHnINsyQlwAn00FrbBg-zywsJdXIYle2Rnl8Xgd2KcI5hK3RFWGI-z1MOpxcVki2LytKasBkan5Ca013Qax4Nc87Kn_VUqcD-qbMR7BS_3bDyHarVpfgleNBphhhAs-mwZM7vbZUwYNcb58hZ20JIg5kMl_kOPZtrfTG-eg2x9L48nxu_vqU2m1nXxH4oILwEeA9Ma59vCn0cINGMAbWo5dpqHSc9DeRmWkKKIV9yQgdm7I7ixygt9ZNb1Kgx04GXVBJQ6K5Q1NlsEgekLl8uNV4NCQssOP8i43r2pcTFSXBat6-3q12gdpiuNp_cKMUbMCIykR9n6BFUq_XWnEs_o1qQ-ZQX0edq-aSLfskfkxpqHmQdkMHShuR9YcimpDRfYk1XT0Ygmfe-K4OHOQR7lr1xZubFYnZq9MB2yNA1093bOjywp3nrdDDDcF1-H0y_3vi_E8iuwUCtVRwCBc5lSBeP68DMpezPeQsU2hIsofl-X-IgGzaqANkD1M9x49zevW5IcWq0MtVJJ9SmarCj_HrpHjCUWocLf6OU&sai=AMfl-YTdv8NZe7Hr69NMjjgcBUwQujuqLWJhZgKUT77UFQP45R87LFImD-WmnwX-8RBh4tGGTOD_jewbm-4oAlzgej_-8bBPOBYIOMMaJVkeHknEh2rX0AxGIZUbuxjq5k9UjRxuGkKHSimkVdmpxcpPt-Irmu_q6DZ2g5qE93aL6TdP63hlwXY-IgdzNrOoTqkFAwYmvKCjwXjuuDQS84urYX4IgqJ06wKzFEbacTh8kaU3vWCsbvftsLxX54X8VCTj_4ScsYXFHwg4nmHetcxGjY1OG7sp4E5gUNzH-JhO4X2LzUbpq3Ct-A7b7s1V_zQ6TJ0s_0mVaztJSSoxNPbLnxeAgww3wLjSMzMNeSgTIBQarZuOqnUngcQWy-gZo4FtgeQxTMCLGDx4vPqkJdMsq54VjpcJTBwlWLdwa0PktyjZb_6SWLBA0UKFEK0e165yQqp4CJ9Rza9Ur3yZydhBBsnkY1b966bvTAACRhnUcCg_Cbjo8WqzHl2gAr9AsdSDpmY213GAk9LrRBkt809hRKZ5ofuvulayY0cjBGZA0ly8mwb_Y41UcxpsL2SCe5hOvKJ--f_upx0X4PEAkpDB4QGQy_du3ETteylHWCbDQqTnrnjTUixndKE&sig=Cg0ArKJSzCqR_63XqGrrEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9icml0aXNoY291bmNpbC5qcA&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&nis=4&adurl=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/png
content-security-policy
script-src 'none'; object-src 'none'
cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
x-xss-protection
0
attribution-reporting-register-source
{"aggregation_keys":{"649819404":"0xd1e5bbed28992f8b0000000000000000","649819405":"0x206406851b710ebb0000000000000000","649819406":"0x112aab211b70e95f0000000000000000"},"debug_key":"1548669650307183695","debug_reporting":true,"destination":["https://britishcouncil.org","https://britishcouncil.vn","https://britishcouncil.hk"],"event_report_windows":{"end_times":[86400,345600]},"expiry":"2592000","filter_data":{"14":["131106192","131184515","131184821","131184824","131226391","131226394"],"21":[],"23":[],"24":[],"25":[],"26":[],"27":[],"28":[],"29":[],"8":["14019749"]},"max_event_level_reports":2,"priority":"0","source_event_id":"459924150153892504"}
server
cafe
dc_oe=ChMI1N3kl5jikAMVC1NeBB3sqSpQEAAYACDF1sR0QhMIjfe6l5jikAMVHu4WBR0VRQAgSABQOljPpwFg5pO6EGim_7zOAXil2dcGggFxChMIjfe6l5jikAMVHu4WBR0VRQAgEhMIlq7kl5jikAMVbk4PAh0ilAUjIhoImZOEu1QQ3d-EyQKoAqeko_cFsAK...
ade.googlesyndication.com/ddm/activity/ Frame 4093 		42 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI1N3kl5jikAMVC1NeBB3sqSpQEAAYACDF1sR0QhMIjfe6l5jikAMVHu4WBR0VRQAgSABQOljPpwFg5pO6EGim_7zOAXil2dcGggFxChMIjfe6l5jikAMVHu4WBR0VRQAgEhMIlq7kl5jikAMVbk4PAh0ilAUjIhoImZOEu1QQ3d-EyQKoAqeko_cFsAKPxJDmAyh_QAHgAQGAAgGYAgGgAsDQ1-KgFagCBsACTsgC2OnfI5oDBJJGyavQAwM;dc_eps=AHas8cDcNbw1Egr_V197mt9ZYlRNtz1zqY7EpTi6ZDOOGo4df97qB09QPVwZWfF0VvA7u6tfc1KGuoDwTbMOJklGmmI;met=1;ecn1=1;etm1=0;eid1=11;
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.77.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
maa05s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4093 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C84D0XgYPaY3QG57c29gPlYqBgAKU7ZSqgwHA0NfioBWF99ib_EUQASDY6d8jYInzxYT0E6AB367D4CrIAQWoAwHIA5sEqgSvAk_QMNo4QgJTKQeIheqXDzScw6WC6Xkqxrd_S98j1SMmUVqzjKP_AUvvnL9PYct0pV8mWydBQztxgjZJX3TfaB6TNBFMxO12CTW0R_YImksRWqh8aBWwFprL7JqcFU8IkElEqGNc077vHICNFVkuo8xh5l1eWzL4WxZHLPG1JTcnZWp1Maz-0dakng4HFK4Mxy_LcqVQbByegvgMQ8MAyzTQ-FOjumCrOt-ZRUs1oYcduZrpTy1T81FsnSFiOi8OvCN9T8I5-P9w8TFUgzlVLh_M9M_O4RRK6Ei3mnjU3dJNozc_pCO4DRT_V10LR1ZYE0UY9j0jZwyV1oXcmfjhfFxUhIdE89-0RaBSTIoTHl_mkiGNf4vdRHqwHOeN3rlUE_EdykGVIE85dfJQLkMdWMAEqebbkawF4AQDiAWZk4S7VJAGAaAGToAH3-aTwAWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB-fXsQLYBwDSCC8IgGEQARifATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliQ3bqXmOKQA4AKAZgLAcgLAYAMAaoNAkpQ6g0TCJy6zZeY4pADFR7uFgUdFUUAIIgOCbAT14mOH9gTDYgUA9gUAdAVAcoWAgoA-BYBgBcBshcOGAIqCjY0NTAxMzY1NDOqGBcJAOBGfjJT8UASCjY0NTAxMzY1NDMYAbIYCRIChVQYTiIBALIZATXQGQE&sigh=tHxvGaG9HbU&label=part2viewed&ad_mt=5
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
pixel
cm.g.doubleclick.net/ Frame 4093
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CP7anuAFEKeko_cFGN3fhMkCIAEwAQ&v=APEucNWkezOVi2HNAYCc-9KnupNQRmCLezx0DiA8DY_z5frVxeXMqN45FEokNO49g1spgud0tHa-qERZnvAE95SixJJSYYubQ3n3Ih_ib4YNlJ0tswa...
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ZmUyNTUwZGY5NjIzNTAwY2JmZGVlN2FkNTZjYTY2ZmI=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ZmUyNTUwZGY5NjIzNTAwY2JmZGVlN2FkNTZjYTY2ZmI=
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=ZmUyNTUwZGY5NjIzNTAwY2JmZGVlN2FkNTZjYTY2ZmI=
timing-allow-origin
*
x-content-type-options
nosniff
access-control-allow-origin
*
content-length
0
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
1; mode=block
server
nginx
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4093 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 4093 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C84D0XgYPaY3QG57c29gPlYqBgAKU7ZSqgwHA0NfioBWF99ib_EUQASDY6d8jYInzxYT0E6AB367D4CrIAQWoAwHIA5sEqgSvAk_QMNo4QgJTKQeIheqXDzScw6WC6Xkqxrd_S98j1SMmUVqzjKP_AUvvnL9PYct0pV8mWydBQztxgjZJX3TfaB6TNBFMxO12CTW0R_YImksRWqh8aBWwFprL7JqcFU8IkElEqGNc077vHICNFVkuo8xh5l1eWzL4WxZHLPG1JTcnZWp1Maz-0dakng4HFK4Mxy_LcqVQbByegvgMQ8MAyzTQ-FOjumCrOt-ZRUs1oYcduZrpTy1T81FsnSFiOi8OvCN9T8I5-P9w8TFUgzlVLh_M9M_O4RRK6Ei3mnjU3dJNozc_pCO4DRT_V10LR1ZYE0UY9j0jZwyV1oXcmfjhfFxUhIdE89-0RaBSTIoTHl_mkiGNf4vdRHqwHOeN3rlUE_EdykGVIE85dfJQLkMdWMAEqebbkawF4AQDiAWZk4S7VJAGAaAGToAH3-aTwAWoB6fMsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgHmgaoB_-esQKoB9-fsQKoB_jCsQKoB_vCsQKoB-fXsQLYBwDSCC8IgGEQARifATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOliQ3bqXmOKQA4AKAZgLAcgLAYAMAaoNAkpQ6g0TCJy6zZeY4pADFR7uFgUdFUUAIIgOCbAT14mOH9gTDYgUA9gUAdAVAcoWAgoA-BYBgBcBshcOGAIqCjY0NTAxMzY1NDOqGBcJAOBGfjJT8UASCjY0NTAxMzY1NDMYAbIYCRIChVQYTiIBALIZATXQGQE&sigh=tHxvGaG9HbU&label=vast_creativeview&ad_mt=5
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-bf-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8544321996124660&output=html&h=250&slotname=6450136543&adk=2937738629&adf=3554593889&pi=t.ma~as.6450136543&w=300&lmt=1762592350&format=300x250&url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&wgl=1&aieuf=1&aicrs=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&abgtt=8&dt=1762592349989&bpp=1&bdt=698&idt=403&shv=r20251105&mjsv=m202511040101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=4466936478226&frm=20&pv=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=520&ady=289&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=95376582%2C95376902%2C95377330%2C95344790&oid=2&pvsid=167238123525377&tmod=2136220936&uas=0&nvt=1&fc=1920&brdim=10%2C10%2C10%2C10%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&plas=260x675_l%7C308x675_r&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=411

