posfie.com
54.64.18.240  Public Scan Open in urlscan Pro

48 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://min.togetter.com/ HTTP 307
   https://min.togetter.com/ HTTP 301
   https://posfie.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

• https://y.one.impact-ad.jp/h_bid?v=hb1&p=279567&cb=4787323071&r=https%3A%2F%2Fposfie.com%2F&uid=191cdaf91f0d4ae8&tid=undefined&uc=pos_pc_top_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_top_728x90%2Fpos_pc_top_728x90 HTTP 302
• https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279567&cb=4787323071&r=https%3A%2F%2Fposfie.com%2F&uid=191cdaf91f0d4ae8&tid=undefined&uc=pos_pc_top_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_top_728x90%2Fpos_pc_top_728x90

Request Chain 20

• https://y.one.impact-ad.jp/h_bid?v=hb1&p=279562&cb=40293249062&r=https%3A%2F%2Fposfie.com%2F&uid=20f8cdd87e0238d&tid=undefined&uc=pos_pc_other_bottom_left&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_left%2Fpos_pc_other_bottom_left HTTP 302
• https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279562&cb=40293249062&r=https%3A%2F%2Fposfie.com%2F&uid=20f8cdd87e0238d&tid=undefined&uc=pos_pc_other_bottom_left&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_left%2Fpos_pc_other_bottom_left

Request Chain 21

• https://y.one.impact-ad.jp/h_bid?v=hb1&p=279563&cb=33988681267&r=https%3A%2F%2Fposfie.com%2F&uid=21d4e14461ec2e68&tid=undefined&uc=pos_pc_other_bottom_right&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_right%2Fpos_pc_other_bottom_right HTTP 302
• https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279563&cb=33988681267&r=https%3A%2F%2Fposfie.com%2F&uid=21d4e14461ec2e68&tid=undefined&uc=pos_pc_other_bottom_right&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_right%2Fpos_pc_other_bottom_right

Request Chain 22

• https://y.one.impact-ad.jp/h_bid?v=hb1&p=279597&cb=9853400714&r=https%3A%2F%2Fposfie.com%2F&uid=224885e6c952d9e8&tid=undefined&uc=pos_pc_right_top&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=160x600%2C300x600&gpid=%2F5453651%2Fpos_pc_right_top%2Fpos_pc_right_top HTTP 302
• https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279597&cb=9853400714&r=https%3A%2F%2Fposfie.com%2F&uid=224885e6c952d9e8&tid=undefined&uc=pos_pc_right_top&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=160x600%2C300x600&gpid=%2F5453651%2Fpos_pc_right_top%2Fpos_pc_right_top

Request Chain 24

• https://y.one.impact-ad.jp/h_bid?v=hb1&p=279595&cb=71530807328&r=https%3A%2F%2Fposfie.com%2F&uid=24cf339f9cac60b8&tid=undefined&uc=pos_pc_right_bottom&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x600&gpid=%2F5453651%2Fpos_pc_right_bottom%2Fpos_pc_right_bottom HTTP 302
• https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279595&cb=71530807328&r=https%3A%2F%2Fposfie.com%2F&uid=24cf339f9cac60b8&tid=undefined&uc=pos_pc_right_bottom&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x600&gpid=%2F5453651%2Fpos_pc_right_bottom%2Fpos_pc_right_bottom

Request Chain 25

• https://y.one.impact-ad.jp/h_bid?v=hb1&p=279564&cb=85673389060&r=https%3A%2F%2Fposfie.com%2F&uid=25c37be88b50fbc8&tid=undefined&uc=pos_pc_overlay_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_overlay_728x90%2Fpos_pc_overlay_728x90 HTTP 302
• https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279564&cb=85673389060&r=https%3A%2F%2Fposfie.com%2F&uid=25c37be88b50fbc8&tid=undefined&uc=pos_pc_overlay_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_overlay_728x90%2Fpos_pc_overlay_728x90

Request Chain 139

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 144

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 164

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUlTNFhBRkItMVQtRktKNQ== HTTP 302
• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECNVSQEgZOIirLW68W5we5Q&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUlTNFhBRkItMVQtRktKNQ==&google_push=

Request Chain 165

• https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=MIS4XAFB-1T-FKJ5&ex=d-rubiconproject.com&status=ok

Request Chain 166

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://match.adsrvr.org/track/cmb/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5ba13a3c-e3e1-4114-a4e7-77a86f2d6a29&gdpr=0&gdpr_consent=&expires=30

Request Chain 167

• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
• https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t

Request Chain 168

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t

Request Chain 169

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://ups.analytics.yahoo.com/ups/58912/cms?uid=nWbGLgrwdcm-uP_vUvOpD8n5EUdSAgOZEtemQ7w0kco&csrc= HTTP 302
• https://ups.analytics.yahoo.com/ups/58912/cms?uid=nWbGLgrwdcm-uP_vUvOpD8n5EUdSAgOZEtemQ7w0kco&csrc=&verify=true HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3tfJBNVE2oINNHBx56veim7zmpwVz0GtF2stHw--~A

Request Chain 170

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPnKmbwrR0b3yW0shMUkYYo&google_cver=1

Request Chain 171

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0YTJmMDUxYjllYzdhMmRlNzQyZWY3Y2YxOTU0MDc1OGRjMjc4NQ

Request Chain 172

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MIS4XAFB-1T-FKJ5

Request Chain 173

• https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
• https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
• https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAl-qE7SZFIAAAFXhHGBWw&expires=30

Request Chain 174

• https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MIS4XAFB-1T-FKJ5 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MIS4XAFB-1T-FKJ5

Request Chain 175

• https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
• https://capi.connatix.com/us/pixel?puid=MIS4XAFB-1T-FKJ5&pId=11&gdpr=&gdpr_consent=&us_privacy=

Request Chain 176

• https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
• https://ce.lijit.com/merge?pid=80&3pid=MIS4XAFB-1T-FKJ5 HTTP 302
• https://ce.lijit.com/merge?pid=80&3pid=MIS4XAFB-1T-FKJ5&dnr=1

Request Chain 177

• https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
• https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MIS4XAFB-1T-FKJ5 HTTP 301
• https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MIS4XAFB-1T-FKJ5 HTTP 302
• https://sync-apac-v4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MIS4XAFB-1T-FKJ5&ckls=true&ci=K1WrV1LHIX&nc=false&trid=-146711279

Request Chain 178

• https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
• https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MIS4XAFB-1T-FKJ5

Request Chain 179

• https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5fc41d06-b371-4a8f-9b6c-55085dfcc000&expires=30

Request Chain 183

• https://togetter-d.openx.net/w/1.0/pd HTTP 302
• https://togetter-d.openx.net/w/1.0/pd?cc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMCKhoMlKNZ_Dfs0rwPPGs&google_cver=1

Request Chain 184

• https://image8.pubmatic.com/AdServer/ImgSync?p=156960 HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?p=156960&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUZEQjFENEUtNUFCRC00M0ZELThGMTEtNjU4QTVBMEZCNjY3&gdpr=-1&gdpr_consent=&google_cm HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESEIA_P4N_FGptZsTJjVxc-vY&google_cver=1 HTTP 302
• https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=

182 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response posfie.com/ Redirect Chain http://min.togetter.com/ https://min.togetter.com/ https://posfie.com/	85 KB 18 KB	76ms 19ms	Document text/html	54.64.18.240 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.64.18.240 Tokyo, Japan, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-64-18-240.ap-northeast-1.compute.amazonaws.com Software nginx / Resource Hash d5b6d45d1928a4ef1ec0e4397001859bacd27c84edbe45323c1c9284171cbfdc Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers content-encoding zstd content-type text/html; charset=UTF-8 date Fri, 05 Dec 2025 00:36:56 GMT server nginx vary User-Agent Redirect headers content-type text/html; charset=UTF-8 date Fri, 05 Dec 2025 00:36:55 GMT location https://posfie.com/ server nginx vary User-Agent
GET H2	200	mint.26eb4e105274dd0b34f3.css s.tgstc.com/static/web/css/	120 KB 25 KB	23ms 7ms	Stylesheet text/css	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/css/mint.26eb4e105274dd0b34f3.css Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75b1f032cb8f8c89814c5f348fbfb62c85d862ec95c99d56f177fe8479c0052a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"3b9dc38d78a042d441ab92ad1f99fb15" age 129438 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=wNdaZMKAW3TCyzljGp6FZJENgG7cCY9L57Lb0ErVcjbWEo3b6hV5SxLxiUJq0n9H68W0V1NDr5gqjHYlvdr3N5N7vWt7wNoE8ff1DyPvosCf8MWUDjLk"}]} x-content-type-options nosniff cf-ray 9a8f78dadb06c564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type text/css last-modified Wed, 03 Dec 2025 09:04:50 GMT server cloudflare vary Accept-Encoding
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	51ms 8ms	Script text/javascript	2404:6800:4004:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80e::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding gzip age 78677 report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} x-content-type-options nosniff expires Fri, 04 Dec 2026 02:45:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 02:45:39 GMT last-modified Fri, 08 May 2020 07:05:03 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=31536000, stale-while-revalidate=2592000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers accept-ranges bytes access-control-allow-origin * content-length 31021 x-xss-protection 0 server sffe
GET H2	200	vendors.90f89f14e7a0c2346cf2.js Show response s.tgstc.com/static/web/js/	837 KB 278 KB	21ms 6ms	Script application/x-javascript	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/js/vendors.90f89f14e7a0c2346cf2.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 033b5ab159b2f29787f4efc3d63fdaa9fac6d67719453284f06c15100223b9ca Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"a48bd37407a5e5a2a34e7707ad0d7007" age 445790 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=gbAvpbXemHJeQvEvxjvxIetXBRZuFGvpUdEtIKFiX1dxdAr9j27hhUxPSFlbotHjJcVK6er3QTUAWJnr61XbmBfFTTo1AbqnNp94tjkd7pZ2ObozDTHK"}]} x-content-type-options nosniff cf-ray 9a8f78dadb0ec564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type application/x-javascript last-modified Wed, 29 Oct 2025 09:38:31 GMT server cloudflare vary Accept-Encoding
GET H2	200	application.72c809638a95a0338a31.js Show response s.tgstc.com/static/web/js/	61 KB 21 KB	21ms 6ms	Script application/x-javascript	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/js/application.72c809638a95a0338a31.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bc3bc0895e278ffeec44407e0697a55b57e1e3b7885097e4cc2ca4b85de001d Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"562b3192eb9a60b870a851c8355dae2a" age 532650 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XyGAtk6M3fQ%2FDsIA2YVsf7Y4QO%2FcbJP3SCjzMvKQlSULNvQZ88vRpQP8Os43NlKQKIG2zJUJ9K1VK8LQQNA120rEVpwn%2BEB5rHVqX2KeStlUG7BxZhSD"}]} x-content-type-options nosniff cf-ray 9a8f78dadb0dc564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type application/x-javascript last-modified Sun, 02 Nov 2025 00:47:45 GMT server cloudflare vary Accept-Encoding
GET H2	200	mint.16953c30f38798880e05.js Show response s.tgstc.com/static/web/js/	189 KB 51 KB	21ms 6ms	Script application/x-javascript	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/js/mint.16953c30f38798880e05.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f256262cca3097f2386c23bc0436af984b591d2de36b2295eb16a227f1c2fe91 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"2196286356a4ea0adf7df7f29799ac6d" age 599587 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Lfs0Pj6u7rRmjKkHpdUx1SekGSkPpSfgtYlR8qQL2kmw4LMYot2Oq1mFTYk2vGBDnWY3%2FqJ%2B6ZPgT1HizR5yy11onWO6pw6Hy%2FO3tsohlFaNy2WMAX5P"}]} x-content-type-options nosniff cf-ray 9a8f78dadb0fc564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type application/x-javascript last-modified Tue, 18 Nov 2025 23:58:39 GMT server cloudflare vary Accept-Encoding
GET H2	200	json.pf.0940.js Show response s.tgstc.com/static/web/api/20251205/	124 KB 23 KB	20ms 5ms	Script application/x-javascript	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/api/20251205/json.pf.0940.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1d4423beb2635be98d6e9c87bcfa602019fbc699139300ed8ae5b1a87f1d620 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"e6a086d7c1dc8ec271faef2a3a547aca" age 50 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=fHck78EEjyF5SQQTcHAAcASM6nc%2FgQ%2B5b64rbk016B0XS0mvWdQ97HiSohfDQvjwcW24PcY0yRNgobMbGJh5MUKzw4wqYU3XNTMZlaoQX%2F37IiiBUEqG"}]} x-content-type-options nosniff cf-ray 9a8f78dadb09c564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type application/x-javascript last-modified Fri, 05 Dec 2025 00:36:05 GMT server cloudflare vary Accept-Encoding
GET H2	200	icons.5d710985c39e14776991.js Show response s.tgstc.com/static/web/js/	61 KB 23 KB	22ms 7ms	Script application/x-javascript	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/js/icons.5d710985c39e14776991.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ce2c4b22b8eb80c806ad81d4f5932146b5897b2c705a95f897d74a465c6a3ebe Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"d03d7c4cee4f316e750095fca0072a73" age 696623 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=4gliA4x%2BOvtFoZjna6izJ1%2FJns5GpVCZ1gV2MebycO6dQRh%2FZCSNvHTuR2HyyZy%2FiQGzzpxGUviXdRbRky9L86OJb6eLkfJqfw51ADzYv6F2ohP1k8el"}]} x-content-type-options nosniff cf-ray 9a8f78dadb0bc564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type application/x-javascript last-modified Fri, 24 Oct 2025 10:55:24 GMT server cloudflare vary Accept-Encoding
GET H2	200	js Show response www.googletagmanager.com/gtag/	502 KB 163 KB	91ms 42ms	Script application/javascript	2404:6800:4004:825::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-5ZPETP1B9D Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eebf0c2408102e9d32d0d4f1480d65b3e5e6ff0def99c78d0c476da1e66e1470 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 content-encoding zstd cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Fri, 05 Dec 2025 00:36:56 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 166714 date Fri, 05 Dec 2025 00:36:56 GMT x-xss-protection 0 content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Google Tag Manager access-control-allow-headers Cache-Control
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	104 KB 33 KB	102ms 52ms	Script text/javascript	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash 95bfd622a970193b1b569c140b230bb85d8241c308e6db5acbfeb8d09d66c2b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag 353 / 20427 / 31095969 / config-hash: 14648632876906857835 x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:36:56 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding content-disposition attachment; filename="f.txt" cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 33934 x-xss-protection 0 server cafe
GET H2	200	pwt.js Show response ads.pubmatic.com/AdServer/js/pwt/156960/7618/	214 KB 65 KB	25ms 3ms	Script application/javascript	23.32.224.239 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/pwt/156960/7618/pwt.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.32.224.239 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-32-224-239.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 8e18338338797609c31e4fc0cbd6a2c0e2e52bfe5e613ea003941529b372485f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control max-age=108281 content-encoding gzip expires Sat, 06 Dec 2025 06:41:37 GMT accept-ranges bytes p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 66121 date Fri, 05 Dec 2025 00:36:56 GMT last-modified Sat, 29 Apr 2023 00:56:44 GMT content-type application/javascript server Apache vary Accept-Encoding
GET H2	200	noicon.png s.tgstc.com/static/web/img/	635 B 951 B	6ms 4ms	Image image/png	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tgstc.com/static/web/img/noicon.png Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8234b49cff63ab8b3f540f7a59691494fda3d2ee3588fffddd64ed544eaf896 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cf-cache-status HIT etag "5cbe9f57de88d426e4e72f22018ebe42" age 704526 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qc%2BpXsJojXMxGzptYC92HCuiFhi4FR8dQll4O9Ln51S9YEss5LJhrBPS1XKdg2uSyltrLoYtU4Ctx4gBOyjw%2FnagtI7zM%2FrwFZfVL%2FESaWVhTYbenEVN"}]} x-content-type-options nosniff date Fri, 05 Dec 2025 00:36:56 GMT content-type image/png last-modified Tue, 22 Apr 2025 09:49:05 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 9a8f78dafb62c564-NRT accept-ranges bytes content-length 635 server cloudflare
GET H2	200	placeholder.gif s.tgstc.com/static/web/img/	43 B 319 B	7ms 6ms	Image image/gif	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tgstc.com/static/web/img/placeholder.gif Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cf-cache-status HIT etag "b4491705564909da7f9eaf749dbbfbb1" age 525368 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=b8wqBKbdehfQYN26ApcOgHKCJ%2BiubpRVS7VWvu2uaxpoPR5TE7EqAWadIEr82sCm9ApLKE%2BXCCtkHKEASENILz5HB5Rs24NojR1Rf%2FhxiTM3khrdvfIV"}]} x-content-type-options nosniff date Fri, 05 Dec 2025 00:36:56 GMT content-type image/gif last-modified Wed, 28 May 2025 09:26:06 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 9a8f78dafb64c564-NRT accept-ranges bytes content-length 43 server cloudflare
GET H2	200	placeholder150.png s.tgstc.com/static/web/img/	114 B 422 B	7ms 6ms	Image image/png	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tgstc.com/static/web/img/placeholder150.png Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a04734ed2be68700d389d0192279c7293ebadbb99f95f913ca3e4538946276ec Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cf-cache-status HIT etag "47c08ea726ba5353785c2386c957b03e" age 517003 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=g5dPfLGDIXkg5NsqfeDvv2BUYliPwK%2BGyJdKxT3xxizPswVjm7w%2FOTPQ8wrFDeC7qzu0BNVNrIQ4u6AO6e6n1v9QCYzxsBJs%2BdyQlMJfw83JNEwDM4YC"}]} x-content-type-options nosniff date Fri, 05 Dec 2025 00:36:56 GMT content-type image/png last-modified Tue, 22 Apr 2025 09:49:00 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 9a8f78dafb65c564-NRT accept-ranges bytes content-length 114 server cloudflare
GET H2	200	logo.png s.tgstc.com/static/web/img/posfie/	2 KB 2 KB	9ms 8ms	Image image/png	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tgstc.com/static/web/img/posfie/logo.png Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb7dd59fce72047766b7b0e87e7b2211b6a7b80dd482638291154e7115c1d6d1 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cf-cache-status HIT etag "a064b36fab3406838b3ab8c23a13a930" age 168790 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qGJEThDJueD0lXwUB%2FEX1rBvPaZIp4wTc1SJBZk1ERMI0iWRD0jyUOqvQS92k5GclCCT4TVSKWHAadfUPxqwPgGehKgTyKDbvsNyHrG4BbHRZYAfP5nD"}]} x-content-type-options nosniff date Fri, 05 Dec 2025 00:36:56 GMT content-type image/png last-modified Wed, 09 Jul 2025 08:47:00 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 9a8f78dafb67c564-NRT accept-ranges bytes content-length 1862 server cloudflare
GET H2	200	p.gif s.tgstc.com/static/web/	43 B 362 B	5ms 5ms	Image image/gif	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tgstc.com/static/web/p.gif Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cf-cache-status HIT etag "b4491705564909da7f9eaf749dbbfbb1" age 698927 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=x%2Fee0yjXYykQVt9l4o3pP3pVRq1pFuw289LIZl6PTZI6%2Fl1apjDJH3s4%2B1aimhswLySKjalNpBTrMfnoZC2AdOX2pNfXgMHjYfR0nFZEyAsWO8Fnd8wF"}]} x-content-type-options nosniff date Fri, 05 Dec 2025 00:36:56 GMT content-type image/gif last-modified Tue, 22 Apr 2025 09:49:21 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 9a8f78dafb3ec564-NRT accept-ranges bytes content-length 43 server cloudflare
GET H2	200	debug.12291e53c3d301b2b564.css s.tgstc.com/static/web/css/	296 B 693 B	6ms 5ms	Stylesheet text/css	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/css/debug.12291e53c3d301b2b564.css Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 031dee24d66749dbfaa71bb208fa9901c8b80845599061faf0d40b557e30f6c3 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"0c1c8313912701e36cb572a17c6878a2" age 713620 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KcWCG2Eh7SW7N%2BAktF4kYcTc1J24vmgasqi5rRR0jbjWBktEWXRrUieiGN2khRBwinU%2FajDptx6wYCZOw%2BcglK%2Bx0%2BzP0IR85il7PbKUuGMg5Oevg9gy"}]} x-content-type-options nosniff cf-ray 9a8f78dafb40c564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type text/css last-modified Wed, 09 Jul 2025 08:47:07 GMT vary Accept-Encoding server cloudflare
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/	609 KB 193 KB	4ms 4ms	Script text/javascript	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash cdf207042b9030c6e625d7042dac68355209cda211f30a59d25b2b4baafd8c1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag 10021983320797522262 age 12891 x-content-type-options nosniff expires Fri, 04 Dec 2026 21:02:05 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 04 Dec 2025 21:02:05 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 197115 x-xss-protection 0 server cafe
GET H2	200	fastlane.json Show response fastlane.rubiconproject.com/a/api/	27 KB 15 KB	504ms 250ms	Fetch application/json	2602:803:c006:158::65 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20338&site_id=580740&zone_id=3698404%3B3698394%3B3698396%3B3704860%3B3704858%3B3704856%3B3698398&size_id=2%3B15%3B15%3B9%3B9%3B10%3B2&alt_size_ids=%3B16%3B16%3B10%3B10%3B%3B&rf=https%3A%2F%2Fposfie.com%2F&kw=%E3%83%84%E3%82%A4%E3%83%BC%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81%E3%83%84%E3%82%A4%E3%83%83%E3%82%BF%E3%83%BC%E3%81%BE%E3%81%A8%E3%82%81Twitter%E3%81%BE%E3%81%A8%E3%82%81%E3%83%9D%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81X%E3%83%9D%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81X%E3%81%BE%E3%81%A8%E3%82%81Twitter%E3%83%88%E3%83%AC%E3%83%B3%E3%83%89%E8%A9%B1%E9%A1%8C%E3%81%AE%E3%83%84%E3%82%A4%E3%83%BC%E3%83%88%E8%A9%B1%E9%A1%8C%E3%81%AE%E3%83%8B%E3%83%A5%E3%83%BC%E3%82%B9&tg_i.domain=posfie.com&tg_i.page=https%3A%2F%2Fposfie.com%2F&tg_i.documentLang=ja&tk_flint=pbjs_lite_v9.43.0&l_pb_bid_id=39054b6aa2fde4%3B490f346053d0958%3B5d14245a3cb6af%3B612ed08a6b857d8%3B7a2e026c29e1428%3B841bc41e3626f5%3B99f6104f87a24c8&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F5453651%2Fpos_pc_top_728x90%2Fpos_pc_top_728x90%3B%2F5453651%2Fpos_pc_other_bottom_left%2Fpos_pc_other_bottom_left%3B%2F5453651%2Fpos_pc_other_bottom_right%2Fpos_pc_other_bottom_right%3B%2F5453651%2Fpos_pc_right_top%2Fpos_pc_right_top%3B%2F5453651%2Fpos_pc_right_fixed%2Fpos_pc_right_fixed%3B%2F5453651%2Fpos_pc_right_bottom%2Fpos_pc_right_bottom%3B%2F5453651%2Fpos_pc_overlay_728x90%2Fpos_pc_overlay_728x90&m_ch_mobile=%3F0&slots=7&rand=0.8653455088434474 Requested by Host: s.tgstc.com URL: https://s.tgstc.com/static/web/js/vendors.90f89f14e7a0c2346cf2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.27.2 / Resource Hash a9b96249718f2078b9be69f5072352e82effce85d02fb6cc1634c45a03f5c31b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 content-type text/plain Referer https://posfie.com/ Response headers cache-control no-cache, no-store, max-age=0, must-revalidate content-encoding gzip pragma no-cache access-control-allow-credentials true expires Wed, 17 Sep 1975 21:32:10 GMT access-control-allow-origin https://posfie.com date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json vary Accept-Encoding server nginx/1.27.2
POST H2	200	prebidjs Show response rtb.openx.net/openrtbb/	53 B 240 B	340ms 326ms	Fetch text/plain	35.227.252.103 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://rtb.openx.net/openrtbb/prebidjs Requested by Host: s.tgstc.com URL: https://s.tgstc.com/static/web/js/vendors.90f89f14e7a0c2346cf2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software / Resource Hash 4f9557d1fe370ff747443ee8b455a57e22862b578ba035835a55920fbb656b08 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 content-type text/plain Referer https://posfie.com/ Response headers x-forwarded-for 146.70.138.221 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53 date Fri, 05 Dec 2025 00:36:55 GMT content-type text/plain vary Origin
GET H2	200	h_bid Show response y.one.impact-ad.jp/ul_cb/ Redirect Chain https://y.one.impact-ad.jp/h_bid?v=hb1&p=279567&cb=4787323071&r=https%3A%2F%2Fposfie.com%2F&uid=191cdaf91f0d4ae8&tid=undefined&uc=pos_pc_top_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x120... https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279567&cb=4787323071&r=https%3A%2F%2Fposfie.com%2F&uid=191cdaf91f0d4ae8&tid=undefined&uc=pos_pc_top_728x90&tmax=3000&t=i&language=ja-JP&screen_size=16...	134 B 363 B	12ms 11ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279567&cb=4787323071&r=https%3A%2F%2Fposfie.com%2F&uid=191cdaf91f0d4ae8&tid=undefined&uc=pos_pc_top_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_top_728x90%2Fpos_pc_top_728x90 Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash 1cd76f22832a1ebe6b931dca0aacbc9bce397ad4b618ef95f360c0fb6414abee Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8 Redirect headers cache-control no-cache, no-store, must-revalidate location https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279567&cb=4787323071&r=https%3A%2F%2Fposfie.com%2F&uid=191cdaf91f0d4ae8&tid=undefined&uc=pos_pc_top_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_top_728x90%2Fpos_pc_top_728x90 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT
GET H2	200	h_bid Show response y.one.impact-ad.jp/ul_cb/ Redirect Chain https://y.one.impact-ad.jp/h_bid?v=hb1&p=279562&cb=40293249062&r=https%3A%2F%2Fposfie.com%2F&uid=20f8cdd87e0238d&tid=undefined&uc=pos_pc_other_bottom_left&tmax=3000&t=i&language=ja-JP&screen_size=1... https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279562&cb=40293249062&r=https%3A%2F%2Fposfie.com%2F&uid=20f8cdd87e0238d&tid=undefined&uc=pos_pc_other_bottom_left&tmax=3000&t=i&language=ja-JP&screen_...	133 B 365 B	10ms 9ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279562&cb=40293249062&r=https%3A%2F%2Fposfie.com%2F&uid=20f8cdd87e0238d&tid=undefined&uc=pos_pc_other_bottom_left&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_left%2Fpos_pc_other_bottom_left Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash cc0430240eefd360abaa2600d3b53cd077717fdd72d978ff5b93cb8b8001af85 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 126 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8 Redirect headers cache-control no-cache, no-store, must-revalidate location https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279562&cb=40293249062&r=https%3A%2F%2Fposfie.com%2F&uid=20f8cdd87e0238d&tid=undefined&uc=pos_pc_other_bottom_left&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_left%2Fpos_pc_other_bottom_left access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT