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
csi
csi.gstatic.com/ Frame 4093 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=5~mhq1z6dg&c=1041434686691&slotId=520717343345&qqid=CI33upeY4pADFR7uFgUdFUUAIA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2067&mt=video%2Fmp4&vs=576x1024&dm=21000&ple=0&umsem=0&event_name=first_play&asset_bytes=203457&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=vil.vk~ff.vv~videopreviewstarted.vw&faa=1&alp=1&arpa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E07E 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=142607
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 08:59:11 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 88B1 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=142607
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 08:59:11 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
app.js
adsdk.bing.net/viewability/ Frame 8D41 		186 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b77vkr9whC1TYO52ts00000011e000000000dmcz
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
c.gif
www.bing.com/aes/ Frame 8D41 		0
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=ee1899e82f7a4c15b45d92e48cf141c3&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.98813417.1762592351.128f53eb
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8CD6ECB93D7948F6BF117C500C535A93 Ref B: TYO201151001060 Ref C: 2025-11-08T08:59:11Z
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame 8D41 		0
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=5199938f-fc01-412f-9788-ae1c8cb83370&bidId=1&bidderId=4&cmExpId=HO&impId=5150531317853082512&oAdUnit=391466&publisherId=162645330&rId=c930d75b-7f1e-4f34-9765-7a744baf7bb3&region=apac&rtype=miFeedbackURL&tagId=35091408&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&uberGroup=hore_3c&uberSubGroup=erfreir&sdkv=1.100.42&aid=5150531317853082512
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.98813417.1762592351.128f53ed
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0CF3476011BC4EFAA768FD99B6ED90F5 Ref B: TYO201151005040 Ref C: 2025-11-08T08:59:11Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin
th
www.bing.com/ Frame 8D41 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1319414055822102_1JN7UQVG7EXKE5P&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e109a1f9b6cafc02e7d68649c5a458e0dac2b8552ccb4346b5ebd17197f41074

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.98813417.1762592351.128f53ec
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
31308
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/jpeg
access-control-allow-headers
*
app.js
adsdk.bing.net/viewability/ Frame CCB7 		186 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b77vkr9whC1TYO52ts00000011e000000000dmcz
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
th
www.bing.com/ Frame CCB7 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1319414055822102_1JN7UQVG7EXKE5P&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e109a1f9b6cafc02e7d68649c5a458e0dac2b8552ccb4346b5ebd17197f41074

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.98813417.1762592351.128f53ec
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
31308
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/jpeg
access-control-allow-headers
*
c.gif
www.bing.com/aes/ Frame CCB7 		0
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_1-1-0?&RG=7ed94dc0389e4eb896e4fa6f627a6f69&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.98813417.1762592351.128f5400
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E3EC10CB05AA4D7CAAFD52E0865CA4C4 Ref B: TYO201151006062 Ref C: 2025-11-08T08:59:11Z
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame CCB7 		0
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cdebb4d5-fd46-4885-8014-9d6cd6e8f625&bidId=1&bidderId=4&cmExpId=LV8&impId=4860473008716302163&oAdUnit=391466&publisherId=162645330&rId=aa30f7b5-c09b-4199-a357-279e44394281&region=apac&rtype=miFeedbackURL&tagId=35091406&trafficGroup=knaqe_3c&trafficSubGroup=erfreir&uberGroup=hore_3c&uberSubGroup=erfreir&sdkv=1.100.42&aid=4860473008716302163
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:47::1734:8c93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.98813417.1762592351.128f5401
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 74E80B766B9E4F37BCB6A3F35EFCA3D4 Ref B: TYO201151005040 Ref C: 2025-11-08T08:59:11Z
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin
app.js
adsdk.bing.net/viewability/ Frame 3AF6 		186 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.bing.net/viewability/app.js
Requested by
Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2b1b34748a86b16447b887b4520304dc855dcebb4a8f6f6c502f46a97254084a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

x-azure-ref
20251108T085911Z-r18f5df8b77vkr9whC1TYO52ts00000011e000000000dmcz
cache-control
public, max-age=1209600
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
content-encoding
br
x-ms-request-id
3698aa83-f01e-00fa-4198-4f1029000000
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Sat, 08 Nov 2025 08:59:11 GMT
x-ms-blob-type
BlockBlob
content-type
application/javascript
vary
Accept-Encoding
last-modified
Tue, 14 Oct 2025 12:24:51 GMT
c.gif
www.bing.com/aes/ Frame 3AF6 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_2-1-0?&RG=dc1f7b316da240ed97e9e5d336e27447&SNR=1&GV=2&med=10
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.192.46.24 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-46-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private,no-store
x-cdn-traceid
0.df2dc017.1762592351.2c8db5c7
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BE108F34C54949C295AC9B40B39D285A Ref B: TYO201151004054 Ref C: 2025-11-08T08:59:11Z
quic-version
0x00000001
alt-svc
h3=":443"; ma=93600
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin
tracking
www.bing.com/api/v1/mediation/ Frame 3AF6 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=64a7f912-a117-4076-90e2-f88fc2d31431&bidId=2&bidderId=4&cmExpId=LV3&impId=7266882281465610129&oAdUnit=391466&publisherId=162645330&rId=ae82a3b2-c9c1-4bec-9148-7789cd019334&region=apac&rtype=miFeedbackURL&tagId=35091410&trafficGroup=knaqe_3c&trafficSubGroup=oenaq_fnsrgl&uberGroup=hore_3c&uberSubGroup=erfreir&sdkv=1.100.42&aid=7266882281465610129
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.192.46.24 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-46-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store, must-revalidate
x-cdn-traceid
0.df2dc017.1762592351.2c8db5c8
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6B3166C0082E46A29B2FF1AAED0157F6 Ref B: TYO201151006025 Ref C: 2025-11-08T08:59:11Z
quic-version
0x00000001
expires
0
alt-svc
h3=":443"; ma=93600
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
vary
Origin
th
www.bing.com/ Frame 3AF6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.1324911648712123_1P541VDL67G95MV&pid=21.2&c=17&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
23.192.46.24 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-46-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dd4b50819e97653ec05476bf1cb23456d7e536d863bdbe05a01ab4230c295433

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
public, max-age=2592000
timing-allow-origin
*
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
httpcacheability
4
x-cdn-traceid
0.df2dc017.1762592351.2c8db5c9
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth&ndcParam=nadatio"}]}
access-control-allow-methods
GET, POST, OPTIONS
quic-version
0x00000001
access-control-allow-origin
*
alt-svc
h3=":443"; ma=93600
content-length
23609
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/jpeg
access-control-allow-headers
*
bounce
id5-sync.com/ 		29 B
532 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/bounce
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="CAO PSA OUR"
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
text/plain;charset=utf-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::42db , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
/
Resource Hash
aa92e3cf0037e9e634263d14bcbdaecd84e4943e425dbe1e44c84ea634287dd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
54
date
Sat, 8 Nov 2025 08:59:12 GMT
content-type
application/json
vary
Origin
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
d5c744b116eb97db50c8452d4cd743b52303353db77498bfc285df070283ffc6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-encoding
gzip
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
rd_log
sin3-ib.adnxs.com/ Frame 8D41 		0
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCN6MvMgGEJCnoamenpe9RxgAKjYJAAAAEJ_ikz8RAA0JKBkAAACgR-HqPyEADRIAKREJ9A4BMQAAAOBRuK4_MNDn3RA4zxxAtV5I4wNQuomKtgFYnpB3YABow4KQAXjW0gWAAQGKAQNVU0SSAQNKUFmYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgC_EPgAvWzXeoCKmh0dHBzOi8vdHdpbmtsZXNwaG90b3MuZXhibG9nLmpwLzMzNDQzOTU1L4ADAIgDAZADAJgDF6ADAaoDAkgAwAPYBMgDANgDh-o04AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0Ni43MC4yMDEuMTcxqAQAsgQSCAAQARisAiD6ASgAMAA4AkIAuAQAwAQAyAQA2gQCCAHgBAHwBAX3WIgFAZgFAKAFo_nxjp67isg7wAUAyQUABQEQ8D_SBQkhYgUB8DzYBQHgBQHqBQwKCFRXSU5LTEVTEgDqBQ0KCeODluODreOCsBIA8AXK16sB-gUECAAQAJAGAJgGALgGAMEGBUIwAPA_0AbCjQTaBhYKEAkSGQF8EAAYAOAGAfIGAggAgAcBiAcAmAcBoAcByAfW0gXSBw8ViAEpFCAA2gcGCAUL8GXgBwDqBwIIAPAH69oEighHCkMAAAGaYrDfMEd6XPHlKFOQkj2J1M7rwud8ChGpRhs8rsTCYnK2RRwsCFO0YG0nswAjTfIBss5ptWM4gMjN4Whsb2e0EAGVCAAAgD-YCAHACPxD0ggNbTDaCAQIACAA4AgA6AgA&s=fb639fc3ee6720abb290953ca87e9b87b9cde9e8&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2F45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
c8609a88-01e6-4bf9-9066-362a47a35ccd
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5433619514666682
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983122
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:11 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df76beaf62d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
rd_log
sin3-ib.adnxs.com/ Frame CCB7 		0
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCN6MvMgGENOOo6exzve5QxgAKjYJAfZv_tE-pT8RAQ0JJBkAAAAgXI_qPyERGwApEQn0DgExAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeM_RBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgMCSADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xNzGoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEBfdYiAUBmAUAoAWC19yD0cGmokDABQDJBQAFARTwP9IFCQkFC_BAAAAA2AUB4AUB6gUMCghUV0lOS0xFUxIA6gUNCgnjg5bjg63jgrASAPAFyterAfoFBAgAEACQBgCYBgC4BgDBBgABQjAA8D_QBsKNBNoGFgoQBREdAXwQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB8_RBdIHDxWIASkQIADaBwYBY_B7GADgBwDqBwIIAPAH69oEighHCkMAAAGaYrDfMENz3nMU6MdT6p9BaeFvY3r3sOXz8VP_hEVyTt1n9otYFqjjYuC2196xOnUAzyV9VnuuvlBsyn0LQ3IUEAGVCAAAgD-YCAHACPxD0ggGCAAQABgA2ggECAAgAOAIAOgIAA..&s=e935b6484fea4d790380ec5503b38064fc2f2f21&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2F45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
097dd806-c2c6-4954-8e4c-4162f12c662d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
rd_log
sin3-ib.adnxs.com/ Frame 3AF6 		0
842 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&e=wqT_3QKaBaCaAgAAAwDWAAUBCN6MvMgGEJH_2Zrv3cnsZBgAKjYJAADAR_eEsj8RAA0JJBkAAADgo3DlPyERGwApEQn0DgExAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeMbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgMCSADAA9gEyAMA2AOH6jTgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTQ2LjcwLjIwMS4xNzGoBACyBBIIABABGKwCIPoBKAAwADgCQgC4BADABADIBADaBAIIAeAEAfAEBfdYiAUBmAUAoAXDwf7-jNmDr1vABQDJBQAFARTwP9IFCQkFC_BAAAAA2AUB4AUB6gUMCghUV0lOS0xFUxIA6gUNCgnjg5bjg63jgrASAPAFyterAfoFBAgAEACQBgCYBgC4BgDBBgABQjAA8D_QBsKNBNoGFgoQBREdAXwQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB8bSBdIHDxWIASkQIADaBwYBY_B7GADgBwDqBwIIAPAH69oEighHCkMAAAGaYrDfMGTZJu7zVn-RchcGb9kX6axfgl4rsurH78UIQbmWEuE0NtpWMBxRYxM0gWQUEdIpP0NZ5bOgjT9PM9HWEAGVCAAAgD-YCAHACPxD0ggGCAAQABgA2ggECAAgAOAIAOgIAA..&s=ec848aa8a898a1e14f6d8139cea166a5cbc673e7&bdref=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F,https%3A%2F%2F45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-45%2Fhtml%2Fcontainer.html,about%3Asrcdoc&
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
41496acb-df82-4bfc-8996-96457876b4f0
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
geo
ut.pubmatic.com/ Frame E07E 		22 B
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 88B1 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
gen_204
pagead2.googlesyndication.com/pagead/ Frame 352C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bs7xvXwYPaZSyCIum-dIP7NOqgQUAAAAAOAHgBAI&bg=!7e6l7qHNAAaIPp6FqD47ADQBe5WfOBoX1v_bqNxEnTd3Gzv2LpQCrYCQK2XRO6tUWcywXG8Z5y-QTxLZ0bY6U0sV9_2lAgAAAPBSAAAABGgBB34ANehdrw1Vibl8cudovnFKbPjIELb0_Qh8P_Cf3ADzozr7wheAtF31wCF-h0nXMnqL2zR_l9lACgDEZ6Qy5P5RwL3FtXDhY1BeNHBVcxyb26VJtYkn3ps2NzpQZQOMHjzcA89_TQF2LGrbxMSRzldEnRgxKoh19GHRt6Wu4X-_LLwW0ylQ_WEbP3zuCNX53r_pb8Egum2iw8jzPY0rD5jtqu5-uSJbXgkXcr6H7U_AlMim9mnh8OPVckWUh8MCeWP7HLQNVYmUvd-r0ErCX3IqXJrKxq8qmQnxhpCWiNbHbaULQLPhifw30LW_KfhKsO847tYH9frJa8fxq-YBT5kCeL5RgIxSVhtdCahc57QmmqWirIzgXnYzMpwDbCETXf5Ph2onK5SP5wukIh8TNirCnYni9jibdGiXWlDJUW1HHPvIp9lMQfciqKpiN1x0fNXzE4IoVQnyiWIDcnnUW4hYMm0YkNzzV5QrEjkC2r4vSQ4qyLSsiUp3OuWrkGjNircJf_16413aU8LiP9o1o6DDYfUG38zJaVRoPRq9B7wianN5idPjoZNqj4aSUdlv0k4cswBFbopaBTLbsrMVmg4hSLwt4m8FjrwI9is4CkMmqw6pe0QYPnO1IbH7FIjcw5WlMKpN9SI5yQMtJgb2nt_EQ2jm1fwZ8jZG9GKfxZVJ5hzoYqaT7D3NYlHJG_pBHTbU0h2ZH4F3z6VQlg-hRuwKKJohsvuWXjZIOMKaVE1xqoFViFkvpDzcyJKGJgCl9e415IwX0x5WKjeYJs-11WO5gKUj8dOkeTqwMszYiH7gDG90MRRIr61vg7BqqCBqd--n_wHD9yp4aqoKFjziGuGM5_i018WQggYAITU1Z3ED4N0COtiOoJEvHfycQuNLI-odF2rEhlD5ol1FIZzvE-6Ay7k1NnLsiGyd_sdu-chLppQcKv3dBA_NWyN-5qddz_Luq6O448Lg0ILzG74LHKMRBM4nhfnlCGtOF9-HlXG3iHOhUjagibUKKGhD8XN7l04gpgdKoKFmbGmXdIKZFOJHccSCPLjnjPK_UMK6FVel0QGYEqzDc8wY8ketAy0e6ZKvOAPNOSkLoaQ3sV9wx6u37wSKQCXJbvw_oW-ap1Id2-d_EofJgHa4GtCsj0dW9g1OBvTmyjdwV7SRGg8sa_52ixoKb0YGJXVa
Requested by
Host: twinklesphotos.exblog.jp
URL: https://twinklesphotos.exblog.jp/33443955/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://tpc.googlesyndication.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FAA6 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.40.192.188 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-40-192-188.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=142607
content-encoding
gzip
content-length
7259
content-type
text/html
date
Sat, 08 Nov 2025 08:59:11 GMT
expires
Mon, 10 Nov 2025 00:35:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
px.gif
ad-delivery.net/ 		43 B
112 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.5794517309316334
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983122
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:11 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df774ffa62d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
geo
ut.pubmatic.com/ Frame FAA6 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.007613196382931897
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
geo
ut.pubmatic.com/ Frame E07E 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 88B1 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame FAA6 		22 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=159110
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26it%3Dadg-pb-clt%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.87 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
dcda7f2217e5134c1c987c36f55dc3a2949959528d52ccb09ece3eddf53cff43