GET H2	200	h_bid Show response y.one.impact-ad.jp/ul_cb/ Redirect Chain https://y.one.impact-ad.jp/h_bid?v=hb1&p=279563&cb=33988681267&r=https%3A%2F%2Fposfie.com%2F&uid=21d4e14461ec2e68&tid=undefined&uc=pos_pc_other_bottom_right&tmax=3000&t=i&language=ja-JP&screen_size... https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279563&cb=33988681267&r=https%3A%2F%2Fposfie.com%2F&uid=21d4e14461ec2e68&tid=undefined&uc=pos_pc_other_bottom_right&tmax=3000&t=i&language=ja-JP&scree...	134 B 366 B	8ms 7ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279563&cb=33988681267&r=https%3A%2F%2Fposfie.com%2F&uid=21d4e14461ec2e68&tid=undefined&uc=pos_pc_other_bottom_right&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_right%2Fpos_pc_other_bottom_right Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash d138881ed9cd9877db03c9304c251a11fa33b610f3d6189164aadbabaad05592 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 127 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8 Redirect headers cache-control no-cache, no-store, must-revalidate location https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279563&cb=33988681267&r=https%3A%2F%2Fposfie.com%2F&uid=21d4e14461ec2e68&tid=undefined&uc=pos_pc_other_bottom_right&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x250%2C336x280&gpid=%2F5453651%2Fpos_pc_other_bottom_right%2Fpos_pc_other_bottom_right access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT
GET H2	200	h_bid Show response y.one.impact-ad.jp/ul_cb/ Redirect Chain https://y.one.impact-ad.jp/h_bid?v=hb1&p=279597&cb=9853400714&r=https%3A%2F%2Fposfie.com%2F&uid=224885e6c952d9e8&tid=undefined&uc=pos_pc_right_top&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200... https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279597&cb=9853400714&r=https%3A%2F%2Fposfie.com%2F&uid=224885e6c952d9e8&tid=undefined&uc=pos_pc_right_top&tmax=3000&t=i&language=ja-JP&screen_size=160...	134 B 367 B	10ms 8ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279597&cb=9853400714&r=https%3A%2F%2Fposfie.com%2F&uid=224885e6c952d9e8&tid=undefined&uc=pos_pc_right_top&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=160x600%2C300x600&gpid=%2F5453651%2Fpos_pc_right_top%2Fpos_pc_right_top Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash def4237518e8c7f96842f852a78a3093488b0c7f3763d1cb5823d9b9a87da4e5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 128 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8 Redirect headers cache-control no-cache, no-store, must-revalidate location https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279597&cb=9853400714&r=https%3A%2F%2Fposfie.com%2F&uid=224885e6c952d9e8&tid=undefined&uc=pos_pc_right_top&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=160x600%2C300x600&gpid=%2F5453651%2Fpos_pc_right_top%2Fpos_pc_right_top access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT
GET H2	200	h_bid Show response y.one.impact-ad.jp/	119 B 200 B	24ms 8ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/h_bid?v=hb1&p=279596&cb=65835665477&r=https%3A%2F%2Fposfie.com%2F&uid=2349e049ab094a4&tid=undefined&uc=pos_pc_right_fixed&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=160x600%2C300x600&gpid=%2F5453651%2Fpos_pc_right_fixed%2Fpos_pc_right_fixed Requested by Host: s.tgstc.com URL: https://s.tgstc.com/static/web/js/vendors.90f89f14e7a0c2346cf2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash e45139e5cd387e6d34a7ee9b20ee541b0f96f28276159960fef19b313214fb76 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 content-type text/plain Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 118 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8
GET H2	200	h_bid Show response y.one.impact-ad.jp/ul_cb/ Redirect Chain https://y.one.impact-ad.jp/h_bid?v=hb1&p=279595&cb=71530807328&r=https%3A%2F%2Fposfie.com%2F&uid=24cf339f9cac60b8&tid=undefined&uc=pos_pc_right_bottom&tmax=3000&t=i&language=ja-JP&screen_size=1600x... https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279595&cb=71530807328&r=https%3A%2F%2Fposfie.com%2F&uid=24cf339f9cac60b8&tid=undefined&uc=pos_pc_right_bottom&tmax=3000&t=i&language=ja-JP&screen_size...	134 B 368 B	9ms 8ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279595&cb=71530807328&r=https%3A%2F%2Fposfie.com%2F&uid=24cf339f9cac60b8&tid=undefined&uc=pos_pc_right_bottom&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x600&gpid=%2F5453651%2Fpos_pc_right_bottom%2Fpos_pc_right_bottom Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash 3f12cca39e7440132ca7fc7193b617a8eefd0469b8c7f5a2cba71d444eeda0d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 129 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8 Redirect headers cache-control no-cache, no-store, must-revalidate location https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279595&cb=71530807328&r=https%3A%2F%2Fposfie.com%2F&uid=24cf339f9cac60b8&tid=undefined&uc=pos_pc_right_bottom&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=300x600&gpid=%2F5453651%2Fpos_pc_right_bottom%2Fpos_pc_right_bottom access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT
GET H2	200	h_bid Show response y.one.impact-ad.jp/ul_cb/ Redirect Chain https://y.one.impact-ad.jp/h_bid?v=hb1&p=279564&cb=85673389060&r=https%3A%2F%2Fposfie.com%2F&uid=25c37be88b50fbc8&tid=undefined&uc=pos_pc_overlay_728x90&tmax=3000&t=i&language=ja-JP&screen_size=160... https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279564&cb=85673389060&r=https%3A%2F%2Fposfie.com%2F&uid=25c37be88b50fbc8&tid=undefined&uc=pos_pc_overlay_728x90&tmax=3000&t=i&language=ja-JP&screen_si...	134 B 365 B	10ms 9ms	Fetch application/json	35.213.17.49 GOOGLE-2
General Check archive.org Show headers Download Go to Full URL https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279564&cb=85673389060&r=https%3A%2F%2Fposfie.com%2F&uid=25c37be88b50fbc8&tid=undefined&uc=pos_pc_overlay_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_overlay_728x90%2Fpos_pc_overlay_728x90 Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Server 35.213.17.49 Tokyo, Japan, ASN19527 (GOOGLE-2, US), Reverse DNS 49.17.213.35.bc.googleusercontent.com Software / Resource Hash 0034813999283613e9fa5efdc5807de10e17231a8f13b7d10c5ef646b79c9a64 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 129 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/json; charset=utf-8 Redirect headers cache-control no-cache, no-store, must-revalidate location https://y.one.impact-ad.jp/ul_cb/h_bid?v=hb1&p=279564&cb=85673389060&r=https%3A%2F%2Fposfie.com%2F&uid=25c37be88b50fbc8&tid=undefined&uc=pos_pc_overlay_728x90&tmax=3000&t=i&language=ja-JP&screen_size=1600x1200&sz=728x90&gpid=%2F5453651%2Fpos_pc_overlay_728x90%2Fpos_pc_overlay_728x90 access-control-allow-credentials true via 1.1 google access-control-allow-origin https://posfie.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT
POST H2	204	translator Show response hbopenbid.pubmatic.com/	0 304 B	185ms 163ms	Fetch	207.65.34.76 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: s.tgstc.com URL: https://s.tgstc.com/static/web/js/vendors.90f89f14e7a0c2346cf2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.34.76 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 content-type text/plain Referer https://posfie.com/ Response headers strict-transport-security max-age=16070400; includeSubDomains cache-control no-cache, no-store, must-revalidate, no-store, no-cache, private access-control-allow-credentials true observe-browsing-topics ?1 pmfcgi-resp TRUE access-control-allow-origin https://posfie.com p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Fri, 05 Dec 2025 00:36:56 GMT server nginx
POST H2	204	collect analytics.google.com/g/	0 0	95ms 41ms	Fetch text/plain	2404:6800:4004:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-5ZPETP1B9D&gtm=45je5c31v9104675881za200zd9104675881&_p=1764895016140&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=142496212.1764895017&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=Ag&_s=1&tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116217636~116217638&sid=1764895016&sct=1&seg=0&dl=https%3A%2F%2Fposfie.com%2F&dt=posfie%20-%20%E3%81%BF%E3%82%93%E3%81%AA%E3%81%A7%E3%81%A4%E3%81%8F%E3%82%8BX%E3%83%9D%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=597 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ZPETP1B9D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:169:0 report-to {"group":"ascnsrsggc:169:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:169:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://posfie.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:169:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:56 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 554 B	108ms 34ms	Ping text/plain	2404:6800:4008:c19::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5ZPETP1B9D&cid=142496212.1764895017&gtm=45je5c31v9104675881za200zd9104675881&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116217636~116217638 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ZPETP1B9D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4008:c19::9b , Taiwan, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0 report-to {"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://posfie.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:138:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:56 GMT content-type text/plain server Golfe2
GET H2	200	js Show response www.googletagmanager.com/gtag/	282 KB 103 KB	50ms 46ms	Script application/javascript	2404:6800:4004:825::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-77432-18&cx=c&gtm=4e5c31 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ZPETP1B9D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 892df563f82816d11eecbc62d734086810def51e202903c712e335c6b375f10a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding zstd expires Fri, 05 Dec 2025 00:36:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:56 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 05 Dec 2025 00:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin * content-length 104869 x-xss-protection 0 server Google Tag Manager
GET H3	200	ga-audiences www.google.co.jp/ads/	42 B 63 B	86ms 41ms	Image image/gif	142.250.196.131 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5ZPETP1B9D&cid=142496212.1764895017&gtm=45je5c31v9104675881za200zd9104675881&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116217636~116217638&z=191788986 Requested by Host: posfie.com URL: https://posfie.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.196.131 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s36-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 05 Dec 2025 00:36:56 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	vsKKaulb_normal.jpg pbs.twimg.com/profile_images/1739820671432323072/	2 KB 3 KB	19ms 2ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1739820671432323072/vsKKaulb_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 98205d50ee42118af128123f506312086bda7b2dde0faeda750b15ea6f904ef3 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id 6c54fdb20f2626f2 access-control-expose-headers Content-Length x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7469935968 last-modified Wed, 27 Dec 2023 01:27:07 GMT x-served-by cache-tyo11972-TYO, cache-nrt-rjtf7700029-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519 cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com accept-ranges bytes access-control-allow-origin * content-length 2263
GET H2	200	G65CCYWboAAcyh3.png:thumb pbs.twimg.com/media/	9 KB 9 KB	21ms 5ms	Image image/png	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/G65CCYWboAAcyh3.png:thumb Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0212a609c0773bcbd8070deac2d370a99dfd2dbeb5e20f2268d512647a9156f3 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id 453f3b64be75f53e access-control-expose-headers Content-Length cache-tag media,media/bucket/6,media/1994604293635416064 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT last-modified Sat, 29 Nov 2025 03:06:16 GMT perf 7402827104 vary origin content-type image/png x-served-by tsa_p, cache-nrt-rjtt7900055-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 8775
GET H2	200	RJzZZ3ZB_normal.jpg pbs.twimg.com/profile_images/1767814681849397248/	2 KB 2 KB	22ms 5ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1767814681849397248/RJzZZ3ZB_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 471b91f7d4a29ee02ba4cdb07dea11f05e7f2e179671d349c1efbc40857f90fb Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id d8b6b8e7b5865eb0 access-control-expose-headers Content-Length x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7469935968 last-modified Wed, 13 Mar 2024 07:25:19 GMT x-served-by cache-tyo11958-TYO, cache-nrt-rjtt7900054-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519 cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com accept-ranges bytes access-control-allow-origin * content-length 1959
GET H2	200	G7W17pybsAAFGYy.jpg:thumb pbs.twimg.com/media/	10 KB 10 KB	20ms 3ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/G7W17pybsAAFGYy.jpg:thumb Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5b449d82f4928e7296e45def200a6ee102c96a09fd48cd9f9186955d000c79d0 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id de6a637d10f8fab6 access-control-expose-headers Content-Length cache-tag media,media/bucket/8,media/1996702046242975744 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache MISS, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT last-modified Thu, 04 Dec 2025 22:01:59 GMT perf 7402827104 vary origin content-type image/jpeg x-served-by t4_p, cache-nrt-rjtf7700027-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 10488
GET H2	200	abuYLfiQ_normal.jpg pbs.twimg.com/profile_images/1012316166734295040/	2 KB 2 KB	19ms 3ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1012316166734295040/abuYLfiQ_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b67c8fe5d11e65de44ab2c3aa60f183f25ce08f533d3dc9caf887b3da08bc06d Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id f37b02294b49c9cf access-control-expose-headers Content-Length cache-tag profile_images,profile_images/bucket/9,profile_images/1012316166734295040 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7402827104 last-modified Thu, 28 Jun 2018 12:43:56 GMT x-served-by cache-nrt-rjtf7700066-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519 cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com accept-ranges bytes access-control-allow-origin * content-length 1959
GET H2	200	G7Vb1f1b0AArtZ_.jpg:thumb pbs.twimg.com/media/	9 KB 9 KB	20ms 4ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/G7Vb1f1b0AArtZ_.jpg:thumb Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a5288b5f48e147c45fbef01058508258db7a9c4f2de79b2364d9ee7ed762bafe Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id ef6d789299b9a444 access-control-expose-headers Content-Length cache-tag media,media/bucket/8,media/1996602984445497344 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache MISS, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT last-modified Thu, 04 Dec 2025 15:28:21 GMT perf 7402827104 vary origin content-type image/jpeg x-served-by t4_p, cache-nrt-rjtf7700089-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 9128
GET H2	200	qKH1N1fX_normal.jpg pbs.twimg.com/profile_images/1960478668763095043/	2 KB 3 KB	5ms 3ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1960478668763095043/qKH1N1fX_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash da475cecb108c2e1717d53832bc6c563856809173ccdaa1a0e7f70503fffe7fc Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id c710d62632a5171a access-control-expose-headers Content-Length cache-tag profile_images,profile_images/bucket/0,profile_images/1960478668763095043 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7402827104 last-modified Tue, 26 Aug 2025 23:03:13 GMT x-served-by cache-nrt-rjtt7900094-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 2491
GET H2	200	G7WiqMva4AAGR9w.jpg:thumb pbs.twimg.com/media/	10 KB 11 KB	5ms 3ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/G7WiqMva4AAGR9w.jpg:thumb Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a7c9b45b9c883ccd3f87cb535e8298a565e681a9107d6cbe68ec2215299110b9 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id fce00634b97b7438 access-control-expose-headers Content-Length cache-tag media,media/bucket/5,media/1996680855667007488 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT last-modified Thu, 04 Dec 2025 20:37:47 GMT perf 7402827104 vary origin content-type image/jpeg x-served-by t4_p, cache-nrt-rjtf7700022-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 10734
GET H2	200	yEIYwCw4_normal.jpg pbs.twimg.com/profile_images/753689631296622592/	2 KB 2 KB	6ms 4ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/753689631296622592/yEIYwCw4_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f1a7b617f44f2c3aa897fe77d2f97035fef3f7418a2d5724d5d79a6b8165e74d Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id f4fd296919ad2966 access-control-expose-headers Content-Length cache-tag profile_images,profile_images/bucket/7,profile_images/753689631296622592 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7402827104 last-modified Thu, 14 Jul 2016 20:34:25 GMT x-served-by cache-nrt-rjtt7900090-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519 cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com accept-ranges bytes access-control-allow-origin * content-length 2035
GET H2	200	G7TpxdZaMAA9Y8y.jpg:thumb pbs.twimg.com/media/	12 KB 12 KB	5ms 3ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/G7TpxdZaMAA9Y8y.jpg:thumb Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b5619edb40566a4d4986c8276d2faab6e16cac72b121ec6ddf87c80e83431578 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id 14e07fbd6784a3da access-control-expose-headers Content-Length cache-tag media,media/bucket/3,media/1996477570746036224 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache MISS, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT last-modified Thu, 04 Dec 2025 07:10:00 GMT perf 7402827104 vary origin content-type image/jpeg x-served-by t4_p, cache-nrt-rjtf7700058-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 11949
GET H2	200	Uf4VIAwl_normal.jpg pbs.twimg.com/profile_images/828561361726689281/	2 KB 2 KB	4ms 2ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/828561361726689281/Uf4VIAwl_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f8ed67347876862d0da9c726ba321de147aabab852170f93b55599e49e8525c2 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id 78b8d734725e1b1c access-control-expose-headers Content-Length cache-tag profile_images,profile_images/bucket/3,profile_images/828561361726689281 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7402827104 last-modified Mon, 06 Feb 2017 11:07:57 GMT x-served-by cache-nrt-rjtf7700057-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519 cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com accept-ranges bytes access-control-allow-origin * content-length 1883
GET H2	200	yHFayWIp_normal.jpg pbs.twimg.com/profile_images/1493157489939869701/	2 KB 2 KB	4ms 3ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1493157489939869701/yHFayWIp_normal.jpg Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 99c9125f8b90a7f96c7acf85ed210e53c57012d061101a93467e399c969a8e0f Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id a47096d07ce37fc8 access-control-expose-headers Content-Length x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT perf 7469935968 last-modified Mon, 14 Feb 2022 09:35:41 GMT x-served-by cache-tyo11938-TYO, cache-nrt-rjtf7700024-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 content-type image/jpeg strict-transport-security max-age=631138519 cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com accept-ranges bytes access-control-allow-origin * content-length 1959
GET H2	200	noimage200.png s.tgstc.com/static/web/img/	800 B 1 KB	7ms 6ms	Image image/png	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tgstc.com/static/web/img/noimage200.png Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aab27103ade860efcd2b389da4830ab470e514243341138f2a75a706ab832c11 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cf-cache-status HIT etag "e519fca14e61c3a608a26496da420bbc" age 709684 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ePSt3cxFiEkw6B9nqXERcjbEv3kWF%2FGQRSUjcnkgJRcQuyfs%2BTsHp0sTUqPsgjndgr9cOFOWFkYJMt%2FEdh2lrTlhFJqDR4QiEo27bJeZ2p9qSXVbCynv"}]} x-content-type-options nosniff date Fri, 05 Dec 2025 00:36:56 GMT content-type image/png last-modified Tue, 22 Apr 2025 09:49:07 GMT vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} cf-ray 9a8f78dd9ff1c564-NRT accept-ranges bytes content-length 800 server cloudflare