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
22
date
Sat, 08 Nov 2025 08:59:11 GMT
content-type
application/json
vevent
sin3-ib.adnxs.com/ Frame CCB7 		0
891 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&e=wqT_3QLlCKBlBAAAAwDWAAUBCN6MvMgGENOOo6exzve5QxgAKjYJAfZv_tE-pT8RAQ0JJBkAAAAgXI_qPyERGwApEQn0GQQxAAAAQOF6tD8wzufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeM_RBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgPmAwr6Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPWNkZWJiNGQ1LWZkNDYtNDg4NS04MDE0LTlkNmNkNmU4ZjYyNSZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1MVjgmaW1wSWQ9NDg2MDQ3MzAwODcxNjMwMjE2MyZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWFhMzBmN2I1LWMwOWItNDE5OS1hMzU3LTI3OWU0NDM5NDI4MSZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDA2JnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9ZXJmcmVpciZ1YmVyR3JvdXA9aG9yZV8zYyZ1YmVyU3ViR3JvdXA9ZXJmcmVpciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzQ4NjA0NzMwMDg3MTYzMDIxNjMiCTM4MTg0NjcxNCoEYmluZzo4VTJWaGNtTm9RV1FqT0RJME5qTTNOemcxTkRBMk9ESWpNak16TkRJMk16RTROamMyTVRJeU53PT1IAMAD2ATIAwDYA4fqNOADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA4xNDYuNzAuMjAxLjE3MagEALIEEggAEAEYrAIg-gEoADAAOAJCALgEAMAEAMgEANoEAggB4AQB8AS6iYq2AYgFAZgFAKAFgtfcg9HBpqJAwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyterAfoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbCjQTaBhYKEAAAAAAAAAAAAAAAAAAAAAAQABgA4AYB8gYCCACABwGIBwCYBwGgBwHIB8_RBdIHDwkAAAAAAAAAABAAGAAgANoHBggAEAAYAOAHAOoHAggA8Afr2gSKCEcKQwAAAZpisN8wQ3PecxTox1Pqn0Fp4W9jevew5fPxU_-ERXJO3Wf2i1gWqONi4LbX3rE6dQDPJX1We66-UGzKfQtDchQQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=5bd065fe525f2a378aa0fdc6d4284942f5e2f15c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=6359483921320505401&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091406&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
an-x-request-uuid
f2bdaf1c-0b30-4750-af2d-f0b994003a05
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame AAC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtByEvOjNms-2quE3pQD_HoOYDDtkKooGusAbjDhqaOsXoYE58WeJcE2w8o5RI-3FTcoSQam2rvLbX1-Ux0lmcLSn59ZpQlf53rCcxGJt2x1bHmINnGIPO--3kMsgVvurWt7jGIH9JkJYsg5imB8Hkw1m65IixCHOut8Mz2iAsrDcSPexSG9YvurwK33STfeCDOT-Dsp5hPEhHoi_9bHOhUeiVnGKzbYOnhGJN0ePIwSG7yXAuSjpvey7ISh2o3gTOYqoqJm4UqkJ0QhCCEHivtlRhHX7QdX3FW3vo7JVTueEK1FWctvazc0RqbKFllhZ2M0-bREow_P7yB-R_1rVqUqWatF-FwXPbex3HvBAh9ZNsixbektRTSNdDNrIA2iRUc4iJLhiQ1q1Gb6VfqCznYpCAI-7QM2TCDZei6frDTOQ6WuwnyNFEmRNplnJiPTqpTaIFoEnRKmKBpAK2jH97qEZ4KA&sai=AMfl-YSYK_zTK9GAjX6TvDD39V7IXeQYwcXzUacP6ci4px4O77sS8BSPDuatFS-sMrvpEWxpAFvfkIiImTjCkz0oOsVZCZMrK5Ryjckwpbt-QtcBhEDTgjIlwahRWCmZn6opXGx8RVxM5kQc9kxPi1HdN4vf4c4K3sfPDni_PDJvm43erqdmAl_qFdlksVFpv1rR2arDSZjc8-wi1eNFjN3_RzmP9OnUpU314aAlCrCw-ckojQowq3jG5QdqdAL2tLXLdYDE3w&sig=Cg0ArKJSzAr_iVtZKJyYEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:12 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
vevent
sin3-ib.adnxs.com/ Frame 8D41 		0
892 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&e=wqT_3QLkCKBkBAAAAwDWAAUBCN6MvMgGEJCnoamenpe9RxgAKjYJAAAAEJ_ikz8RAA0JJBkAAACgR-HqPyERGwApEQn0GAQxAAAA4FG4rj8w0OfdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeNbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgPlAwr5Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTUxOTk5MzhmLWZjMDEtNDEyZi05Nzg4LWFlMWM4Y2I4MzM3MCZiaWRJZD0xJmJpZGRlcklkPTQmY21FeHBJZD1ITyZpbXBJZD01MTUwNTMxMzE3ODUzMDgyNTEyJm9BZFVuaXQ9MzkxNDY2JnB1Ymxpc2hlcklkPTE2MjY0NTMzMCZySWQ9YzkzMGQ3NWItN2YxZS00ZjM0LTk3NjUtN2E3NDRiYWY3YmIzJnJlZ2lvbj1hcGFjJnJ0eXBlPW51cmwmdGFnSWQ9MzUwOTE0MDgmdHJhZmZpY0dyb3VwPWtuYXFlXzNjJnRyYWZmaWNTdWJHcm91cD1lcmZyZWlyJnViZXJHcm91cD1ob3JlXzNjJnViZXJTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNTE1MDUzMTMxNzg1MzA4MjUxMiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREk1TkRRNE1UUTJNelUzT0Rrak1qTXpORGMwTkRJeU16QXpNakEwTlE9PUgAwAPYBMgDANgDh-o04AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0Ni43MC4yMDEuMTcxqAQAsgQSCAAQARisAiD6ASgAMAA4AkIAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAWj-fGOnruKyDvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXK16sB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgH1tIF0gcPCQAAAAAAAAAAEAAYACAA2gcGCAAQABgA4AcA6gcCCADwB-vaBIoIRwpDAAABmmKw3zBHelzx5ShTkJI9idTO68LnfAoRqUYbPK7EwmJytkUcLAhTtGBtJ7MAI03yAbLOabVjOIDIzeFobG9ntBABlQgAAIA_mAgBwAj8Q9IICwjz_9-7gB4QABgA2ggECAAgAOAIAOgIAA..&s=7b3e642a490a497911977bd4200cdd4c8ecd303c&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=6359483921320505401&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091408&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
an-x-request-uuid
27ff3b5c-56ba-4ff1-b55a-946246f989a5
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame 3CFB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlHu5vK49EY3URlms0LJEVpaoAqE9SsAiO3w29LYYODHliWPpxcPFzDitKoXx5mBlAilZsBUGvk1X5P3EuggS7og_XPrtqcuyELN-tiIH2giNz39LCoiUbbEpp18TnYp1SlVsDrKkKZznC9CL0MGg0lAH7NHZ1FNXtnQzzLOVPT6XH22pdm3qLWs2i737qDVHq68utCdbevsBEwkUL34H8OriyYCzmy6ZBYzYvN0FeWZWrblY1a7QXfx6TyF6cRBICFNJR8JlSoJMBtueO-G6QLtV7vdRRUdveGqc9WLKjmedm2ILJJLrbVUguhdv4eWiSWtXA4nXIesAhE4Hg7SiQWOYbdAtZ3Cuguoe77wP5RbS5hruuTgRvQYKkC19lPRy30Q_yyNtxeZ6jJBcK7Q48iDc0CHpuph9nlxYxw1FPvjpJpfn-UP6jRYW0dEalxOeUWWL8YocaRoX1UmWqcHVtYd_x-EQ&sai=AMfl-YSoOD9Yk9A8fBBB0WR3oym37XMG8r4yUvfq3FGpzRf5Bss5hH44AeOi1YuN7bSa1aGpnIDA7Oe2mFtUj2azz1cJF2OfFleUamRIUuvMT4cCZmxFxOwIqzC-zbfIabxXdtXcqacR7UDkTeaIOTABJwuKLL-5EfPD-odF4jpFtnPwLhI7pzk6hbpkxQc9YWt9lhnejqaayEcaJGVYwaEN_xtp2knIe_tJP_vK7_PrrSGNUay4XU-ZuCCLiA0lIbQgC7fMeg&sig=Cg0ArKJSzPNTohr_NBhvEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:12 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
vevent
sin3-ib.adnxs.com/ Frame 3AF6 		0
892 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sin3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&e=wqT_3QLqCKBqBAAAAwDWAAUBCN6MvMgGEJH_2Zrv3cnsZBgAKjYJAADAR_eEsj8RAA0JJBkAAADgo3DlPyERGwApEQn0jAMxAAAAIIXrsT8w0ufdEDjPHEC1XkjjA1C6iYq2AViekHdgAGjDgpABeMbSBYABAYoBA1VTRJIBA0pQWZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AL8Q-AC9bNd6gIqaHR0cHM6Ly90d2lua2xlc3Bob3Rvcy5leGJsb2cuanAvMzM0NDM5NTUvgAMAiAMBkAMAmAMXoAMBqgPrAwr_Amh0dHBzOi8vd3d3LmJpbmcuY29tL2FwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTY0YTdmOTEyLWExMTctNDA3Ni05MGUyLWY4OGZjMmQzMTQzMSZiaWRJZD0yJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmaW1wSWQ9NzI2Njg4MjI4MTQ2NTYxMDEyOSZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWFlODJhM2IyLWM5YzEtNGJlYy05MTQ4LTc3ODljZDAxOTMzNCZyZWdpb249YXBhYyZydHlwZT1udXJsJnRhZ0lkPTM1MDkxNDEwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9b2VuYXFfZm5zcmdsJnViZXJHcm91cD1ob3JlXzNjJnViZXJTdWJHcm91cD1lcmZyZWlyJmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTNzI2Njg4MjI4MTQ2NTYxMDEyOSIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPREkyTmprNU5ETXlNREUxTURnak1qTXpORFEyT1RNME5URXlPRGM0Tnc9PUgAwAPYBMgDANgDh-o04AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE0Ni43MC4yMDEuMTcxqAQAsgQSCAAQARisAiD6ASgAMAA4AkIAuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXDwf7-jNmDr1vABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXK16sB-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAJgHAaAHAcgHxtIF0gcPCQAAAAABayQQABgAIADaBwYIBQvwfuAHAOoHAggA8Afr2gSKCEcKQwAAAZpisN8wZNkm7vNWf5FyFwZv2RfprF-CXiuy6sfvxQhBuZYS4TQ22lYwHFFjEzSBZBQR0ik_Q1nls6CNP08z0dYQAZUIAACAP5gIAcAI_EPSCAsI8__fu4AeEAAYANoIBAgAIADgCADoCAA.&s=25541cfa48e061bd0b811ba1972eb0d0c5efe2ae&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=6359483921320505401&vd=ct~0|rr~0&sv=5031&tv=view7-28hs&ua=chrome52&pl=linux&x=v&tag_id=35091410&sw=1600&sh=1200&pw=300&ph=255&ww=300&wh=250&ft=3
Requested by
Host: adsdkprod.azureedge.net
URL: https://adsdkprod.azureedge.net/viewability/versions/v5.8.21/banner.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com
an-x-request-uuid
556b1f64-6e8f-480f-83ea-0793373c68d6
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.25.5
view
securepubads.g.doubleclick.net/pcs/ Frame 328C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupk8DDf-VKjt16451B2C7SoQZOy4OQzuGKkXkNzFoREIJYe4SFBBoPAQpTyh2UjFM5n12_IiOYDCdHFRZG_iOnBy34PXvZBO9yBT6APReWMA4W2YOmJO2ZZ1DZrlfcKX7V6e5Bpgu1jtR6beBSmSbngF_zBXTOOLrQZAkrx8guTp6M847l-E0bszUdaRWqIL48pqvOXAPMEbHVXU0wb9qVVewzTv-y1uK37Arh6A8gegFqJEt3wa7nqUxVWFhmX5zXiAw7YCPnyKuKDi4M4cFe8nJBGuHsmlPNKmnqDWrs0pj3aXQELRar4oJuTGhyBOwMLNQ-_axBJPF3PZpz0S3ODErm_O81Te89jG7gZzeX7kiyLWKLRfLwaUQq5PLJSCfgru211THyCQGWFA4Y97hHnl1mwQ5FPrEwDd2XFOOskQDG2D3YmGnFewG39rZYHLxmIaP6u1VCueCGL1ldkJiSp-KqPFOi&sai=AMfl-YRW3YxL8Dqav9V4JVQZALVVkurffP806KmGDOJHKa_1o-p3tNiigdAZ42rNzTJC-tHOJMUIArWCnzKw9l2-37s3AcOtrJxIhiV4vvuo7vR4IDobVQ8NcYvizbNoKHmz3OpueseWhZoThmozp7xCL4TWofZKTAsNB6-hvJdUNFLhSAJ3G32Mp4cpZ9X2XnGmYmmi-CWkXXzJ1W01AoejyyCwsQu7HOIJl-glWBJjbOIHaEvTpPKRdam5cY6dzabxTiBJSQ&sig=Cg0ArKJSzEbpF8A_p5xUEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.194.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lcnrta-az-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://45499d6f178e9c94c29682a468b389a5.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:12 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
csi
csi.gstatic.com/ Frame 4093 		0
57 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=6~mhq1z6m4&c=1041434686691&slotId=520717343345&qqid=CI33upeY4pADFR7uFgUdFUUAIA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2067&mt=video%2Fmp4&vs=576x1024&dm=21000&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20251027_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgcc:41:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:12 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
px.gif
ad-delivery.net/ 		43 B
163 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.805427427561218
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983111
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:12 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df79ede362d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.7720827097127994
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
sodar
ep1.adtrafficquality.google/getconfig/ 		18 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202511040101&st=env&sjk=167238123525377
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
3115a2a6ec3d0452adefee78b1623c5bd4588cffd8d7f7551f70f588999b2182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13597
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
share_button.php
www.facebook.com/v22.0/plugins/ Frame D80C 		41 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcb1679aceffcc7a8%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ff0a46a20ba7e6cac8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&layout=button_count&locale=ja_JP&sdk=joey
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ja_JP/sdk.js?hash=980985d9f313483bcd55506277250823
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
12af5b85886cc6221eb77e3bd896406c2a1ee77236123977de0465ba6871af61
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-JRDjLcqm' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
zstd
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-JRDjLcqm' blob: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com *.accounts.meta.com https://trustly.one/ https://*.trustly.one/ https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:12 GMT
document-policy
force-load-at-top include-js-call-stacks-in-crash-reports
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v22.0
origin-agent-cluster
?1
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma
no-cache
priority
u=0,i
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7570276509090700530&cpp=C3&cv=1029611225&st=1762592352488"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7570276509090700530&cpp=C3&cv=1029611225&st=1762592352488", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5239, tp=10, tpl=0, uplat=131, ullat=0
x-fb-debug
lgB1NPitN6X8fUS2Ut3HeUVt8GShOWYvYB13+zKjYvke537rrnMexaiLFqoY+vzDWEMMJ9Ltwrpb+5Q1FX53tA==
x-xss-protection
0
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202511040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sat, 08 Nov 2025 08:59:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
sync
ssbsync.smartadserver.com/api/ Frame A420 		981 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/a/latest/adagio.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.50.37 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
fa4bfc15c02e0081d183515b8e47a7b912ae78bafa8605edb836cfefc1c835f2