GET H2	200	G7QaIHnaYAEOA3Z.jpg:thumb pbs.twimg.com/media/	6 KB 6 KB	2ms 2ms	Image image/jpeg	2a04:4e42:1a::159 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/G7QaIHnaYAEOA3Z.jpg:thumb Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:1a::159 Tokyo, Japan, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 2943ee04697b8265044cc49962b61710c1545a1687822464144ce959c6463ed4 Security Headers Name Value Strict-Transport-Security max-age=631138519; includeSubdomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers x-transaction-id f7728c915fc1910c access-control-expose-headers Content-Length cache-tag media,media/bucket/5,media/1996249261617602561 x-content-type-options nosniff server-timing x-cache;desc=HIT, x-tw-cdn;desc=FT x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:56 GMT x-tw-cdn FT last-modified Wed, 03 Dec 2025 16:02:47 GMT perf 7402827104 vary origin content-type image/jpeg x-served-by t4_p, cache-nrt-rjtt7900065-NRT, cache-tyo11954-TYO, cache-tw-ZZZ1 strict-transport-security max-age=631138519; includeSubdomains cache-control max-age=604800, must-revalidate timing-allow-origin https://twitter.com, https://mobile.twitter.com cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 5952
GET H3	200	rum.js Show response pagead2.googlesyndication.com/pagead/js/	68 KB 25 KB	45ms 3ms	Script text/javascript	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/rum.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash e7ebe3a2c3a69b8aab804451bcf64b7971ee1eb42380f854a1bacc1be335642b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag 4947641265886744218 age 1562 x-content-type-options nosniff expires Fri, 05 Dec 2025 01:10:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Fri, 05 Dec 2025 00:10:54 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 25664 x-xss-protection 0 server cafe
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 21 KB	44ms 2ms	Script text/javascript	2404:6800:4004:826::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-77432-18&cx=c&gtm=4e5c31 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:826::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash f1a61277e3f902f50ab42015d8b07218db9b7601bb0967e54a52bfdcb4fa7e81 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding gzip age 66 report-to {"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],} x-content-type-options nosniff expires Fri, 05 Dec 2025 02:35:50 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:35:50 GMT last-modified Tue, 15 Jul 2025 00:44:26 GMT content-type text/javascript vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=7200 cross-origin-resource-policy cross-origin content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0 cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgac:225:0 content-length 20737 server Golfe2
GET H3	200	gpt securepubads.g.doubleclick.net/pagead/managed/dict/m202512040101/	64 KB 22 KB	39ms 38ms	Other text/plain	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/dict/m202512040101/gpt Requested by Host: posfie.com URL: https://posfie.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash 8d23693251d0923a21dba7083e1e3a58a18123b146cebbcefb828e1caa7c3aa3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers content-encoding br etag 4740477158928784528 age 30929 x-content-type-options nosniff expires Thu, 11 Dec 2025 16:01:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Thu, 04 Dec 2025 16:01:27 GMT content-type text/plain; charset=UTF-8 vary Accept-Encoding cache-control public, immutable, max-age=604800, stale-while-revalidate=7200 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 22756 x-xss-protection 0 server cafe use-as-dictionary match="/gampad/ads", id="m202512040101"
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	42ms 41ms	Image image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=posfie.com&doc=complete&pg_h=4996&pg_w=1600&pg_hs=4996&c=4&aa_c=0&av_h=472.500&av_w=407&av_a=151380&s=20&all_s=20&b=2378&all_b=2378&d=0.378&all_d=0.378&ard=0.076&all_ard=0.076&dt=d Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:56 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	favicon.ico s.tgstc.com/static/web/img/posfie/icon/	4 KB 1 KB	8ms 8ms	Other image/x-icon	2606:4700:3037::ac43:aaa6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://s.tgstc.com/static/web/img/posfie/icon/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::ac43:aaa6 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95bd82a21d98529254d9f10ad5561a714547f5739d21a2374e923185a9abbaba Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers strict-transport-security max-age=15552000; includeSubDomains; preload cache-control immutable, max-age=31536000 nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800} content-encoding zstd cf-cache-status HIT etag W/"6fcc29243f311bef921f25ac8143b57f" age 639916 report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=CCgeKuUaTDJN5EjjzDszdsY3bFMzGpYBVfu%2BwUc%2F33RvSiTma0GeHXbDVv1ePeYf7gCkNR4jD%2FsrSuN6lU9L0nM95UINXMqJAMq2zM%2F%2FkoNtQYEvaTN3"}]} x-content-type-options nosniff cf-ray 9a8f78deea4dc564-NRT date Fri, 05 Dec 2025 00:36:56 GMT content-type image/x-icon last-modified Wed, 09 Jul 2025 08:46:59 GMT vary Accept-Encoding server cloudflare
GET H3	200	sodar Show response ep1.adtrafficquality.google/getconfig/	18 KB 13 KB	106ms 64ms	XHR application/json	142.251.42.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202512020101&st=env&sjk=2316583274060782 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f2.1e100.net Software cafe / Resource Hash 8f440699e463190a51a074e22932a43b00103a45d9da6baaffd1d0e1449b9a55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin x-content-type-options nosniff access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 13654 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type application/json; charset=UTF-8 content-disposition attachment; filename="f.txt" server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	85 KB 18 KB	442ms 442ms	Fetch text/plain	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316583274060782&correlator=2032792784989287&eid=31095716%2C31095905%2C31095969%2C95376743%2C83321072%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202512020101&ptt=17&impl=fif&iu_parts=5453651%2Cpos_pc_top_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&dids=pos_pc_top_728x90&adfs=2768307426&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1764895016949&lmt=1764895016&adxs=268&adys=414&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposfie.com%2F&rumc=2316583274060782&rume=1&vis=1&psz=728x90&msz=728x-1&fws=0&ohw=0&psd=WzMxLFtdXQ..&dlt=1764895016116&idt=498&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D362a97bd9c18189%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.00%26hb_adid%3D362a97bd9c18189%26hb_bidder%3Drubicon&adks=14130819&frm=20&eoidce=1&pgls=CAk. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash 0a4a949c9438260bd848cda59101b42a6d0886f4a4b1579f7204264db0fa696a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers access-control-expose-headers x-google-amp-ad-validated-version content-encoding dcb google-lineitem-id -1 observe-browsing-topics ?1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:36:57 GMT content-type text/plain; charset=UTF-8 google-creative-id -1 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://posfie.com content-length 18369 x-xss-protection 0 server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	76 KB 16 KB	256ms 255ms	Fetch text/plain	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316583274060782&correlator=2032792784989287&eid=31095716%2C31095905%2C31095969%2C95376743%2C83321072%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202512020101&ptt=17&impl=fif&iu_parts=5453651%2Cpos_pc_right_top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=2&dids=pos_pc_right_top&adfs=4255418277&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1764895016959&lmt=1764895016&adxs=1023&adys=580&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposfie.com%2F&rumc=2316583274060782&rume=1&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psd=WzMxLFtdXQ..&dlt=1764895016116&idt=498&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D3809f334335d0e7%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.00%26hb_adid%3D3809f334335d0e7%26hb_bidder%3Drubicon&adks=4036029233&frm=20&eoidce=1&pgls=CAk. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash 54f05875f9a2997aa5dfb533e57ab090aed29aca6b03dfeb4c6323ccdf69d9f4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding dcb google-lineitem-id -1 observe-browsing-topics ?1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:36:57 GMT content-type text/plain; charset=UTF-8 google-creative-id -1 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://posfie.com content-length 16447 x-xss-protection 0 server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	33 KB 4 KB	431ms 430ms	Fetch text/plain	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316583274060782&correlator=2032792784989287&eid=31095716%2C31095905%2C31095969%2C95376743%2C83321072%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202512020101&ptt=17&impl=fif&iu_parts=5453651%2Cpos_pc_right_fixed&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=3&dids=pos_pc_right_fixed&adfs=1000264656&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1764895016961&lmt=1764895016&adxs=1023&adys=1398&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposfie.com%2F&rumc=2316583274060782&rume=1&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psd=WzMxLFtdXQ..&dlt=1764895016116&idt=498&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D398a01457270dcd%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.00%26hb_adid%3D398a01457270dcd%26hb_bidder%3Drubicon&adks=1988042130&frm=20&eoidce=1&pgls=CAk. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash 332cb10c8a4eabfedc84a8cecdebc6c398688053809cc8eb4b6facec0aad351e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding dcb google-lineitem-id -1 observe-browsing-topics ?1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:36:57 GMT content-type text/plain; charset=UTF-8 google-creative-id -1 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://posfie.com content-length 4125 x-xss-protection 0 server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	29 KB 4 KB	436ms 435ms	Fetch text/plain	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316583274060782&correlator=2032792784989287&eid=31095716%2C31095905%2C31095969%2C95376743%2C83321072%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202512020101&ptt=17&impl=fif&iu_parts=5453651%2Cpos_pc_right_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=4&dids=pos_pc_right_bottom&adfs=4168338261&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1764895016963&lmt=1764895016&adxs=1023&adys=2018&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposfie.com%2F&rumc=2316583274060782&rume=1&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&psd=WzMxLFtdXQ..&dlt=1764895016116&idt=498&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D300x600%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D373aca06b76012c%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.00%26hb_adid%3D373aca06b76012c%26hb_bidder%3Drubicon&adks=28270679&frm=20&eoidce=1&pgls=CAk. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash d7d972f3af6bce4ff066ecb927e41153090264cc8199117f543cc6b51e307ba0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding dcb google-lineitem-id 5072896974 observe-browsing-topics ?1 x-content-type-options nosniff google-mediationtag-id -2 google-mediationgroup-id -2 expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:36:57 GMT content-type text/plain; charset=UTF-8 google-creative-id 138271129440 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://posfie.com content-length 3625 x-xss-protection 0 server cafe
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	89 KB 19 KB	481ms 481ms	Fetch text/plain	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2316583274060782&correlator=2032792784989287&eid=31095716%2C31095905%2C31095969%2C95376743%2C83321072%2C31061691%2C31061692&output=ldjh&gdfp_req=1&vrg=202512020101&ptt=17&impl=fif&iu_parts=5453651%2Cpos_pc_overlay_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&dids=pos_pc_overlay_728x90&adfs=2140178567&sfv=1-0-45&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1764895016965&lmt=1764895016&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fposfie.com%2F&rumc=2316583274060782&rume=1&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&psd=WzMxLFtdXQ..&dlt=1764895016116&idt=498&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D1.00%26hb_adid_rubicon%3D40674357c962cea%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D1.00%26hb_adid%3D40674357c962cea%26hb_bidder%3Drubicon&adks=2405041621&frm=20&eoidce=1&pgls=CAk. Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash c1591545f59d31842b72b81dc37b6405bf3068b16f9af9494bb848b9242aa532 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers access-control-expose-headers x-google-amp-ad-validated-version content-encoding dcb google-lineitem-id -1 observe-browsing-topics ?1 x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:36:57 GMT content-type text/plain; charset=UTF-8 google-creative-id -1 cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin https://posfie.com content-length 18961 x-xss-protection 0 server cafe
GET H3	200	container.html Show response b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 1203	7 KB 3 KB	85ms 43ms	Document text/html	172.217.175.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f1.1e100.net Software sffe / Resource Hash f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 3121 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:36:57 GMT expires Fri, 05 Dec 2025 00:36:57 GMT last-modified Thu, 08 May 2025 23:15:48 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar2.js Show response ep2.adtrafficquality.google/sodar/	20 KB 7 KB	85ms 44ms	Script text/javascript	2404:6800:4004:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding gzip etag "1747411493688989" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript vary Accept-Encoding cache-control private, max-age=3000 cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin accept-ranges bytes content-length 7188 x-xss-protection 0 server sffe
GET H2	200	runner.html Show response ep2.adtrafficquality.google/sodar/sodar2/237/ Frame 94EF	13 KB 5 KB	37ms 2ms	Document text/html	2404:6800:4004:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 313 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3000 content-encoding gzip content-length 5044 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:31:44 GMT expires Fri, 05 Dec 2025 01:21:44 GMT last-modified Tue, 13 May 2025 23:17:50 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame F465	829 B 569 B	87ms 48ms	Document text/html	142.250.196.100 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.196.100 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s35-in-f4.1e100.net Software ESF / Resource Hash ba6092c509e6c1103ae556a681b6e53e7f3945c41ae0e17b09e4b474f538c221 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-eno5qLqXWM1f37agZnBZzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-eno5qLqXWM1f37agZnBZzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-opener-policy-report-only same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d" cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:36:57 GMT expires Fri, 05 Dec 2025 00:36:57 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]} server ESF x-content-type-options nosniff x-xss-protection 0
GET H3	200	i_Idg1PpasBJts7KnDCS24AV8hQNPlYHpYws80r0Dtc.js Show response pagead2.googlesyndication.com/bg/ Frame 94EF	53 KB 20 KB	44ms 2ms	Script text/javascript	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/i_Idg1PpasBJts7KnDCS24AV8hQNPlYHpYws80r0Dtc.js Requested by Host: ep2.adtrafficquality.google URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software sffe / Resource Hash 8bf21d8353e96ac049b6ceca9c3092db8015f2140d3e5607a58c2cf34af40ed7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ep2.adtrafficquality.google/ Response headers content-encoding br age 37133 report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} x-content-type-options nosniff expires Fri, 04 Dec 2026 14:18:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 14:18:04 GMT last-modified Mon, 01 Dec 2025 15:28:00 GMT content-type text/javascript vary Accept-Encoding cache-control public, max-age=31536000 cross-origin-opener-policy same-origin; report-to="botguard-scs" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs accept-ranges bytes content-length 20813 x-xss-protection 0 server sffe
GET H3	200	container.html Show response b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame FDC8	7 KB 0	0ms 0ms	Document text/html	172.217.175.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f1.1e100.net Software sffe / Resource Hash f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 3121 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:36:57 GMT expires Fri, 05 Dec 2025 00:36:57 GMT last-modified Thu, 08 May 2025 23:15:48 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect analytics.google.com/g/	0 0	38ms 37ms	Fetch text/plain	2404:6800:4004:822::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-5ZPETP1B9D&gtm=45je5c31v9104675881za200zd9104675881&_p=1764895016140&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=142496212.1764895017&ul=ja-jp&sr=1600x1200&are=1&frm=0&pscdl=noapi&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAgAAAQ&_s=2&tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116217636~116217638&sid=1764895016&sct=1&seg=0&dl=https%3A%2F%2Fposfie.com%2F&dt=posfie%20-%20%E3%81%BF%E3%82%93%E3%81%AA%E3%81%A7%E3%81%A4%E3%81%8F%E3%82%8BX%E3%83%9D%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81&en=tg_page_view_for_ranking&_et=5&tfd=1335 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ZPETP1B9D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:822::200e , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:169:0 report-to {"group":"ascnsrsggc:169:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:169:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://posfie.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:169:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/plain server Golfe2
GET H2	200	amp4ads-v0.js Show response cdn.ampproject.org/ Frame FDC8	237 KB 62 KB	98ms 48ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/amp4ads-v0.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 037f30a4090e8a2be4eeff67aa0587443d907b47fa58413b00dc611214cb601d Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag "db220768a909556a" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=3000, stale-while-revalidate=1206600 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 63713 x-xss-protection 0 server sffe
GET H2	200	css fonts.googleapis.com/ Frame FDC8	1 KB 895 B	85ms 44ms	Stylesheet text/css	2404:6800:4004:814::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C500&text=%E6%96%BD%E3%82%89%E4%BC%9A%E6%A0%AA%E3%81%86%E3%83%AD%E3%82%BD%E7%84%A1%E5%AF%BE%E5%AE%9F%E3%81%A8%E4%B8%AD%E3%81%8F%E3%83%B3%E3%81%8B%E3%83%8F%E8%B1%A1%E3%82%82%E3%83%BB%E8%B2%B7%E3%81%92%E3%81%94%E3%81%AE%E9%87%91%E3%83%94%E3%83%81%E3%82%AD%E6%96%99%E7%A5%AD%E9%96%8B%20%E5%88%B8%E9%A3%B2%E3%81%88%E7%A4%BE%E3%81%82%E3%82%92%E5%BC%8F%E3%81%AB%E3%83%BC%E9%BB%84%E3%82%AF%E3%82%8B%EF%BC%81 Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:814::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c9ddbad04f0fd235bcbbe82ad1c5d12c8b0014a1b1145f567b5f032de95bfdcf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 05 Dec 2025 00:36:57 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	amp-ad-exit-0.1.js Show response cdn.ampproject.org/v0/ Frame FDC8	19 KB 7 KB	99ms 50ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-ad-exit-0.1.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf855b3304e1483ed4f99d06a48b94dc5a0ea81663f279735fcc73b9a41e260e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag "f8c43e267b5e7c32" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 6640 x-xss-protection 0 server sffe