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,no-store
content-length
981
content-type
text/html
date
Sat, 08 Nov 2025 08:59:12 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
setuid
u.4dex.io/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3656
  • https://u.4dex.io/setuid?bidder=freewheel&uid=feceb766cb5c1668f6d1082fa9b9c68
0
701 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=freewheel&uid=feceb766cb5c1668f6d1082fa9b9c68
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 08:59:12 GMT
vary
Origin, Accept-Encoding

Redirect headers

Cache-Control
no-cache
Location
https://u.4dex.io/setuid?bidder=freewheel&uid=feceb766cb5c1668f6d1082fa9b9c68
Pragma
no-cache
x-sticky-vk
1762592352760036-9
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Content-Length
0
Date
Sat, 08 Nov 2025 08:59:12 GMT
Server
nginx
GzgedhmzSQa.png
static.xx.fbcdn.net/rsrc.php/v4/yn/r/ Frame D80C 		272 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v4/yn/r/GzgedhmzSQa.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcb1679aceffcc7a8%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ff0a46a20ba7e6cac8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&layout=button_count&locale=ja_JP&sdk=joey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
0187fed1f15750c2fa9e427912bb64d209aad8b47ee4fa9576f6666b68188d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://www.facebook.com/

Response headers

content-md5
lIjeC3eJAboxVqIOEs/Auw==
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 15:17:44 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/png
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
x-fb-debug
Yc7QddLCufYxxt/xXJwH3K8mdD0iVPrV0VfBpQ3TYQqnuN9q3KFW3tMhk2RWSIrygMEC9ug+G62PAOVEzBd/hA==
priority
u=3,i
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=5035, tp=10, tpl=0, uplat=0, ullat=-1
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
272
origin-agent-cluster
?1
yJlgzfKuqmf.js
static.xx.fbcdn.net/rsrc.php/v4iEpO4/yd/l/ja_JP-j/ Frame D80C 		536 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v4iEpO4/yd/l/ja_JP-j/yJlgzfKuqmf.js
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v22.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfcb1679aceffcc7a8%26domain%3Dtwinklesphotos.exblog.jp%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftwinklesphotos.exblog.jp%252Ff0a46a20ba7e6cac8%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&layout=button_count&locale=ja_JP&sdk=joey
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
fd35a435bc9255f4e986950bce123e3d6fab5ed88f014426a0ee619721500599
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://www.facebook.com/

Response headers

content-md5
68O9DpoFVb8e8B2d4gTjXQ==
content-encoding
zstd
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 23:39:48 GMT
alt-svc
h3=":443"; ma=86400
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
x-fb-debug
OZ4Yi21dCw4ay9oM/LeyNirsmY4PJBunHv9RVeU/V5+pKGXMUTCPWl+2xqyiFoKyubWWajIeiQUqzcWk6Hcz3Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
priority
u=3,i
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=25, mss=1232, tbw=6779, tp=13, tpl=0, uplat=4, ullat=-1
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin
*
content-length
142567
origin-agent-cluster
?1
v3
id5-sync.com/gm/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
aad3f8fe1a6261c059e227b5848d92272ae6e137a00b37e9626b420787f68d76
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="CAO PSA OUR"
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame A289 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1682
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:31:10 GMT
expires
Sat, 08 Nov 2025 09:21:10 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE63 		829 B
568 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.199.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s52-in-f4.1e100.net
Software
ESF /
Resource Hash
c86314325d95467be065994336e957ece4df5bb45850418c855621ae0000ce7a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zi_VcacouGhM9Q0j4e7CNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twinklesphotos.exblog.jp/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zi_VcacouGhM9Q0j4e7CNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Sat, 08 Nov 2025 08:59:12 GMT
expires
Sat, 08 Nov 2025 08:59:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
supply
events.browsiprod.com/events/v2/ 		0
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.browsiprod.com/events/v2/supply?p=77af46eb-796b-4291-b9db-39ea90e58c42
Requested by
Host: cdn.browsiprod.com
URL: https://cdn.browsiprod.com/sd/apps/middy/middy-desktop-4.51.1233.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.80.198.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-198-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:12 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-allow-credentials
true
TOCvFO5frGAUu_dYJQMz6Rf6wi7NrrHIMK70wbLAQEo.js
pagead2.googlesyndication.com/bg/ Frame A289 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/TOCvFO5frGAUu_dYJQMz6Rf6wi7NrrHIMK70wbLAQEo.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
4ce0af14ee5fac6014bbf758250333e917fac22ecdaeb1c830aef4c1b2c0404a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
174515
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Fri, 06 Nov 2026 08:30:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 06 Nov 2025 08:30:37 GMT
last-modified
Mon, 03 Nov 2025 09:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
20351
x-xss-protection
0
server
sffe
px.gif
ad-delivery.net/ 		43 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.3551913825381161
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983111
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:12 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df7c7c5862d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
sodar
pagead2.googlesyndication.com/pagead/ Frame AE63 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202511040101&jk=167238123525377&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://www.google.com/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
x-xss-protection
0
content-type
image/
server
cafe
generate_204
ep2.adtrafficquality.google/ Frame A289 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?soe0Ww
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
cross-origin-resource-policy
cross-origin
setuid
u.4dex.io/ Frame A420 		0
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=5337911933238270778&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

via
1.1 google
expires
0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
date
Sat, 08 Nov 2025 08:59:12 GMT
vary
Origin, Accept-Encoding
/
rtb-csync.smartadserver.com/redir/ Frame A420
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3c55f07d-1b63-480a-b694-61c7ada779ab&gdpr=0&gdpr_consent=
43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3c55f07d-1b63-480a-b694-61c7ada779ab&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.127.170 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 08:59:12 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=3c55f07d-1b63-480a-b694-61c7ada779ab&gdpr=0&gdpr_consent=
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2001341
expires
Sat, 08 Nov 2025 00:00:00 GMT
x-errorlevel
0
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
date
Sat, 08 Nov 2025 08:59:11 GMT
server
Kestrel
/
rtb-csync.smartadserver.com/redir/ Frame A420
Redirect Chain
  • https://ssp.wp.pl/v1/sync/smart/uid?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D55&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=55&partneruserid=dbd3bb6638d27b363584d375d118dcfb%3A8bb697%3A1762592353%3Av3
43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=55&partneruserid=dbd3bb6638d27b363584d375d118dcfb%3A8bb697%3A1762592353%3Av3
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.106.127.170 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 08:59:13 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&gdpr_consent=&issi=1&partnerid=55&partneruserid=dbd3bb6638d27b363584d375d118dcfb%3A8bb697%3A1762592353%3Av3
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
179
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
server
nginx
v1
match.sharethrough.com/sync/ Frame A420
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5337911933238270778&gdpr=0&gdpr_consent=
68 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5337911933238270778&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
13.228.29.185 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-29-185.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

cache-control
no-cache,no-store
location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=5337911933238270778&gdpr=0&gdpr_consent=
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Sat, 08 Nov 2025 08:59:12 GMT
pragma
no-cache
byN59NcB
sync-tm.everesttech.net/ct/upi/pid/ Frame A420
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/byN59NcB?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D170%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D170%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent...
85 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D170%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=aQ8GYAACRvp5tQAJ
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H2
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

x-robots-tag
noindex
cache-control
no-cache
x-timer
S1762592353.009401,VS0,VE0
age
3483
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
x-cache
HIT
content-length
85
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
image/png
x-served-by
cache-tyo11982-TYO
server
Jetty(9.4.35.v20201120)
x-cache-hits
14456

Redirect headers

x-robots-tag
noindex
cache-control
no-cache
location
https://sync-tm.everesttech.net/ct/upi/pid/byN59NcB?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D170%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=aQ8GYAACRvp5tQAJ
x-timer
S1762592353.833763,VS0,VE165
pragma
no-cache
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length
0
date
Sat, 08 Nov 2025 08:59:12 GMT
x-served-by
cache-tyo11982-TYO
server
Jetty(9.4.35.v20201120)
x-cache-hits
0
bsync
visitor-waardex.omnitagjs.com/visitor/
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=256788&t=image&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dmadopi%26it%3Dadg-pb-clt%26uid%3D%7BUID%7D
  • https://visitor-waardex.omnitagjs.com/visitor/bsync?uid=f9f79c63be893b97a3364690a09d0b8d&name=WAARDEX_SSP&url=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D256788%26dsp%3D688143%26t%3Dimage%...
0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-waardex.omnitagjs.com/visitor/bsync?uid=f9f79c63be893b97a3364690a09d0b8d&name=WAARDEX_SSP&url=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D256788%26dsp%3D688143%26t%3Dimage%26uid%3DPARTNER_USER_ID
Protocol
HTTP/1.1
Server
141.94.172.236 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

date
Sat, 08 Nov 2025 08:59:13 GMT
server
envoy

Redirect headers

Cache-Control
no-store
Location
https://visitor-waardex.omnitagjs.com/visitor/bsync?uid=f9f79c63be893b97a3364690a09d0b8d&name=WAARDEX_SSP&url=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D256788%26dsp%3D688143%26t%3Dimage%26uid%3DPARTNER_USER_ID
Content-Length
0
Date
Sat, 08 Nov 2025 08:59:13 GMT
Server
nginx
Connection
close
favicon.ico
ad.doubleclick.net/ 		1 KB
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250&e=0.7036646848666339
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options
nosniff
expires
Sun, 09 Nov 2025 08:59:12 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
image/x-icon
vary
Accept-Encoding
last-modified
Tue, 08 May 2012 13:08:06 GMT
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
content-length
104
x-xss-protection
0
server
sffe
9.gif
id5-sync.com/c/1159/19/0/
Redirect Chain
  • https://id5-sync.com/i/1159/8.gif?o=api&id5id=ID5*62U9xS_Yhkbfw7gn9fZRQcUDP_z_pDC112_s4DGkU3D__2kPBmBaAAEBCmkPBmAAYDwYrAJ7ds6JM9Ng12i7Kw&gdpr_consent=undefined&gdpr=false
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/1159/2/7/2.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1159/2/7/2.gif?puid=409973595572320909&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=246ca134-2766-4e4a-a408-eb2751e5cc6e&ttl=%%TTL%%
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F441%2F5%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1159/441/5/4.gif?puid=a_c751668b-0d6a-4c7b-adce-1f8e5da13a22&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F108%2F4%2F5.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&g...
  • https://id5-sync.com/c/1159/108/4/5.gif?puid=7e78d458-2888-49d8-bd68-35822650d90a&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F3%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F3%2F6.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0b25e709-bee6-435a-aef5-5b6c4708b3ed-690f0662-4a50&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F826%2F3%2F6.gif%3Fpui...
  • https://id5-sync.com/c/1159/826/3/6.gif?puid=0b25e709-bee6-435a-aef5-5b6c4708b3ed-690f0662-4a50&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1159%2F10%2F2%2F7.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1159/10/2/7.gif?puid=5284147940615405056&gdpr=0&gdpr_consent=
  • https://token.rubiconproject.com/token?pid=49266&puid=ID5-e14aoYyP4lGXsYN7oljlS1c2WHHwORFZO-VEv_Ba1A&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/285.gif?puid=MHQ1Z6EM-1Y-HV8E&gdpr=0
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/0/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=0/gdpr_consent=?https://id5-sync.com/c/1159/19/0/9.gif?puid=${profile_id}&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/1159/19/0/9.gif?puid=91060d098c48233660c45abb7e94c6fe&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/1159/19/0/9.gif?puid=91060d098c48233660c45abb7e94c6fe&gdpr=0&gdpr_consent=
Protocol
H2
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Sat, 08 Nov 2025 08:59:16 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache
location
https://id5-sync.com/c/1159/19/0/9.gif?puid=91060d098c48233660c45abb7e94c6fe&gdpr=0&gdpr_consent=
pragma
no-cache
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
0
date
Sat, 08 Nov 2025 08:59:16 GMT
px.gif
ad-delivery.net/ 		43 B
164 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2&e=0.21718392956181343
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5727730570625024&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2f50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
983112
x-goog-stored-content-encoding
identity
expires
Sun, 09 Nov 2025 08:59:13 GMT
x-goog-stored-content-length
43
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
image/gif
vary
accept-encoding
last-modified
Wed, 05 May 2021 19:25:32 GMT
x-guploader-uploadid
ABgVH89ytYGGsM8zvMSS83qCZ0F4cDyA85oC5Xtq8jnme2OpbOxP7BU9t7rp4yrU4-M9nQOe
cache-control
public, max-age=86400
x-goog-storage-class
MULTI_REGIONAL
cf-ray
99b3df7f2aa062d5-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
bid
aax.amazon-adsystem.com/e/dtb/ 		25 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.192.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-192-61.nrt12.r.cloudfront.net
Software
Server /
Resource Hash
29901078f16bc88cd680008a8c9c9f8416c25ba4c0fdf533ef2867fe8508261a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
via
1.1 4692304470b2d7a09704a5e8dcf231dc.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
x-cache
Miss from cloudfront
content-length
45
x-amz-cf-id
6ApCSRACR2gCssx5u6sggA9lLiif_Fw7B2prnf5xX2CzkCjYrddHPQ==
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json;charset=UTF-8
vary
Origin
server
Server
x-amz-cf-pop
NRT12-P8
prebid
hb.adingo.jp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_overlay&tagId=44737%3A1000303247&groupId=1000191023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fluct-app,x-fluct-version,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://twinklesphotos.exblog.jp
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin,content-type,x-fluct-app,x-fluct-version,x-openrtb-version
access-control-allow-methods
POST
access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
access-control-max-age
3600
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 08 Nov 2025 08:59:13 GMT
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
server
nginx
vary
Accept-Encoding
prebid
mp.4dex.io/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4407::ac40:994e -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26054d6aa4ff456a84d738daab5ae73d91a2e9a439888fa79eb54621d05e4251