GET H2	200	amp-analytics-0.1.js Show response cdn.ampproject.org/v0/ Frame FDC8	110 KB 33 KB	90ms 41ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-analytics-0.1.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c642b7be944e3deb4b5468f817028404d0f4ef0a47726a3b859e66f4bd790dc4 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag "7fd9ce768da1142c" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 32206 x-xss-protection 0 server sffe
GET H2	200	amp-form-0.1.js Show response cdn.ampproject.org/v0/ Frame FDC8	49 KB 15 KB	105ms 56ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-form-0.1.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab8abc82fcea97199708654141abe5354242cd0feeec5f281e492f20b46f6a5c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag "8d7ef6b413336982" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 14976 x-xss-protection 0 server sffe
GET H2	200	amp-fit-text-0.1.js Show response cdn.ampproject.org/v0/ Frame FDC8	7 KB 3 KB	98ms 50ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/v0/amp-fit-text-0.1.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 36be5797decc866c1a3258308d174916de772545f49ad46586940f0f76a46adb Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag "c1cb963a52333d49" report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control private, max-age=604800, stale-while-revalidate=604800 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 2509 x-xss-protection 0 server sffe
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/4827305179130359867/ Frame FDC8	27 KB 27 KB	49ms 3ms	Image image/jpeg	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/4827305179130359867/14763004658117789537?w=400&h=209&tw=1&q=75 Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80b07aa5822cb75568030b6a10bed4b4b95d59ba237cbefd442aae782afa837e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers age 270653 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Tue, 01 Dec 2026 21:26:04 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Mon, 01 Dec 2025 21:26:04 GMT last-modified Mon, 01 Dec 2025 02:18:32 GMT content-type image/jpeg cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 27376 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated / Frame FDC8	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b1a88f44df636bd67c0d1f47c61ae5ed0015bdd249d906069324a78cee1518f0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F465	0 17 B	42ms 41ms	Image image/	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=237&li=gpt_m202512020101&jk=2316583274060782&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://www.google.com/ Response headers timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/ server cafe
GET H2	204	generate_204 ep2.adtrafficquality.google/ Frame 94EF	0 40 B	3ms 2ms	Image text/plain	2404:6800:4004:81d::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ep2.adtrafficquality.google/generate_204?8lDaUg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT cross-origin-resource-policy cross-origin
GET H3	200	font fonts.gstatic.com/l/ Frame FDC8	28 KB 28 KB	44ms 4ms	Font text/html	142.251.42.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq403eGBmj2lV-DThMRVz_cOUx04DGFxDeuoc3z3f6tfOjDRlWPjheFP_SIi3KL1D0gzMlLLHRROTokmLJx_tHAbepAv8EYw3Ss0zQEwLgex12tg6BpntJk-_wJYkczMa0fpaku58yRPgxAnRkgb0AHgp1infsrM42qoIoKQ_L_ZaJ2mcgJmw8PNB5AG1b6vBYlioklrMeN8CHjwNGNKg20MA4mZBH37FNHeqXjPgbXauWNPww&skey=72472b0eb8793570&v=v55 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C500&text=%E6%96%BD%E3%82%89%E4%BC%9A%E6%A0%AA%E3%81%86%E3%83%AD%E3%82%BD%E7%84%A1%E5%AF%BE%E5%AE%9F%E3%81%A8%E4%B8%AD%E3%81%8F%E3%83%B3%E3%81%8B%E3%83%8F%E8%B1%A1%E3%82%82%E3%83%BB%E8%B2%B7%E3%81%92%E3%81%94%E3%81%AE%E9%87%91%E3%83%94%E3%83%81%E3%82%AD%E6%96%99%E7%A5%AD%E9%96%8B%20%E5%88%B8%E9%A3%B2%E3%81%88%E7%A4%BE%E3%81%82%E3%82%92%E5%BC%8F%E3%81%AB%E3%83%BC%E9%BB%84%E3%82%AF%E3%82%8B%EF%BC%81 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f3.1e100.net Software ESF / Resource Hash 4af6d35c321e216572703a048e7e8aab039386a8523db38d09169baa38e7898e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com Referer https://fonts.googleapis.com/ Response headers age 85094 x-content-type-options nosniff expires Thu, 04 Dec 2025 00:58:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 00:58:43 GMT content-disposition attachment; filename="font.woff2"; filename*=UTF-8''font.woff2 last-modified Fri, 05 Sep 2025 00:08:34 GMT vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN cache-control private, max-age=86400 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 28684 x-xss-protection 0 server ESF
GET H3	200	container.html Show response b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 7F82	7 KB 0	0ms 0ms	Document text/html	172.217.175.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.33 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f1.1e100.net Software sffe / Resource Hash f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 3121 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:36:57 GMT expires Fri, 05 Dec 2025 00:36:57 GMT last-modified Thu, 08 May 2025 23:15:48 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame F9CD	0 0	43ms 42ms	Fetch image/gif	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKWspZAr2-h4YiatCax6uozuWTSVmeOuoBLzVx3VG1P6H3LegoM7F1kG2NiAIkQU-OoZ7LHwDK3gQ-lst_AcFPOWIjpZnx2doUt8o2RnRVjlU_MqewMaH76CrkyXnd6vFElDGxlQa-lNIOuW22h4bume92qnkOIYCCfealJWjC2lQ9dSHNBYNEay8hOcbwHduTi8eygg7d4PIpMd0CXusDVPDZ5ngZggMqMKkvsZNCGYNczi7m9v61Z1XOv0-dNABryycwsUgbUc4RPRruycBp7dmtiLMcRS78z0PtMVBXTXlV8lm7dnXJoCHIVs4c1cSDiDOl559ml8zO7BZ1UotEyKFaM7os40ca4lpsKMij33eOgRJemgIld5F5JLfY8Ofr6ujb04_7k8RZp5FzyhHOsXp9kqZdzvDL_87_spMXy4FRhq7wARJy12-z&sai=AMfl-YRhZ63ILtGemh3uzQZuwU6gc__MZ4pB7RAj6S1QluCN2ZNSsQbtQheBeR5Id9pp-yy1x3xIVxgUXw0jRLJhWH0GvGaE2y5roWcEBCD1Y3Kmk7_dc2V2pkVz8T22YlIG8oKdglXnaUbZEtliC1odUt23rGumfbrRo08L2ntL4AqFGPF5FSaqk7X8KApLUFjsxFoxnfV_dYy4azS_QygLYRYvOuxcJPHkJir1L4Ifc0GVVOfKg8GiW4nLXP7U6WQr16_1OwlcSwQjWj-k1Zm79wpsd9tM5P2Y&sig=Cg0ArKJSzILEnUmuph-bEAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: posfie.com URL: https://posfie.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	creative.js Show response cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F9CD	28 KB 10 KB	9ms 2ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b70acabfec3024b0ca21c8847693536dd931b2d012d596cb979d74c972a4a6e2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers access-control-expose-headers * content-encoding br etag W/"7009-+fSnGmMge6EQaCY8X46KqAScnTo" age 31706 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Fri, 05 Dec 2025 00:36:57 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220076-FRA, cache-tyo11939-TYO vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 9763 x-jsd-version 1.17.2
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F9CD	227 KB 70 KB	4ms 3ms	Script text/javascript	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash 51d8ff6c08bd4ac009c99b4f0f90b2a3f8f522f9ada47e383b534335bcba10ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag 18225759614869584005 age 3575 x-content-type-options nosniff expires Fri, 05 Dec 2025 00:37:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 04 Dec 2025 23:37:22 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=Shift_JIS vary Accept-Encoding cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 71553 x-xss-protection 0 server cafe
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012509301838000/ Frame 4625	196 KB 56 KB	48ms 5ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f8f53d3b054e3ef69bb8bfaea96a56f27de474b13d1a904a01dcf6c941f26945 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "0561256f6a7f81fb" age 108671 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Thu, 03 Dec 2026 18:25:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 03 Dec 2025 18:25:46 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 56062 x-xss-protection 0 server sffe
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 4625	15 KB 5 KB	50ms 7ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d70504ff3c9e5551a2e1358a46c29a6ce986e878931363b4c35f51b8d408f01 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "dea7c6f2a6d5c8f5" age 57677 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 04 Dec 2026 08:35:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 08:35:40 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 5223 x-xss-protection 0 server sffe
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 4625	95 KB 28 KB	53ms 11ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3019d2e56dc3f0f0111a19026974ec78159ffabe5d7b94ca93898c9a08ebccda Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "c3793ea3b2771ef6" age 67449 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 04 Dec 2026 05:52:48 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 05:52:48 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 29018 x-xss-protection 0 server sffe
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 4625	5 KB 2 KB	49ms 7ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2573dafb426ef28094543ed7629313ce3a0bc37819f3efe02cb901d47ba29e11 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "59bb8566f3e5df7f" age 102962 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Thu, 03 Dec 2026 20:00:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 03 Dec 2025 20:00:55 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 1918 x-xss-protection 0 server sffe
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 4625	40 KB 13 KB	49ms 7ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 76b6b82b657ee6785b93ad5e5a14ea9a5bec880a6c0a9d7e6be5501830f29fc9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "c62fd38443903192" age 123564 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Thu, 03 Dec 2026 14:17:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 03 Dec 2025 14:17:33 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 12948 x-xss-protection 0 server sffe
GET H2	200	css fonts.googleapis.com/ Frame 4625	900 B 888 B	76ms 39ms	Stylesheet text/css	2404:6800:4004:814::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%96%99%E5%BC%8F%E3%82%8B%E4%BC%9A%E5%88%B8%E5%AF%BE%E3%81%A8%E3%83%BB%E9%BB%84%E8%B2%B7%E3%82%AD%E3%81%AB%E4%B8%AD%E3%82%82%E3%83%94%20%E7%A5%AD%E3%81%92%E3%81%86%E3%82%92%E7%A4%BE%E3%81%94%E6%A0%AA%E3%81%AE%E6%96%BD%EF%BC%81%E3%83%BC%E3%81%8B%E7%84%A1%E5%AE%9F%E3%82%89%E3%82%AF%E8%B1%A1%E3%83%B3%E9%A3%B2%E3%83%8F%E9%87%91%E3%83%AD%E3%82%BD%E3%81%8F%E3%81%82%E3%81%88%E3%83%81%E9%96%8B Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:814::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ce5cfdf77f001268fb93e74e1e588a5bf544b59c6c4c4e5b18a95c7daaafd119 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 05 Dec 2025 00:36:57 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET DATA	200 OK	truncated / Frame 4625	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e11d7b0f3a01264f6597b971b43018ebd715e76bd68f3d84f4d35a9ab1706790 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	200	en_bl.png tpc.googlesyndication.com/pagead/images/abg/ Frame 4625	3 KB 3 KB	46ms 4ms	Image image/png	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 3004170791804808702 age 53660 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 09:42:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2980 x-xss-protection 0 date Thu, 04 Dec 2025 09:42:37 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	adchoices_blue_wb.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4625	209 B 578 B	45ms 3ms	Image image/png	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 2799713854418114702 age 54862 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 09:22:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 209 x-xss-protection 0 date Thu, 04 Dec 2025 09:22:35 GMT content-type image/png vary Accept-Encoding server cafe
GET		adview securepubads.g.doubleclick.net/pagead/ Frame 4625	0 0
GET H2	200	afr.php Show response ads.as.criteo.com/delivery/r/ Frame 8A22	137 KB 48 KB	69ms 56ms	Document text/html	2406:2600:4::22 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash d800d921b7abe7382923a150849646d9f2c563433d867ef51182d5df5be725ab Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:36:57 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://client-side-metrics.as.criteo.net/heavyad?cppv=3&cpp=2yITKYLyMBURNmYyaWZpOoYMEB1EntSgj7HiyTC2C6rZdA_9eJVKXl3mF5umcqiNgVJB_AAQoz6ZpL-MHn9LA9vhZrdGpVHF1U_2q61Ot0fnYYK7pLILkgoLNNjceLTDzpRgP60FVq7iZdi99fUqVko85mFLg4z-V6fJPqmBCUICTmWFXdgy9iGeuxd-MiGpb8LKaeiwCUDZSAKJ1gB88Efbg5PEVkIX5Fv7dVggL3pOgU5P-yUi3SrngkWJC9lhSDnXwQ"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 52500170 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-trace-id 9847573a13ba86cd19883207cab12a66
GET H2	200	usync.html Show response eus.rubiconproject.com/ Frame A8B0	269 B 379 B	19ms 13ms	Document text/html	23.63.77.136 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?&geo=au&co=jp Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.63.77.136 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-63-77-136.deploy.static.akamaitechnologies.com Software Apache/2.4.65 (Debian) / Resource Hash e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9 Request headers Referer https://posfie.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers accept-ranges bytes content-encoding gzip content-length 224 content-type text/html date Fri, 05 Dec 2025 00:36:57 GMT etag "10d-63d602600b800-gzip" last-modified Wed, 27 Aug 2025 22:17:04 GMT server Apache/2.4.65 (Debian) vary Accept-Encoding
GET H2	200	2d3a57d7-cced-417e-b5eb-74aaad9e039f beacon-sin1.rubiconproject.com/beacon/d/ Frame F9CD	43 B 227 B	228ms 72ms	Image image/gif	2602:803:c006:158::67 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://beacon-sin1.rubiconproject.com/beacon/d/2d3a57d7-cced-417e-b5eb-74aaad9e039f?oo=0&accountId=20338&siteId=580740&zoneId=3704856&sizeId=10&e=6A1E40E384DA563BD43F0CB3161F1903B938146E1CA23BD5F9C5101F318020DC3545289FE918F3732610567B2575E3D13018162458F0F3C7469E7366B030232CBB5DB572A0A900969D27EE5463CAF41EC869C314CC0D19AB728FE66B9DDE3FB0F3B0D099E35900362BE99FBD12B75536C558E0743D5F6BB0E0D27F0EED33A96DE300E6A41F2987EF00E0F8E379C6D8F63DE7C9AF94C099AC69E64CA9549213223AB81A9E333D574FC526A1A5274C975D61544841A9F8341A827891DD3BAC4D919E06B46940ED28202DFB1317EC64048B0FD6C3D56A3F7047CB4B928E9D31D2F1902181022DA03DD431CF307FEDA14FBE83261743E15E1B993EEF36262DD0B7A04A57DC0C686279DF47E684D908FCDB2667445B399A97A95F462B03D4FDD43E730B80D84B038C9975334E69AF40F839FBE98120D493E3CA6DD9BAB473FA95E11258CA96AF1142E6D3821778C82F30D404CF521AB6F25B2D2689ED49102BADD816F83E5FB78C6EA76AEE0A8EAFF9F8A2A2EF9C06F4C945AC7C0C3B37279AFF31E1F363349D9E4C591794424D83C60A3BAFED29E875485DBC323D4CEFD9CEF38662596241103A757AFC42A3031D59E3AE7F1B2619A1FCA7153172FFCAF5BEE990EE8DC54A0FDFC3D56A832B96D5665D001A1AAFE57928BFBAD5443C06820DDB8FE43716B80A31BF3BC20BA7815E013577135D98A982AC81C03BEE410E62CD2FFCB99D90B2066B342248414DE11CEA8B9F3900BB5948331CBA3CFE7FAC29884C3779CD1AA4E1B95214C64FBCC3E4AAADA1CC7851C07CBB55EB69D1F912EC90167080C773DA8FC3823E26C7F5A66EB5D4B4887905D66F066F42F02AEC1206E15191A0FB597552013DEE545351E2CAD5085796941DE722AF0AD12A4F3564214626798C524B7A7727E167208113DF6252911DC0D4C28D622388EB70E9AAAE997ECED2D142BF0F02629623A6E74E88BB6790AE14FB9A92EE7DF5814FC58105C031B3A2D20CBE439443043367345B5A1FCD5F0161D0414E7DC93AF2DE7EA09DAA1B3CB2D02FB4A2573F5AA1D628F4172294F95DAAE4B550108198E86F614F18E5525D35B592935B9BD6B8300ECCC91AA0C9A0570B121CCEBE22F000A2C7E709207470A3CA7BA9C1E02B8BBDE0CE29EEE35C1FF62D559DCA851CD04C5C998234B169F036920B56FE01733A27E46CC2245767BCAF25ACE7809F8C6091EF204FE73E67F9F5C90A651A767C29B6D929323246774D2027 Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2602:803:c006:158::67 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control private, max-age=0, no-cache pragma no-cache x-content-type-options nosniff expires 01 Jan 1970 10:00:00 GMT content-length 43 x-xss-protection 1; mode=block date Fri, 05 Dec 2025 00:36:57 GMT content-type image/gif x-frame-options DENY
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F9CD	0 0	79ms 78ms	Fetch image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F9CD	0 0	72ms 72ms	Fetch image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	view securepubads.g.doubleclick.net/pcs/ Frame F9CD	0 0	44ms 44ms	Fetch image/gif	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssR1DYL5ktmfD0FY9H2x_MNm4aHVVdcQDcNKJxlK9BnolktP2Q7DS7zbTD3rN6MQGOQrQlvtZyUtje6zDWsmCiNuKprdCpXGWo_je6fGtpC93zPE1eGYSYBH-Znk2q_SFusl0TH6mFwjWq3jbjNGXz9Fchw8R4QHPpBhLhMLvv14urwyhv6lF9EjoLr_GCb71qNZN_BlGK6J4hvzI3GVQJd5crOtYqq8XUS_U-OjUhsCyJ-M75AoTusr9FzgHDSoGcqfvDCcTVCkR0zTrFvOijvY84SDFByBXGV2L5xXM3Z01eiF-uobpTdmaLhLpzNyepHtWM0tTbXz2zK7-P_lAPdr1IgDwi0jcoTSE0cs7b4Cvu-JIjbtWUbow5wtGZPN4bjUHKsyedjtUn2R2Ax-gUPQJqBvH0Yp2xCpfH-F9_7A_6Ep4WM3-qLTOKjj_k&sai=AMfl-YQSEc2ShN0JgAjUdd-qA7rSP_MRrxGNLHaE_FLZFwSfDRLtWi9dCbLrGAucAIsRB-sEppYCdck_Gz_XKtZ9pizvKgNFTVRflNCTxua2XI38xybOcmMOfwvPxPQk4VO84PkzkmN2D3BJT0unA5aju-o_ZHH8nzq_jddprk_poSuFQQxatgjT-ctuXtOWV03f6u_vb3zq0UnCDcR970hfCzOYnGF-XoELay2MQfBsahMnS3gavcAZluJw1qhMKTNV1NalKMV9pNprbXPD-g7B9IlRsspXgy6O&sig=Cg0ArKJSzK26h8yE-zP8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control private timing-allow-origin * accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 7F82	0 0	86ms 48ms	Fetch text/html	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CPCgaKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoEkgJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb66jx9m_HpQT6yEXWxR5lThm36gukT1Ku1clvpyUmxuHH7vT9Xj_4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZEDgAoD-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcsChoSFHB1Yi03Mzc4MzgyNTA1MjYyODM5GMu2EBgMKgo2OTMyOTkzNTA3UAGqGBcJInWPrpWav0ASCjY5MzI5OTM1MDcYAQ&sigh=jagEJ4pCtpo&uach_m=%5BUACH%5D&cid=CAQSswEAwksa0UFlMH3eOsC6fkhJeWDJiAgOdMaIDhGR7uTOf3DGWJXYjN8FTWAwTD4TgtnTCvO1Www0r91_yb99hf3aAaFVZeJ3RxRHGZD_hwGmh-IFnRoOJ-TRSux_uuBrvMhUL4AeW_n67omD2H3ffWU8oFSRBKng6pZgiG9w2kNt908C9gs-eQEzP8pWtsR5RF_Nom9l4fXYtO4WBVZ31_8QO7hO1JzoU98qzgSyXQGD3c52RBgB Requested by Host: posfie.com URL: https://posfie.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers
GET H2	200	notify rtb.sg1.as.criteo.com/googleortb/auction/ Frame 7F82	0 0	220ms 71ms	Fetch	2406:2600:7:100::32 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://rtb.sg1.as.criteo.com/googleortb/auction/notify?profile=14&payload=muC-EoD9BqwC2AS-ZqqlGwAAABGLMXlqz9ZNVi6YDxAoKTJpsyjyirNh9LFnwQAAEgAACg5BUVVCRGdFQkRnWUJEZ-bM0bm31TEhlRKsoEPL9Fw&wp=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:7:100::32 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers strict-transport-security max-age=31536000; preload; content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT server Kestrel server-processing-duration-in-ticks 140352
GET H2	200	afr.php Show response ads.as.criteo.com/delivery/r/ Frame E2AE	144 KB 49 KB	49ms 48ms	Document text/html	2406:2600:4::22 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::22 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 48878ea0eb53f1ebc54fbe9d650b6051a151d1ad57a285e22e43ed0ddd2ce43b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Fri, 05 Dec 2025 00:36:57 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://client-side-metrics.as.criteo.net/heavyad?cppv=3&cpp=xihHMILyMBURNmYyY448YX_LEmQYO3V5-wvrtkJf8TTFX_m3BXyok6-OTaaifhidZGqQFZnJdR8lOdnA8gZcw9XaxHazlp7tU5d6FYAeoVecaHZxfC673HTLw9aROHqXnWEsHBsE85kvrr-jfdthxRPq7qwTTlGUmvv55gkLK25eY9rM7ANdb9Z4iUsRUaXkvezvOSh0r6RamlHlWNZtRIyjU99zuKL6_QQT8sMNCJnQ6fSLDYBa6mnzQ0rW69r3e7ljIA"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 45707660 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-trace-id eb3ca5074304be48391dc93f3c968d0e
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20251203/r20110914/client/ Frame 7F82	3 KB 1 KB	6ms 4ms	Script text/javascript	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20251203/r20110914/client/window_focus_fy2021.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fec5a361dec923efe92848ca27b02b158b164380a9eaf6cc1625e08e0d9c101e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag 6020003950853699975 age 26600 x-content-type-options nosniff expires Thu, 18 Dec 2025 17:13:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 04 Dec 2025 17:13:37 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 1241 x-xss-protection 0 server cafe
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20251203/r20110914/client/ Frame 7F82	21 KB 9 KB	5ms 4ms	Script text/javascript	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20251203/r20110914/client/qs_click_protection_fy2021.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3539a82b4664c18c51201b6b35a296282250e6cfb16f3355c61d949797c56529 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag 2622203621575094117 age 35434 x-content-type-options nosniff expires Thu, 18 Dec 2025 14:46:23 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 04 Dec 2025 14:46:23 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=1209600 timing-allow-origin * cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 8688 x-xss-protection 0 server cafe
GET H2	200	ext.js Show response tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 7F82	23 KB 6 KB	48ms 47ms	Script text/javascript	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript vary Accept-Encoding last-modified Thu, 08 May 2025 23:15:48 GMT cache-control private, max-age=300 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" content-length 6269 x-xss-protection 0 server sffe
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7F82	227 KB 70 KB	3ms 3ms	Script text/javascript	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash 51d8ff6c08bd4ac009c99b4f0f90b2a3f8f522f9ada47e383b534335bcba10ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag 18225759614869584005 age 3575 x-content-type-options nosniff expires Fri, 05 Dec 2025 00:37:22 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" date Thu, 04 Dec 2025 23:37:22 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=Shift_JIS vary Accept-Encoding cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 71553 x-xss-protection 0 server cafe
GET DATA	200 OK	truncated / Frame F9CD	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c6ea5d7aa4508c8b32368ed1571507611081f225f9e8ebce8223ba5020a1bf7f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H3	200	font fonts.gstatic.com/l/ Frame 4625	28 KB 28 KB	42ms 3ms	Font text/html	142.251.42.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq403eGBmj2lV-DThMRVz_cOUx04DGFxDeuoc3z3f6tfOjDRlWPjheFP_SIi3KL1D0gzMlLLHRROTokmLJx_tHAbepAv8EYw3Ss0zQEwLgex12tg6BpntJk-_wJYkczMa0fpaku58yRPgxAnRkgb0AHgp1infsrM42qoIoKQ_L_ZaJ2mcgJmw8PNB5AG1b6vBYlioklrMeN8CHjwNGNKg20MA4mZBH37FNHeqXjPgbXauWNPww&skey=72472b0eb8793570&v=v55 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%96%99%E5%BC%8F%E3%82%8B%E4%BC%9A%E5%88%B8%E5%AF%BE%E3%81%A8%E3%83%BB%E9%BB%84%E8%B2%B7%E3%82%AD%E3%81%AB%E4%B8%AD%E3%82%82%E3%83%94%20%E7%A5%AD%E3%81%92%E3%81%86%E3%82%92%E7%A4%BE%E3%81%94%E6%A0%AA%E3%81%AE%E6%96%BD%EF%BC%81%E3%83%BC%E3%81%8B%E7%84%A1%E5%AE%9F%E3%82%89%E3%82%AF%E8%B1%A1%E3%83%B3%E9%A3%B2%E3%83%8F%E9%87%91%E3%83%AD%E3%82%BD%E3%81%8F%E3%81%82%E3%81%88%E3%83%81%E9%96%8B Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f3.1e100.net Software ESF / Resource Hash 4af6d35c321e216572703a048e7e8aab039386a8523db38d09169baa38e7898e Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://posfie.com Referer https://fonts.googleapis.com/ Response headers age 85094 x-content-type-options nosniff expires Thu, 04 Dec 2025 00:58:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 00:58:43 GMT content-disposition attachment; filename="font.woff2"; filename*=UTF-8''font.woff2 last-modified Fri, 05 Sep 2025 00:08:34 GMT vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN cache-control private, max-age=86400 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 28684 x-xss-protection 0 server ESF
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F9CD	0 0	39ms 39ms	Fetch image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	usync.js Show response eus.rubiconproject.com/ Frame A8B0	45 KB 11 KB	40ms 38ms	Script text/html	23.63.77.136 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?&geo=au&co=jp Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.63.77.136 Tokyo, Japan, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-63-77-136.deploy.static.akamaitechnologies.com Software Apache/2.4.65 (Debian) / PHP/8.3.24 Resource Hash fc1bb55a451d1c6d8787c1516d3c1e760027c95cf1f5b23e81a35494ae3f79ca Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/usync.html?&geo=au&co=jp Response headers cache-control max-age=86065 content-encoding gzip expires Sat, 06 Dec 2025 00:31:22 GMT p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" content-length 11461 date Fri, 05 Dec 2025 00:36:57 GMT last-modified Fri, 05 Dec 2025 00:31:22 GMT x-powered-by PHP/8.3.24 server Apache/2.4.65 (Debian) content-type text/html;charset=UTF-8 vary Accept-Encoding
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 8A22	2 KB 1 KB	17ms 2ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5e42ba84-6aa" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 8A22	2 KB 1 KB	18ms 3ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5e42b9ee-759" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 8A22	308 B 636 B	2ms 2ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * etag "5e46a5e4-134" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp accept-ranges bytes access-control-allow-origin * content-length 308 date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 8A22	293 B 621 B	2ms 2ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * etag "626a59dc-125" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp accept-ranges bytes access-control-allow-origin * content-length 293 date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx
GET H2	200	lg.php cat.jp2.as.criteo.com/delivery/ Frame 8A22	43 B 348 B	14ms 3ms	Image image/gif	2406:2600:4::31 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=fTXbnNa8IFFTG7XTU5niGuKwkTaC8T21hWZsJcelDpGn7cHmcBCEyk584xxHcsjPCQGjDhUh1O8GBs0J62aCfG3s-WTH8kglqwkdLiGlnX5_tTXG-CxTgSq3taBOd1wpNWb5HtrlwOFsHm_f1aJrbpfJvNj_mK2bUK8agqtQn7-2g5H7Qpb9WvrUlAByYdKozuBulIT_0ZvyRvXV5jEKEMssB8VXWS7EEzOgr0rZA45ONKZqmBS8YIvJ4T6A6F_fR6hhBYo9OzDFwI9z4_5HYlymBytXXp7uSiBBZu_9UHelPTOjWvpSIJ9_kyRnBdk6sBepnd8QOMZit7GWVG-pTQMrhUN5Dl8inu9cy87gyMQHYKS0DJcml6NlrkLaeUzfIDxXmQaTx7adK7s3BZWmCCm-Txe2K60v66QMVvjWPY2Dso_O0bQNVPdnRU7cX5nIlx-4eiCWGPk7K-Whww1iRGt2Wbt2II4fwS7ZoP2NwVCAbyvc Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::31 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control no-cache pragma no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 2052753 expires Mon, 26 Jul 1997 05:00:00 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Fri, 05 Dec 2025 00:36:57 GMT content-type image/gif server Kestrel
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012509301838000/ Frame 1280	196 KB 0	48ms 5ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f8f53d3b054e3ef69bb8bfaea96a56f27de474b13d1a904a01dcf6c941f26945 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "0561256f6a7f81fb" age 108671 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Thu, 03 Dec 2026 18:25:46 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 03 Dec 2025 18:25:46 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 56062 x-xss-protection 0 server sffe
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 1280	15 KB 0	50ms 7ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d70504ff3c9e5551a2e1358a46c29a6ce986e878931363b4c35f51b8d408f01 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "dea7c6f2a6d5c8f5" age 57677 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 04 Dec 2026 08:35:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 08:35:40 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 5223 x-xss-protection 0 server sffe
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 1280	95 KB 0	53ms 11ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3019d2e56dc3f0f0111a19026974ec78159ffabe5d7b94ca93898c9a08ebccda Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "c3793ea3b2771ef6" age 67449 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Fri, 04 Dec 2026 05:52:48 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 05:52:48 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 29018 x-xss-protection 0 server sffe
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 1280	5 KB 0	49ms 7ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2573dafb426ef28094543ed7629313ce3a0bc37819f3efe02cb901d47ba29e11 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "59bb8566f3e5df7f" age 102962 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Thu, 03 Dec 2026 20:00:55 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 03 Dec 2025 20:00:55 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 1918 x-xss-protection 0 server sffe
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012509301838000/v0/ Frame 1280	40 KB 0	49ms 7ms	Script text/javascript	2404:6800:4004:80a::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012509301838000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80a::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 76b6b82b657ee6785b93ad5e5a14ea9a5bec880a6c0a9d7e6be5501830f29fc9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag "c62fd38443903192" age 123564 report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} x-content-type-options nosniff expires Thu, 03 Dec 2026 14:17:33 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 03 Dec 2025 14:17:33 GMT content-type text/javascript; charset=UTF-8 vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp cache-control public, max-age=31536000 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" content-length 12948 x-xss-protection 0 server sffe
GET H2	200	css fonts.googleapis.com/ Frame 1280	900 B 494 B	41ms 40ms	Stylesheet text/css	2404:6800:4004:814::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%82%E6%A0%AA%E3%81%A8%E7%84%A1%E4%B8%AD%E3%81%AE%E3%83%B3%E6%96%99%E4%BC%9A%E8%B2%B7%E5%AF%BE%E9%A3%B2%E6%96%BD%E3%82%92%E3%81%88%E3%82%AF%E3%83%81%E7%A5%AD%E9%96%8B%20%E3%82%8B%E3%81%82%E3%83%AD%E3%83%BB%E3%81%94%E8%B1%A1%E3%82%BD%E7%A4%BE%E3%83%94%E3%83%8F%E3%81%8F%E9%BB%84%EF%BC%81%E9%87%91%E3%81%AB%E3%82%AD%E5%BC%8F%E3%83%BC%E5%AE%9F%E3%81%86%E3%82%89%E3%81%92%E3%81%8B%E5%88%B8 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:814::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ce5cfdf77f001268fb93e74e1e588a5bf544b59c6c4c4e5b18a95c7daaafd119 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 05 Dec 2025 00:36:57 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:57 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 05 Dec 2025 00:36:57 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	en_bl.png tpc.googlesyndication.com/pagead/images/abg/ Frame 1280	3 KB 0	46ms 4ms	Image image/png	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en_bl.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7f1343ca74e009a2949392688b30d4a9a8f7f642ae4b593c9fdc76284531b049 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 3004170791804808702 age 53660 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 09:42:37 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2980 x-xss-protection 0 date Thu, 04 Dec 2025 09:42:37 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	adchoices_blue_wb.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1280	209 B 0	45ms 3ms	Image image/png	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202512020101/pubads_impl.js?cb=31095969 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 2799713854418114702 age 54862 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 09:22:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 209 x-xss-protection 0 date Thu, 04 Dec 2025 09:22:35 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	14763004658117789537 tpc.googlesyndication.com/simgad/2448355313266079412/ Frame 1280	1 KB 2 KB	4ms 2ms	Image image/jpeg	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2448355313266079412/14763004658117789537?w=100&h=100&tw=1&q=75 Requested by Host: posfie.com URL: https://posfie.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6c23cf34fca30175a9202b33acf3da22e8b972b4fbbbd15038db166b4c39d6db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers age 270657 report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} x-content-type-options nosniff expires Tue, 01 Dec 2026 21:26:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 allow-fenced-frame-automatic-beacons true date Mon, 01 Dec 2025 21:26:00 GMT last-modified Sat, 01 Feb 2025 17:04:04 GMT content-type image/jpeg cache-control public, max-age=31536000 timing-allow-origin * x-dns-prefetch-control off cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" content-length 1384 x-xss-protection 0 server sffe
GET DATA	200 OK	truncated / Frame 1280	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1adc875d0d28188fd6ef0bfdc51970117d178c99514080c9cf21ad515d11ac4f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET		adview securepubads.g.doubleclick.net/pagead/ Frame 1280	0 0
GET H3	200	adchoices_blue_wb.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame FDC8	209 B 233 B	3ms 3ms	Image image/png	142.250.194.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/amp4ads-v0.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.194.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS del12s05-in-f1.1e100.net Software cafe / Resource Hash 135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 2799713854418114702 age 84818 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 01:03:19 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 209 x-xss-protection 0 date Thu, 04 Dec 2025 01:03:19 GMT content-type image/png vary Accept-Encoding server cafe
GET H3	200	en.png tpc.googlesyndication.com/pagead/images/abg/ Frame FDC8	3 KB 3 KB	4ms 4ms	Image image/png	142.250.194.129 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/en.png Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.194.129 , United States, ASN15169 (GOOGLE, US), Reverse DNS del12s05-in-f1.1e100.net Software cafe / Resource Hash 85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 15880770647744369592 age 34600 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 15:00:17 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 2982 x-xss-protection 0 date Thu, 04 Dec 2025 15:00:17 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame E2AE	2 KB 0	0ms 0ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5e42ba84-6aa" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame E2AE	2 KB 0	1ms 1ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5e42b9ee-759" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame E2AE	308 B 0	0ms 0ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers cache-control max-age=31104000, public timing-allow-origin * etag "5e46a5e4-134" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp accept-ranges bytes access-control-allow-origin * content-length 308 date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame E2AE	293 B 0	0ms 0ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers cache-control max-age=31104000, public timing-allow-origin * etag "626a59dc-125" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp accept-ranges bytes access-control-allow-origin * content-length 293 date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx
GET H2	200	lg.php cat.jp2.as.criteo.com/delivery/ Frame E2AE	43 B 347 B	4ms 4ms	Image image/gif	2406:2600:4::31 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://cat.jp2.as.criteo.com/delivery/lg.php?cppv=3&cpp=eo6F-owAC6EM4ACd6ZQU_XlXtfk5vDdoQbEB1ZKdqd9zOrq5uMWRC1o-2afcur-uvzur4_Sqe1rOnrpqFXuo9SJhepgLRm7WhGVoy97GxEK5ghwTCiwL0WLVikXCIqUPDat1DwU-qw4y_fqMmNofMMRb-g68e2sFMh-8UUWq9mDJDdkNyRRJ8myp30gxkhiJ29iMk_JLFjFM3pGnPIA1rsZ1sNj90Kf7mKrayWedLbWhG514n6Md0gcWLpnCjApTxECpvcV6mgqMabQBhODM-XwPxyENJ8QDZF8_H8whoCapLjfyvrD-aaffqoWwelp5MCjFvcfxDitgfgiPORTswwyJeQeOh8qQ_SoZvnUiOrsgKdepTMM-pTMsqWJHjxYIwQ029fumno2gk8CYHmaDeYvMqHTNFDIYP1cIYYuhhIvLqJt9FTNIAjbtSd2phNImKc1bws96PPl5Kvx10ZfSREPqu2WDlIM1mGsBBYUrNX7iEhAF5XKnHIi7FtgBSPsUBknqQUakkPjKuuwKm6LtGDuURek Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::31 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control no-cache pragma no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1513818 expires Mon, 26 Jul 1997 05:00:00 GMT p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" date Fri, 05 Dec 2025 00:36:57 GMT content-type image/gif server Kestrel
GET H2	200	register-source measurement-api.criteo.com/ Frame 8A22	2 B 189 B	15ms 2ms	Other text/html	2406:2600:4:: CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://measurement-api.criteo.com/register-source?impressionId=69322929564b9adbd36823b3743ea734&partner_domain=hatarako.net&external_uid=303e4990-1903-4b16-a50d-11e0a63ea542&partner_id=6968&source_type=event&campaign_id=302944&marketing_objective_type=0&creative_type=1&hashed_external_id=35265634176577333&hashed_external_id=8588791461431793283&hashed_external_id=-3866868406978146459&hashed_external_id=3638293046129594144&hashed_external_id=-7907947564253531379 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; content-encoding br date Fri, 05 Dec 2025 00:36:57 GMT content-type text/html vary Accept-Encoding server Kestrel
GET H2	200	dis.aspx Show response widget.jp2.as.criteo.com/dis/ Frame DEFA	28 B 471 B	13ms 3ms	Document text/html	2406:2600:4::2f CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://widget.jp2.as.criteo.com/dis/dis.aspx?pu=40730&cb=69322929564b9adbd36823b3743ea734&r=https%3a%2f%2fposfie.com%2f&crossorigin=false Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 28246fc455ed80a6d38f2779e518e2fb49031680c01ae393a7cae3d04462daf0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.as.criteo.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Response headers cache-control no-cache content-encoding gzip content-type text/html date Fri, 05 Dec 2025 00:36:57 GMT expires Mon, 26 Jul 1997 05:00:00 GMT p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache server Kestrel server-processing-duration-in-ticks 856899 strict-transport-security max-age=31536000; preload; timing-allow-origin * vary Accept-Encoding
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 8A22	12 KB 6 KB	2ms 2ms	Script text/javascript	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5c9a64eb-3181" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx
GET H3	200	font fonts.gstatic.com/l/ Frame 1280	28 KB 0	42ms 3ms	Font text/html	142.251.42.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq403eGBmj2lV-DThMRVz_cOUx04DGFxDeuoc3z3f6tfOjDRlWPjheFP_SIi3KL1D0gzMlLLHRROTokmLJx_tHAbepAv8EYw3Ss0zQEwLgex12tg6BpntJk-_wJYkczMa0fpaku58yRPgxAnRkgb0AHgp1infsrM42qoIoKQ_L_ZaJ2mcgJmw8PNB5AG1b6vBYlioklrMeN8CHjwNGNKg20MA4mZBH37FNHeqXjPgbXauWNPww&skey=72472b0eb8793570&v=v55 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%96%99%E5%BC%8F%E3%82%8B%E4%BC%9A%E5%88%B8%E5%AF%BE%E3%81%A8%E3%83%BB%E9%BB%84%E8%B2%B7%E3%82%AD%E3%81%AB%E4%B8%AD%E3%82%82%E3%83%94%20%E7%A5%AD%E3%81%92%E3%81%86%E3%82%92%E7%A4%BE%E3%81%94%E6%A0%AA%E3%81%AE%E6%96%BD%EF%BC%81%E3%83%BC%E3%81%8B%E7%84%A1%E5%AE%9F%E3%82%89%E3%82%AF%E8%B1%A1%E3%83%B3%E9%A3%B2%E3%83%8F%E9%87%91%E3%83%AD%E3%82%BD%E3%81%8F%E3%81%82%E3%81%88%E3%83%81%E9%96%8B Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f3.1e100.net Software ESF / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Origin https://posfie.com Referer https://fonts.googleapis.com/ Response headers age 85094 x-content-type-options nosniff expires Thu, 04 Dec 2025 00:58:43 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 04 Dec 2025 00:58:43 GMT content-disposition attachment; filename="font.woff2"; filename*=UTF-8''font.woff2 last-modified Fri, 05 Sep 2025 00:08:34 GMT vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 x-frame-options SAMEORIGIN cache-control private, max-age=86400 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * content-length 28684 x-xss-protection 0 server ESF