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-version
3.0.0-gcp-tyo
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
x-err
Calling bidders. no bid responses
access-control-allow-credentials
true
via
1.1 google
cf-ray
99b3df7f5a0a8eb8-NRT
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
prebidjs
rtb.openx.net/openrtbb/ 		53 B
271 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d9963ab828b3395f289d81d4837c0e60cb9b0459b2228ce5692af13a01fdbc04

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-forwarded-for
146.70.201.171
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53
date
Sat, 08 Nov 2025 08:59:12 GMT
content-type
text/plain
vary
Origin
v2
aladdin.genieesspv.jp/yie/ld/api/ad_call/ 		0
248 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aladdin.genieesspv.jp/yie/ld/api/ad_call/v2?zoneid=1599699&cb=98600412365&charset=UTF-8&loc=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&ct0=undefined&referer=undefined&topframe=1&cur=JPY&requestid=76e459c2234f3c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F142.0.0.0%20Safari%2F537.36&tpaf=1&cks=1&ib=0&gpid=%2F18333008%2FPC_blog_overlay&sw=1200&sh=1600&ucmbl=%3F0
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.37 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="CUR ADM OUR NOR STA NID"
date
Sat, 08 Nov 2025 08:59:13 GMT
prebid
ad.as.amanad.adtdp.com/v2/ 		68 B
811 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.as.amanad.adtdp.com/v2/prebid?asi=SeMjsk7NA&skt=5&gpid=%2F18333008%2FPC_blog_overlay&tid=e5095ccf-828c-4381-8358-9102da3807b9&prebid_id=785c1c0e29c81898&prebid_ver=9.37.0&page_url=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&ad_format_ids=4&eids=%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%222d5e97b0-4f6d-493e-8fa0-c931cebe7ae6%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D&sua=%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D&
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.173.254.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-173-254-35.nrt12.r.cloudfront.net
Software
/
Resource Hash
5fbed2d458600fede44f45a7518de1dbf0275e1b9262820522d4665d57538967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
UsYY6_CuFFpo9SzS_5UfiSc9By6o85lq5yfD6rHXGOMMJsFCLXKXGg==
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 50979cf9aec23385883dc6e2fd176c12.cloudfront.net (CloudFront)
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
68
x-xss-protection
0
x-amz-cf-pop
NRT12-P9
request
grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid-bidder.criteo.com/openrtb_2_5/pbjs/auction/request?profileId=207&av=37&wv=9.37.0&cb=5114596235&lsavail=1
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2d , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4d89e2b9cf7ea357a9298f410e9e78048e5f179735716b6478a0bed852645686
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=31536000; preload;
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json
vary
Accept-Encoding, Origin
server
Kestrel
prebid
ad.ad-stir.com/ 		0
153 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.ad-stir.com/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.65.81.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-81-163.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
cache-control
no-store
content-length
0
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json;charset=UTF-8
access-control-allow-credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
186 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

access-control-max-age
3600
access-control-allow-origin
https://twinklesphotos.exblog.jp
date
Sat, 08 Nov 2025 08:59:13 GMT
vary
Origin
access-control-allow-credentials
true
access-control-allow-methods
POST
translator
hbopenbid.pubmatic.com/ 		0
176 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
cache-control
no-cache, no-store, must-revalidate, no-store, no-cache, private
access-control-allow-credentials
true
observe-browsing-topics
?1
pmfcgi-resp
TRUE
access-control-allow-origin
https://twinklesphotos.exblog.jp
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sat, 08 Nov 2025 08:59:13 GMT
server
nginx
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
43e01df59ae611e680b6398726631a5ec69d47e388f625cbf94ed68e7f6e360b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

content-encoding
gzip
expires
Sat, 15 Nov 2008 16:00:00 GMT
server-timing
total;dur=326
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
146.70.201.171; 146.70.201.171; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
access-control-allow-origin
https://twinklesphotos.exblog.jp
an-x-request-uuid
0ef546d1-0eb2-48c3-b41b-6bc3ce6f88be
x-xss-protection
0
server
nginx/1.25.5
imp
g2.gumgum.com/hbid/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?displaymanager=Prebid.js%20-%20gumgum&displaymanagerver=9.37.0&lt=1762592353180&to=-540&aun=gpt_pc_blog_overlay&pubcid=2d5e97b0-4f6d-493e-8fa0-c931cebe7ae6&gpid=%2F18333008%2FPC_blog_overlay&t=i0wyuj4s&pi=2&schain=1.0%2C1!flux-g.com%2C125%2C1%2C%2C%2C&tId=e5095ccf-828c-4381-8358-9102da3807b9&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&tpl=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%229.37.0%22%7D&ogu=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&ns=10240&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F142.0.0.0%20Safari%2F537.36&dnt=0&lang=ja
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.76.7.142 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-7-142.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://twinklesphotos.exblog.jp
content-length
2
date
Sat, 08 Nov 2025 08:59:13 GMT
content-type
application/json;charset=UTF-8
server
nginx
prebid
hb.adingo.jp/ 		0
341 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.adingo.jp/prebid?dfpUnitCode=%2F18333008%2FPC_blog_overlay&tagId=44737%3A1000303247&groupId=1000191023
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.68.65.167 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-68-65-167.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

x-fluct-version
1.2
x-openrtb-version
2.5
x-fluct-app
prebid/fluctBidAdapter
Referer
https://twinklesphotos.exblog.jp/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://twinklesphotos.exblog.jp
access-control-expose-headers
x-openrtb-version
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Sat, 08 Nov 2025 08:59:13 GMT
server
nginx
access-control-allow-credentials
true
h_bid
y.one.impact-ad.jp/ 		119 B
359 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://y.one.impact-ad.jp/h_bid?v=hb1&p=170447&cb=77805879260&r=https%3A%2F%2Ftwinklesphotos.exblog.jp%2F33443955%2F&uid=949cad9ebe9306c&tid=e5095ccf-828c-4381-8358-9102da3807b9&uc=gpt_pc_blog_overlay&tmax=2500&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90%2C970x90
Requested by
Host: flux-cdn.com
URL: https://flux-cdn.com/client/00125/exblog_00138.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.17.49 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
49.17.213.35.bc.googleusercontent.com
Software
/
Resource Hash
644a7c94c17a5bec249e3b38b8a3cca2b46a470e0c406f91f5ad65cc89887d2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://twinklesphotos.exblog.jp/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://twinklesphotos.exblog.jp
alt-svc