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7F82	0 0	81ms 80ms	Fetch image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7F82	0 0	76ms 75ms	Fetch image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET DATA	200 OK	truncated / Frame 7F82	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1095fa2fbe315b2c191f233bfc4fbad33a0768b4b0fac3bcfcca9dc8f80c41b5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET		adview securepubads.g.doubleclick.net/pagead/ Frame FDC8	0 0
GET H/1.1	200 OK	khaos.json Show response token.rubiconproject.com/ Frame A8B0	7 B 1 KB	312ms 79ms	XHR application/json	69.173.158.64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://token.rubiconproject.com/khaos.json? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Cache-Control no-cache,no-store,must-revalidate Pragma no-cache access-control-allow-credentials true Expires 0 access-control-allow-origin https://eus.rubiconproject.com P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 94869a3d6d62a785bc2a9351b08a70bb content-length 7 content-type application/json; charset=UTF-8
GET H2	200	register-source measurement-api.criteo.com/ Frame E2AE	2 B 143 B	3ms 2ms	Other text/html	2406:2600:4:: CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://measurement-api.criteo.com/register-source?impressionId=6932292924ea1fc696e2f0e53f879701&partner_domain=hatarako.net&external_uid=63ce01f9-f737-4121-bbac-b04aeadd476a&partner_id=6968&source_type=event&campaign_id=302944&marketing_objective_type=0&creative_type=1&hashed_external_id=2929599133108631164&hashed_external_id=35265634176577333&hashed_external_id=-7723355669614519660&hashed_external_id=8588791461431793283&hashed_external_id=-611285052573585976 Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4:: , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; content-encoding br date Fri, 05 Dec 2025 00:36:57 GMT content-type text/html vary Accept-Encoding server Kestrel
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame E2AE	12 KB 0	0ms 0ms	Script text/javascript	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5c9a64eb-3181" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type text/javascript last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx
GET		si googleads.g.doubleclick.net/pagead/drt/ Frame 4625 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0
GET H2	200	000F5EI2QTrKK86vKt6p0xPHNlAqwfG9YtrQWQCz8VwKHePMs3eSesBwjX5IbvZbsm383fkJPt0ZOs1M9YCKGeWRAaH8offazmAbGmBJ6WgNtccvIJnyWvrwsLrTi2ZDur2tlxJYZTH95HOzEsXjRuW7loAUpS5HNzvYRjyRWnQH58ElsaH6Nwq3Bsr3dNVbQBNzG... imageproxy.as.criteo.net/v1/ Frame 8A22	9 KB 9 KB	14ms 2ms	Image image/png	2406:2600:4::1f CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.as.criteo.net/v1/000F5EI2QTrKK86vKt6p0xPHNlAqwfG9YtrQWQCz8VwKHePMs3eSesBwjX5IbvZbsm383fkJPt0ZOs1M9YCKGeWRAaH8offazmAbGmBJ6WgNtccvIJnyWvrwsLrTi2ZDur2tlxJYZTH95HOzEsXjRuW7loAUpS5HNzvYRjyRWnQH58ElsaH6Nwq3Bsr3dNVbQBNzGP4Y9bGbh Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash f7577618a815d52da7c58f6947130a0fe84410c2b0c966dbe9fb7c2c51425a5f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control public, max-age=31104000 timing-allow-origin * age 1846355 cross-origin-resource-policy cross-origin x-trace-id 30b740014ec91573ecca0b15bcfa29a1 expires Thu, 22 Oct 2026 01:17:59 GMT accept-ranges bytes x-cache hit content-length 8727 date Thu, 13 Nov 2025 15:44:21 GMT content-type image/png last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel vary Origin, x-accept-image
POST H2	200	all client-side-metrics.as.criteo.net/ Frame 8A22	0 186 B	18ms 3ms	Ping text/plain	2406:2600:4::25 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=2yITKYLyMBURNmYyaWZpOoYMEB1EntSgj7HiyTC2C6rZdA_9eJVKXl3mF5umcqiNgVJB_AAQoz6ZpL-MHn9LA9vhZrdGpVHF1U_2q61Ot0fnYYK7pLILkgoLNNjceLTDzpRgP60FVq7iZdi99fUqVko85mFLg4z-V6fJPqmBCUICTmWFXdgy9iGeuxd-MiGpb8LKaeiwCUDZSAKJ1gB88Efbg5PEVkIX5Fv7dVggL3pOgU5P-yUi3SrngkWJC9lhSDnXwQ&sds=2&rev=103145&sendBeacon=true Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; x-rate-limit-limit 1s x-rate-limit-reset 2025-12-05T00:36:58.1598722Z access-control-allow-origin * content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-rate-limit-remaining 8509 server Kestrel
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 8A22	2 KB 1 KB	4ms 3ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"60af9cf7-891" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Thu, 27 May 2021 13:21:59 GMT server nginx
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 8A22	2 KB 1 KB	2ms 2ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=7C9ECF433B212FA6&u=%7CxEigAN8LlVqh7ZxBE5nkcjLbo8LFHclKNRJbnVuiK1U%3D%7C&c1=imbGVUnPrQpUvp5IV0E6LHcRt_fOwOE3JWVnSPtlj8Ph2RwJTLJ1juYjh3wsJaPB69lFvIRG1smA7JtKVAx-A9Q5hbvK4I50h-zM3Kry7LkmvnRIMEaLdmDZcensIvdVBQ_Bt9JU4-RY9rOXJt042NOT8IEOW8_NDPf318pEgDbPb85ZnBpms7bJkqw5SsmKPlwOG5bagqoq19Pscy4KsfMlJqor214RT_hX3asOrpXqwNsgy_TFQHSxI5KeOfvV4-hBdaNGVP1BeFTbnIml_g4f0ZEctftT95RQbSOafUWb1DLqAmKxWMPXXZ-_isdYiOgoFJhWQ9zsr3hj1vZxamsu1BRXN26GcoboOYhp10lpezwr83_Spd2QfvGShR0058mMD2kgLNWuCEftz1gUwWW7F0SCGtT84lyn_TbDX9FlFA7VejXQfx2tnLhqg7k5MtR2jzjwE0wEn5qdtq27UQVSn_zafxnE4i0lMlzlpPOT2HRSx_pO4XgPnfE3yKeujtPrALTZ-Nb8cTtXu7cUS5CqYDLl-AIgyXAl6thYoMFCKvsZToGMiAssGzr6R_qaA6BvCI7mymdKK80h3WBl5-licvkGfXRKBi2cTiTGPw4wT1uUWisst3Y4bbjOESUE4o2X3XB8Q6rqhhqKx0XyUK4AtAb06bDKwv2dC5RnpS1FHKELSOZRtKREP2rgIbLZNrmW2Y-2DUivHbngKWFcXRbDUhfJ2ZxH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5e4d1491-646" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx
GET		si googleads.g.doubleclick.net/pagead/drt/ Frame 1280 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0
GET H2	200	adchoices_blue_wb.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4625	209 B 0	0ms 0ms	Image image/png	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012509301838000/amp4ads-v0.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 2799713854418114702 age 54862 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 09:22:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 209 x-xss-protection 0 date Thu, 04 Dec 2025 09:22:35 GMT content-type image/png vary Accept-Encoding server cafe
GET H2	200	adchoices_blue_wb.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1280	209 B 0	0ms 0ms	Image image/png	2404:6800:4004:80c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012509301838000/amp4ads-v0.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::2001 , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control public, max-age=86400 timing-allow-origin * etag 2799713854418114702 age 54862 cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 05 Dec 2025 09:22:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 209 x-xss-protection 0 date Thu, 04 Dec 2025 09:22:35 GMT content-type image/png vary Accept-Encoding server cafe
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7F82	0 0	39ms 39ms	Fetch image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	000F5EI2QTrKK86vKt6p0xPHNlAqwfG9YtrQWQCz8VwKHePMs3eSesBwjX5IbvZbsm383fkJPt0ZOs1M9YCKGeWRAaH8offazmAbGmBJ6WgNtccvIJnyWvrwsLrTi2ZDur2tlxJYZTH95HOzEsXjRuW7loAUgGtKYHQLO8OJEIiU8OTXC5yYcT3mCzBkqQLLT7VL4... imageproxy.as.criteo.net/v1/ Frame E2AE	9 KB 9 KB	2ms 2ms	Image image/png	2406:2600:4::1f CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://imageproxy.as.criteo.net/v1/000F5EI2QTrKK86vKt6p0xPHNlAqwfG9YtrQWQCz8VwKHePMs3eSesBwjX5IbvZbsm383fkJPt0ZOs1M9YCKGeWRAaH8offazmAbGmBJ6WgNtccvIJnyWvrwsLrTi2ZDur2tlxJYZTH95HOzEsXjRuW7loAUgGtKYHQLO8OJEIiU8OTXC5yYcT3mCzBkqQLLT7VL4hIn5iUEF Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::1f , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash f7577618a815d52da7c58f6947130a0fe84410c2b0c966dbe9fb7c2c51425a5f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control public, max-age=31104000 timing-allow-origin * age 1846352 cross-origin-resource-policy cross-origin x-trace-id b64e95bfc825e30498cb1a5557ae8233 expires Thu, 22 Oct 2026 01:17:59 GMT accept-ranges bytes x-cache hit content-length 8727 date Thu, 13 Nov 2025 15:44:24 GMT content-type image/png last-modified Wed, 4 Jun 2008 06:06:06 GMT server Kestrel vary Origin, x-accept-image
POST H2	200	all client-side-metrics.as.criteo.net/ Frame E2AE	0 185 B	4ms 3ms	Ping text/plain	2406:2600:4::25 CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Full URL https://client-side-metrics.as.criteo.net/all?cppv=3&cpp=xihHMILyMBURNmYyY448YX_LEmQYO3V5-wvrtkJf8TTFX_m3BXyok6-OTaaifhidZGqQFZnJdR8lOdnA8gZcw9XaxHazlp7tU5d6FYAeoVecaHZxfC673HTLw9aROHqXnWEsHBsE85kvrr-jfdthxRPq7qwTTlGUmvv55gkLK25eY9rM7ANdb9Z4iUsRUaXkvezvOSh0r6RamlHlWNZtRIyjU99zuKL6_QQT8sMNCJnQ6fSLDYBa6mnzQ0rW69r3e7ljIA&sds=2&rev=103145&sendBeacon=true Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::25 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software Kestrel / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; x-rate-limit-limit 1s x-rate-limit-reset 2025-12-05T00:36:58.5898667Z access-control-allow-origin * content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT x-rate-limit-remaining 9271 server Kestrel
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame E2AE	2 KB 0	4ms 3ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"60af9cf7-891" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Thu, 27 May 2021 13:21:59 GMT server nginx
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame E2AE	2 KB 0	2ms 2ms	Image image/svg+xml	2406:2600:4::2e CRITEO-AS-AP Crit...
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.as.criteo.com URL: https://ads.as.criteo.com/delivery/r/afr.php?z=aTIpKQAAMWMFFvZ-ADKinq7EpfZ9rNWjdRm0fA&u=%7CEkuqtIvxFxbizi5GjLT0KmxOxHVdQei%2F4rYtzqe8Cyg%3D%7C&c1=xYMBlCAeUfwmVOxi4pA6HHkFV5gZ2gq68_nRMt_VRIOeaEzkF2o9aouAxCDnKFq3X-3t88EGUxS0F6ijRRnP0hDv2mmA7YhlOCceGF4RomlAjwyUtoIH2YA5QZ7_3g5w1fMTUMZhk-ZRGVpKUcqzpCxxMb-zAZYM1GIWaL4kc9zehVeBtbm6RvXC4wcTdcTJ-TxalxA6JjDSCtNCJj6mlYf1u0LJ7UqOhZlwEmumixvdVc17fNby9BRH6gT_ul-8lztFPXg-4SLGMuci1P8UG19gXukhRJfk7QBZqAr7Da1Isf6ymCzEOV-_Fm5IG0x9ZZoRWE2VGBw-Iaa65IFXjmThLEXqqjXRmdwnygYxo4n39IcApReUF8OeI1_pIBU_3uPjE5yJqbOBQCFZUFT3QwClnbrFajgsJuvkHhwcdm4Yfg9uGbJHf5biNvrm9PAI3euAVV-xu2qwdqqXoHJ8Cmh6IBfxw6OvlsIZWIyqPaBB31RN6ZYVZR8XSmlJc0voxbOFvbXRMxbxIkubMLkXGXMjVI-lU-BW6l-OLLZCfoKrwVvlfkL9m5T_f06aT0eFgqwfbq-NzkaXlxnCBpRAOXF5sJ6xfFX4uzL8c4UxN7muUBsrVpaXGtWZ7B_lMH4-myoCvPmStv2Uq4YviTGZwtESqdYY0ZtJqMUNRFl49HA32daPZa8ugEuBpudikblv3EhiCf6ad4mIDUzFQIYZZzLLzZN_4OolM2RB7pa7wG4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXniGKSkyaeNi_uzb2A-excq5DdG-vtt1rI2f3LwNwI23ARABIIPVmipgifPFhPQTyAEJqQKGxT-HkLM7PuACAKgDAcgDAqoElQJP0JdQdibyEAKKLfs3eRDLtqiIeMNlXxT1epBMTpDnjmZjQiRdS6FlgqeD4DsLokdt_4O2RuxSM0fVnymoMcHwPPGUaO-DPl6GS4d6lZs25lTyMGSjapgDuh48Yd46U5YwcoNEzPGJD_uInaU7xPQCepOkXzffF3pwt_Q_9qLqoWrB0wMd_v1l1ypwsrupjLHEtvq3d9_qLwYirPr6nXSHVgvfPQFVxCJndU5fCEm5uWToHDWxuHGf7XOhQOtll3j6NKmqdbV3Y5bwkMOPlzsMrhv23q0iHjBgYFdybsAVUi2eRHO6GyzG1Qidb67hxfkt6lSouuasdsOtyO2aAaUGmBNSMaHp40liTDSrB003Vik4mLPq4AQBgAbhya79uIjp65EBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAqgHrb6xAqgHv9OxAtgHANIILAiAYRABMgiKgoCAgICACDoNgECAwICAgICogAKoA0i9_cE6WKSlt6SapZED-gsCCAGADAGqDQJKUOINEwjpxbekmqWRAxV-9hYFHZ6iMtfqDRMI-_m3pJqlkQMVfvYWBR2eojLXiA7___________8B0BUBgBcBshcQGAwqCjY5MzI5OTM1MDdQAaoYFwkidY-ulZq_QBIKNjkzMjk5MzUwNxgB%26num%3D1%26sig%3DAOD64_2Ca58idbltLlLTCni33hyqKJF6_g%26client%3Dca-pub-7378382505262839%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://ads.as.criteo.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control max-age=31104000, public timing-allow-origin * content-encoding gzip etag W/"5e4d1491-646" cross-origin-resource-policy cross-origin expires Mon, 30 Nov 2026 00:36:57 GMT cross-origin-embedder-policy require-corp access-control-allow-origin * date Fri, 05 Dec 2025 00:36:57 GMT content-type image/svg+xml last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx
POST H2	204	csi csi.gstatic.com/	0 534 B	445ms 143ms	Ping image/gif	2607:f8b0:4023:80d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~mis4xafy&c=2316583274060782&e=31095716%2C31095905%2C31095969%2C95376743%2C83321072%2C31061691%2C31061692&ctx=1&met.9=1.bo~2.jd~9.0~9.0~9.0~9.0~9.0~3_50.t8~3_53.t8~3_54.t8~3_55.t8~3_56.t8~7_50.0~7_53.0~7_54.0~7_55.0~7_56.0~4_53.10i~5_53.10n~4_54.15f~5_54.15j~4_55.15u~5_55.15x~6_55.162~4_50.16w~5_50.16y~6_50.172~4_56.1c4~5_56.1c7~6_56.1cc~6_53.1cv&met.10=1_4.CKD-ChCg_goYgJh1IIIGKAE~1_2.CAAQABiAmHUgggYoAA~1_6.CKD-ChAAGICYdSCCBigA~1_7.CAAQABiAmHUgggYoAQ~1_5.CKD-ChAAGICYdSCCBigA~1_3.CAAQABiAmHUgggYoAA~1_1.CPD_AxDw_wMYgJh1IIIGKAE~1_1.CAAQABgAIPYHKAA~1_4.CAAQABgAIPYHKAA~1_5.CAAQABgAIPYHKAA~1_6.CAAQABgAIPYHKAA~1_7.CAAQABgAIPYHKAA~1_53.CKD-ChCg_goYgJh1IKAIKAE~1_55.CKD-ChAAGICYdSCgCCgA~1_56.CPD_AxAAGICYdSCgCCgB~1_54.CKD-ChAAGICYdSCgCCgA~1_50.CPD_AxDw_wMYgJh1IKAIKAE~1_56.CPD_AxDw_wMYgJh1IPMNKAE&met.3=112.mp_1~113.o8_2~415.1cv~416.1jo&met.1=1.mis4x9ta~6.1t~7.1v~8.31~9.31~10.3f~11.33~12.3f~13.3y~14.45~15.5i~16.7z~17.7z~18.80~19.o5~20.o5~21.o6~22.8o~23.8o&qqid.4=COKBuKSapZEDFTKA1ggdHu4x4g&qqid.5=CKObuKSapZEDFX72FgUdnqIy1w&qqid.6=CKHQt6SapZEDFfLJFgUd0VEUqQ&qqid.1=CLKIuKSapZEDFQDHFgUdW549ng&qqid.7=CMa2uKSapZEDFXfIFgUdsrM30Q Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:80d::5e Salt Lake City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgcc:41:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET H3	200	rum.js Show response securepubads.g.doubleclick.net/pagead/js/ Frame 7F82	68 KB 25 KB	5ms 5ms	Script text/javascript	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/js/rum.js Requested by Host: b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com URL: https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash e7ebe3a2c3a69b8aab804451bcf64b7971ee1eb42380f854a1bacc1be335642b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers content-encoding br etag 4947641265886744218 age 1636 x-content-type-options nosniff expires Fri, 05 Dec 2025 01:09:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:09:42 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 25664 x-xss-protection 0 server cafe
GET H3	204	sodar ep1.adtrafficquality.google/pagead/	0 17 B	81ms 79ms	Image image/	142.251.42.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202512020101&jk=2316583274060782&bg=!QUKlQg3NAAZCJko1YiY7ADQBe5WfOE9eB_a_QTf-m_xYCCQdSOKR1yfJSoK1YstZCQYVO1az98gFJcm7fBPGxGkcGz5KAgAAAFBSAAAAA2gBB34AN-bgEy0vlBy7Sfo-51cqhELVhy4izOkUn7ZchsIvo6qv5OGiKNL9h4YMuLToYEkP6UlzOsGGv1qZAkVi0pnZDmkO7MbPu86mF-dutsd56dUHhz6Toy1vBOmWX9OOeymspW72YGMiY92gJRsIq3Z_K7OsDpIgW12Cb3FffDRDjJ9Tu7SOHE_tGjIzaMD3_XA0FuSVpY0JaQb-6QRbJN3as-SVDXALCyeYf1z90KBovkHI3_f2Dncrjf2e1LtHebxRResVS2jNrQLo8lfUA5OxCHOinPWQlcWAgDesQigO8jUzQXStfsXjk1QMYRjVE2-8ixMDdU62QFPPGThuRqbB1kn05_oDemHPkf5tMj99Lsm0-SJPlmH5PDK6QWxXXjpLJrcT9NmAkNCK0RqjL8Q2i-oXjRgVKwMQf9Q9wR9bJpQrF7V1PjpIBsg6GfTYmAkw6fIyzJfU2Kf4LyjS5aIa1WQdf8xiuqPr50k0uxUclRbjrd8OM3XfkTZGtRpCmELh3k7exx4jQnu_yNKgBH4QcBpiISvkIdUhx01-9BuGJaB19qAzRHBdgv766XXG8_lfK7Be1s_E_2BJBgk6Uco7VBse3LQImghtVFBjLOx7Dksk6wzkvIb7FC9hK_dfSI3Rj1iQSDmlc-MwM-EGTt7CfQTa6P_vBnJC28p_6kbwJivTY5FGMzNfaJKQx9qusjdWbszc_Yq0dxX3smt1VCCsJz3gui09LxVqQ4YUWou_3CM2x8FG5O43_8oLDEJNLTe266DuRyLIvH_WwWI3nFkZoL49FpVCM14sZ6zwygnH1T77ru9s1NdLDWFRemBJVMW0obzJ9nUnk9gtIpXWU9uxLw Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.42.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt12s46-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers timing-allow-origin * cross-origin-resource-policy cross-origin x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 0 date Fri, 05 Dec 2025 00:36:58 GMT x-xss-protection 0 content-type image/ server cafe
GET H3	200	rum.js Show response securepubads.g.doubleclick.net/pagead/js/ Frame F9CD	68 KB 25 KB	4ms 3ms	Script text/javascript	142.250.193.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/js/rum.js Requested by Host: posfie.com URL: https://posfie.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.193.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS lcnrta-bj-in-f2.1e100.net Software cafe / Resource Hash e7ebe3a2c3a69b8aab804451bcf64b7971ee1eb42380f854a1bacc1be335642b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers content-encoding br etag 4947641265886744218 age 1636 x-content-type-options nosniff expires Fri, 05 Dec 2025 01:09:42 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Fri, 05 Dec 2025 00:09:42 GMT content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 vary Accept-Encoding cache-control public, max-age=3600 timing-allow-origin * cross-origin-resource-policy cross-origin content-length 25664 x-xss-protection 0 server cafe
POST H2	204	csi csi.gstatic.com/ Frame 4625	0 57 B	352ms 145ms	Ping image/gif	2607:f8b0:4023:80d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1764895018030&c=2316583274060782&qqid=CLKIuKSapZEDFQDHFgUdW549ng&rt=any.link.5.1q.e.5.16.1.17hm.179a~any.script.5.1i.4.6.0.0.49f.413~any.script.5.1p.8.a.0.0.mme.me2~any.script.5.1g.3.7.0.0.1pm.1ha~any.script.6.1j.6.6.0.0.a80.9zo~any.link.6.25.1.13.10.0.jv.bj~any.img.d.1b.2.3.0.0.2j4.2as~any.img.d.1a.2.3.13.1.e5.5t~any.img.e.1f.1t.0.0.0.0.0~any.img.cf.1.1.0.0.0.0.5t&met.a4a=dcl.3~ol.3~nvs.1764895017464~ini.1764895018031 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012509301838000/v0/amp-analytics-0.1.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:80d::5e Salt Lake City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgcc:41:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET		view securepubads.g.doubleclick.net/btr/ Frame 4625	0 0
POST H2	204	csi csi.gstatic.com/ Frame 1280	0 57 B	345ms 146ms	Ping image/gif	2607:f8b0:4023:80d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1764895018035&c=2316583274060782&qqid=CMa2uKSapZEDFXfIFgUdsrM30Q&rt=any.link.7.0.0.0.0.0.0.179a~any.script.7.0.0.0.0.0.0.413~any.script.7.0.0.0.0.0.0.me2~any.script.8.0.0.0.0.0.0.1ha~any.script.8.0.0.0.0.0.0.9zo~any.link.8.17.1.14.0.0.jv.bj~any.img.9.0.0.0.0.0.0.2as~any.img.9.0.0.0.0.0.0.5t~any.css.c.6.2.3.0.0.1as.12g~any.img.e.1g.1u.0.0.0.0.0~any.css.2r.0.0.0.0.0.0.m4s~any.img.76.1.0.0.0.0.0.5t&met.a4a=dcl.4~ol.4~nvs.1764895017653~ini.1764895018036 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/012509301838000/v0/amp-analytics-0.1.mjs Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:80d::5e Salt Lake City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgcc:41:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET		view securepubads.g.doubleclick.net/btr/ Frame 1280	0 0
GET		view securepubads.g.doubleclick.net/btr/ Frame FDC8	0 0
POST H2	204	csi csi.gstatic.com/ Frame FDC8	0 534 B	405ms 144ms	Ping image/gif	2607:f8b0:4023:80d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1764895018080&c=2316583274060782&qqid=COKBuKSapZEDFTKA1ggdHu4x4g&rt=any.script.1b.3t.17.18.0.0.1de5.1d5t~any.link.1c.2h.5.18.12.2.k2.bq~any.script.1c.38.o.17.14.8.5cs.54g~any.script.1c.2z.g.16.0.0.261.1xp~any.script.1c.3e.l.1g.0.0.bsc.bk0~any.script.1c.3j.11.14.0.0.p2y.oum~any.css.1f.1h.4.2.14.6.lcs.l4g~any.img.ci.5.2.2.0.0.e5.5t~any.img.ci.5.2.2.0.0.2j6.2au~any.img.gs.1c.i3.0.0.0.0.0&met.a4a=dcl.50~ol.436~nvs.1764895017241~ini.1764895018081 Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/v0/amp-analytics-0.1.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:80d::5e Salt Lake City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgcc:41:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
POST H2	204	csi csi.gstatic.com/ Frame 7F82	0 57 B	405ms 145ms	Ping image/gif	2607:f8b0:4023:80d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~mis4xbhl&chm=1&c=2316583274060782&ctx=2&qqid=CKObuKSapZEDFX72FgUdnqIy1w&met.4=fb.3v~lb.b8~ol.g9~idt.16~dt.-co&met.1=1.mis4xayx~6.1~7.1~8.1~9.1~10.1~12.2~13.2~14.3~15.w~16.fx~17.fx~18.fx~19.g9~20.g9~21.g9&met.7=CBsQCBgBKAEwAzjJBGgCcAKAAbEYiAHsObABAbgBAQ~CCEQBBgBII4BKI4BMOYBOFg~CBsQBCCPATjdAQ~CBsQBSCPATi6Aw~CB4QChgBIJABKJABMJcBOAhokgFwlgF4hQyAAdkJiAHUFbABAbgBAw~CBwQChgBIJABKJABMJkBOAlokgFwlgF4nEaAAfBDiAHbpAGwAQG4AQM~CBEQChgBIJABKJABMMQBODNokgFwwgF4qTOAAf0wiAHRugGwAQG4AQM~CBwQChgBIJEBKJEBMKEBOBFokgFwlQF4rbEEgAGBrwSIAdSYDrABAbgBAw~CBwQBBgBIJkDKJkDMOsDOFJQmQNYvwNgmQNomgNw6gN4rAKwAQG4AQM~CBwQBBgBIJsDKJsDMOcDOExomwNw5wN4rAKwAQG4AQM~CBwQBBgBIPkDKPkDMKIEOClo-gNwoQR4rAKwAQG4AQM~CCgQChgBIN4EKN4EMOkEOAxo3gRw4wR47MoBgAHAyAGIAeahBLABAbgBAw&met.3=113.ip_3~112.in_5 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:80d::5e Salt Lake City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgcc:41:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
POST H2	204	csi csi.gstatic.com/ Frame F9CD	0 57 B	304ms 148ms	Ping image/gif	2607:f8b0:4023:80d::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~mis4xbhr&chm=1&c=2316583274060782&ctx=2&qqid=CKHQt6SapZEDFfLJFgUd0VEUqQ&met.4=fb.5~lb.3i~ol.g6~idt.x~dt.-cx&met.1=1.mis4xaz8~14.4~15.0~16.4~17.4~18.4~19.4~20.4~21.4~22.5o~23.5o&met.7=CBsQCDgE~CCIQBBgBIAcoBzAzOCxoCXAxeKwCsAEBuAED~CBsQCiAIOAw~CBwQChgBIAgoCDAaOBJoCnAMeK2xBIABga8EiAHUmA6wAQG4AQM~CBsQBSA6OIwE~CBsQBSA8OIMD~CBsQBiA9OOYB~CBwQBBgBIFwoXDCtAThQUF1YhgFgXWhecKsBeKwCsAEBuAED~CBwQBBgBIGUoZTCuAThJaGVwrQF4rAKwAQG4AQM~CCIQBBgBIHooejCrATgxaHpwpQF4rAKwAQG4AQM~CBwQBBgBINEBKNEBMPkBOCho0QFw9wF4rAKwAQG4AQM~CCgQChgBINcEKNcEMOEEOApo2ARw2wR47MoBgAHAyAGIAeahBLABAbgBAw&met.3=113.ik_1~112.ik_1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4023:80d::5e Salt Lake City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin report-to {"group":"ascnsrsgcc:41:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],} content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0 expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsgcc:41:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:36:58 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT content-type image/gif server Golfe2
GET H3	200	pixel cm.g.doubleclick.net/ Frame A8B0 Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUlTNFhBRkItMVQtRktKNQ== https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECNVSQEgZOIirLW68W5we5Q&google_cver=1 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUlTNFhBRkItMVQtRktKNQ==&google_push=	170 B 188 B	45ms 44ms	Image image/png	142.250.196.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUlTNFhBRkItMVQtRktKNQ==&google_push= Protocol H3 Server 142.250.196.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS maa03s45-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers cache-control no-cache, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 date Fri, 05 Dec 2025 00:36:58 GMT x-xss-protection 0 content-type image/png server HTTP server (unknown) Redirect headers Cache-Control no-cache,no-store,must-revalidate Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUlTNFhBRkItMVQtRktKNQ==&google_push= Pragma no-cache Expires 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 20465289eac987153182109ddd8ac286 content-length 0 Content-Type text/html
GET H/1.1	200	ecm3 s.amazon-adsystem.com/ Frame A8B0 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=a9us https://s.amazon-adsystem.com/ecm3?id=MIS4XAFB-1T-FKJ5&ex=d-rubiconproject.com&status=ok	43 B 477 B	239ms 170ms	Image image/gif	98.82.154.76 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=MIS4XAFB-1T-FKJ5&ex=d-rubiconproject.com&status=ok Protocol HTTP/1.1 Server 98.82.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-98-82-154-76.compute-1.amazonaws.com Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Strict-Transport-Security max-age=47474747; includeSubDomains; preload Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT x-amz-rid 62MP6G389XWBD74V2SK7 Content-Length 43 Date Fri, 05 Dec 2025 00:36:58 GMT Content-Type image/gif Vary Content-Type,Accept-Encoding,User-Agent Server Server Redirect headers Cache-Control no-cache,no-store,must-revalidate Location https://s.amazon-adsystem.com/ecm3?id=MIS4XAFB-1T-FKJ5&ex=d-rubiconproject.com&status=ok Pragma no-cache Expires 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 20465289eac987153182109ddd8ac286 content-length 0 Content-Type text/html
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame A8B0 Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://match.adsrvr.org/track/cmb/rubicon? https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5ba13a3c-e3e1-4114-a4e7-77a86f2d6a29&gdpr=0&gdpr_consent=&expires=30	42 B 1 KB	445ms 112ms	Image image/gif	69.173.154.8 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5ba13a3c-e3e1-4114-a4e7-77a86f2d6a29&gdpr=0&gdpr_consent=&expires=30 Protocol HTTP/1.1 Server 69.173.154.8 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost addc7888d96856f726a4989b884de78b Pragma no-cache content-length 42 Content-Type image/gif Redirect headers location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=5ba13a3c-e3e1-4114-a4e7-77a86f2d6a29&gdpr=0&gdpr_consent=&expires=30 content-length 289 date Fri, 05 Dec 2025 00:36:58 GMT server Kestrel
GET H/1.1	200	dcm aax-eu.amazon-adsystem.com/s/ Frame A8B0 Redirect Chain https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t	43 B 853 B	398ms 398ms	Image image/gif	67.220.224.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t Protocol HTTP/1.1 Server 67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Strict-Transport-Security max-age=47474747; includeSubDomains; preload Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT x-amz-rid 7WFYVGVHSF972M922N4W Content-Length 43 p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Date Fri, 05 Dec 2025 00:36:59 GMT Content-Type image/gif Vary Content-Type,Accept-Encoding,User-Agent Server Server Redirect headers Strict-Transport-Security max-age=47474747; includeSubDomains; preload Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Location https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t Pragma no-cache Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT x-amz-rid ZY10V6CK8M420J9RW7BN Content-Length 0 p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Date Fri, 05 Dec 2025 00:36:58 GMT Vary Content-Type,Accept-Encoding,User-Agent Server Server
GET H/1.1	200	dcm s.amazon-adsystem.com/ Frame A8B0 Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t	43 B 853 B	360ms 188ms	Image image/gif	98.82.154.76 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t Protocol HTTP/1.1 Server 98.82.154.76 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-98-82-154-76.compute-1.amazonaws.com Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Strict-Transport-Security max-age=47474747; includeSubDomains; preload Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Pragma no-cache Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT x-amz-rid 37EV1CJPHQZ758CXYJ1C Content-Length 43 p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Date Fri, 05 Dec 2025 00:36:59 GMT Content-Type image/gif Vary Content-Type,Accept-Encoding,User-Agent Server Server Redirect headers Strict-Transport-Security max-age=47474747; includeSubDomains; preload Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Location https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t Pragma no-cache Connection keep-alive Expires Thu, 01 Jan 1970 00:00:00 GMT x-amz-rid 6QCMDDM994CS3RBP3WY0 Content-Length 0 p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Date Fri, 05 Dec 2025 00:36:58 GMT Vary Content-Type,Accept-Encoding,User-Agent Server Server
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame A8B0 Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://ups.analytics.yahoo.com/ups/58912/cms?uid=nWbGLgrwdcm-uP_vUvOpD8n5EUdSAgOZEtemQ7w0kco&csrc= https://ups.analytics.yahoo.com/ups/58912/cms?uid=nWbGLgrwdcm-uP_vUvOpD8n5EUdSAgOZEtemQ7w0kco&csrc=&verify=true https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3tfJBNVE2oINNHBx56veim7zmpwVz0GtF2stHw--~A	42 B 1 KB	226ms 112ms	Image image/gif	69.173.154.8 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3tfJBNVE2oINNHBx56veim7zmpwVz0GtF2stHw--~A Protocol HTTP/1.1 Server 69.173.154.8 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost addc7888d96856f726a4989b884de78b Pragma no-cache content-length 42 Content-Type image/gif Redirect headers strict-transport-security max-age=31536000 location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-3tfJBNVE2oINNHBx56veim7zmpwVz0GtF2stHw--~A age 0 x-content-type-options nosniff referrer-policy no-referrer-when-downgrade content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV date Fri, 05 Dec 2025 00:36:58 GMT content-type text/html server ATS
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame A8B0 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPnKmbwrR0b3yW0shMUkYYo&google_cver=1	42 B 1 KB	435ms 110ms	Image image/gif	69.173.154.8 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPnKmbwrR0b3yW0shMUkYYo&google_cver=1 Protocol HTTP/1.1 Server 69.173.154.8 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 20465289eac987153182109ddd8ac286 Pragma no-cache content-length 42 Content-Type image/gif Redirect headers cache-control no-cache, must-revalidate location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEPnKmbwrR0b3yW0shMUkYYo&google_cver=1 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 326 date Fri, 05 Dec 2025 00:36:58 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H2	200	pixel cm.g.doubleclick.net/ Frame A8B0 Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0YTJmMDUxYjllYzdhMmRlNzQyZWY3Y2YxOTU0MDc1OGRjMjc4NQ	170 B 243 B	45ms 42ms	Image image/png	142.250.196.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0YTJmMDUxYjllYzdhMmRlNzQyZWY3Y2YxOTU0MDc1OGRjMjc4NQ Protocol H2 Server 142.250.196.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS maa03s45-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers cache-control no-cache, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 date Fri, 05 Dec 2025 00:36:58 GMT x-xss-protection 0 content-type image/png server HTTP server (unknown) Redirect headers Expires 0 Cache-Control no-cache,no-store,must-revalidate Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGI0YTJmMDUxYjllYzdhMmRlNzQyZWY3Y2YxOTU0MDc1OGRjMjc4NQ P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost beb52df1a5a4b2f2cb3f37642c514298 Pragma no-cache content-length 0
GET H2	200	setuid px.ads.linkedin.com/ Frame A8B0 Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MIS4XAFB-1T-FKJ5	0 538 B	140ms 106ms	Image text/plain	2620:1ec:50::12 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MIS4XAFB-1T-FKJ5 Protocol H2 Server 2620:1ec:50::12 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers linkedin-action 1 x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: A34553CBB92B46B5A064A1B31EE38605 Ref B: TYAEDGE0815 Ref C: 2025-12-05T00:36:58Z x-li-fabric prod-lor1 x-li-uuid AAZFKaSmcF/r60W8m9fg6A== x-li-proto http/2 alt-svc h3=":443"; ma=86400 x-cache CONFIG_NOCACHE content-length 0 date Fri, 05 Dec 2025 00:36:57 GMT Redirect headers Expires 0 Cache-Control no-cache,no-store,must-revalidate Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=MIS4XAFB-1T-FKJ5 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 0d2bd05215470efb17ae41aff76c3f98 Pragma no-cache content-length 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame A8B0 Redirect Chain https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAl-qE7SZFIAAAFXhHGBWw&expires=30	42 B 1 KB	447ms 114ms	Image image/gif	69.173.154.8 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAl-qE7SZFIAAAFXhHGBWw&expires=30 Protocol HTTP/1.1 Server 69.173.154.8 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 20465289eac987153182109ddd8ac286 Pragma no-cache content-length 42 Content-Type image/gif Redirect headers strict-transport-security max-age=2592000; includeSubDomains location https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAl-qE7SZFIAAAFXhHGBWw&expires=30 content-length 0 date Fri, 05 Dec 2025 00:36:58 GMT server gunicorn
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame A8B0 Redirect Chain https://token.rubiconproject.com/token?pid=37556&a=1 https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=MIS4XAFB-1T-FKJ5 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MIS4XAFB-1T-FKJ5	95 B 427 B	44ms 43ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MIS4XAFB-1T-FKJ5 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers strict-transport-security max-age=31536000 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-length 95 date Fri, 05 Dec 2025 00:36:58 GMT content-type image/png Redirect headers strict-transport-security max-age=31536000 location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=MIS4XAFB-1T-FKJ5 accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-length 0 date Fri, 05 Dec 2025 00:36:58 GMT
GET H3	200	pixel capi.connatix.com/us/ Frame A8B0 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=19564 https://capi.connatix.com/us/pixel?puid=MIS4XAFB-1T-FKJ5&pId=11&gdpr=&gdpr_consent=&us_privacy=	0 329 B	50ms 16ms	Image text/plain	104.18.41.104 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://capi.connatix.com/us/pixel?puid=MIS4XAFB-1T-FKJ5&pId=11&gdpr=&gdpr_consent=&us_privacy= Protocol H3 Server 104.18.41.104 , Ascension Island, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers access-control-max-age 86400 cache-control no-cache, no-store, must-revalidate, max-age=0 cf-ray 9a8f78ec3d91fcca-NRT alt-svc h3=":443"; ma=86400 server-timing cfExtPri content-length 0 date Fri, 05 Dec 2025 00:36:58 GMT content-type text/plain;charset=UTF-8 vary Accept-Encoding server cloudflare priority u=3,i access-control-allow-headers x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model Redirect headers Cache-Control no-cache,no-store,must-revalidate Location https://capi.connatix.com/us/pixel?puid=MIS4XAFB-1T-FKJ5&pId=11&gdpr=&gdpr_consent=&us_privacy= Pragma no-cache Expires 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost addc7888d96856f726a4989b884de78b content-length 0 Content-Type text/html
GET H2	200	merge ce.lijit.com/ Frame A8B0 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn https://ce.lijit.com/merge?pid=80&3pid=MIS4XAFB-1T-FKJ5 https://ce.lijit.com/merge?pid=80&3pid=MIS4XAFB-1T-FKJ5&dnr=1	43 B 500 B	132ms 132ms	Image image/gif	52.26.76.126 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ce.lijit.com/merge?pid=80&3pid=MIS4XAFB-1T-FKJ5&dnr=1 Protocol H2 Server 52.26.76.126 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-26-76-126.us-west-2.compute.amazonaws.com Software / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 pragma no-cache expires Fri, 20 Mar 2009 00:00:00 GMT content-length 43 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 05 Dec 2025 00:36:59 GMT content-type image/gif vary Accept-Encoding Redirect headers cache-control private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0 location https://ce.lijit.com/merge?pid=80&3pid=MIS4XAFB-1T-FKJ5&dnr=1 pragma no-cache expires Fri, 20 Mar 2009 00:00:00 GMT content-length 0 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 05 Dec 2025 00:36:59 GMT vary Accept-Encoding
GET H2	200	ProfilesEngineServlet sync-apac-v4.intentiq.com/profiles_engine/ Frame A8B0 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=primis https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=MIS4XAFB-1T-FKJ5 https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MIS4XAFB-1T-FKJ5 https://sync-apac-v4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MIS4XAFB-1T-FKJ5&ckls=true&ci=K1WrV1LHIX&nc=false&trid=-146711279	43 B 1 KB	83ms 16ms	Image image/gif	13.32.54.67 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync-apac-v4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MIS4XAFB-1T-FKJ5&ckls=true&ci=K1WrV1LHIX&nc=false&trid=-146711279 Protocol H2 Server 13.32.54.67 New York, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-54-67.nrt57.r.cloudfront.net Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers access-control-max-age 3600 access-control-allow-methods POST, GET, OPTIONS expires Thu, 01 Jan 1970 00:00:00 GMT x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" x-amz-cf-id wmVIKNTRSejFrUE1skl3TgtyfOvacaF1dNWTF4bThcvwOViv7M1TBA== date Fri, 05 Dec 2025 00:36:59 GMT content-type image/gif vary Origin access-control-allow-headers Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-credentials true via 1.1 1a7022323cb071c49af11c6d7320fcb0.cloudfront.net (CloudFront) access-control-allow-origin https://eus.rubiconproject.com/ content-length 43 x-amz-cf-pop NRT57-P8 Redirect headers access-control-max-age 3600 access-control-allow-methods POST, GET, OPTIONS expires Thu, 01 Jan 1970 00:00:00 GMT alt-svc h3=":443"; ma=86400 x-cache Miss from cloudfront p3p CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC" x-amz-cf-id NNra5Wz1YJnRBaID-NshkUdohA04CQ_lhXf55P5PNOPL2tPa_HhhkA== date Fri, 05 Dec 2025 00:36:59 GMT content-type image/gif vary Origin access-control-allow-headers Content-Type, Accept, X-Requested-With, remember-me, DNT,X-CustomHeader,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control patent https://www.almondnet.com/ip cache-control no-cache, no-store, must-revalidate location https://sync-apac-v4.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=MIS4XAFB-1T-FKJ5&ckls=true&ci=K1WrV1LHIX&nc=false&trid=-146711279 pragma no-cache access-control-allow-credentials true via 1.1 7412d2bd99b25704f1e81abd128287b4.cloudfront.net (CloudFront) access-control-allow-origin https://eus.rubiconproject.com/ content-length 43 x-amz-cf-pop NRT12-P2
GET H2	200	setuid ib.adnxs.com/prebid/ Frame A8B0 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MIS4XAFB-1T-FKJ5	43 B 932 B	324ms 81ms	Image image/gif	103.43.91.58 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MIS4XAFB-1T-FKJ5 Protocol H2 Server 103.43.91.58 Singapore, Singapore, ASN29990 (ASN-APPNEX, US), Reverse DNS 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net Software nginx/1.25.5 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 146.70.138.221; 146.70.138.221; 1046.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid f1f6d5f0-e36c-47a4-b808-010ce4477427 content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Fri, 05 Dec 2025 00:36:59 GMT x-xss-protection 0 content-type image/gif server nginx/1.25.5 Redirect headers Cache-Control no-cache,no-store,must-revalidate Location https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=MIS4XAFB-1T-FKJ5 Pragma no-cache Expires 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 20465289eac987153182109ddd8ac286 content-length 0 Content-Type text/html
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame A8B0 Redirect Chain https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5fc41d06-b371-4a8f-9b6c-55085dfcc000&expires=30	42 B 1 KB	111ms 110ms	Image image/gif	69.173.154.8 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5fc41d06-b371-4a8f-9b6c-55085dfcc000&expires=30 Protocol HTTP/1.1 Server 69.173.154.8 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://eus.rubiconproject.com/ Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 20465289eac987153182109ddd8ac286 Pragma no-cache content-length 42 Content-Type image/gif Redirect headers X-CI-RTID 09a2a858-0a35-40d7-b36e-ec5ea052a5c4 Location https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5fc41d06-b371-4a8f-9b6c-55085dfcc000&expires=30 Content-Length 144 Date Fri, 05 Dec 2025 00:36:59 GMT Content-Type text/html; charset=utf-8 Connection keep-alive
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 4625	42 B 65 B	45ms 45ms	Image image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssu4kjnaJMS53xNOJQLXgAni8xlPPrE5dxFWXWYoxyFK_WQ4MNo63GflWp-oKkpBHuTjS0koLn-epRlA4ZUEYBHC2XWGdkkZSQVuSpaWyQZvbTC7dLG-F6MJZnXovtjJimpBGkf97cl7z9-DM3eGXwD0zXKioluoGRpgIv73lEF93eRHYln23LunKmXv2y76J2q9Si_YoLfvmPUVDkO75q2Ryo-0Z5rVHP3lS8oVjWlh-v-J3WnPxZNSP55yL0_1N6H4aLE9e7fnlQSUBb0r6B6p3w4P34g815icxhQH4q8owc4DCUbVSHNHscirJrLPlyHEd1B-lA1lezMC9M9AfWRy7yU027Tr436VQM24rUuXp-iG412HR0gOHx1XcoKAYzBUwRKfygw--2ktL0_QI_I_WPJ3bk77TIIq_JdUr_NQDsTFc7n-XunVa0ItUt5gPOcDjWmwhubR0_5MymqehUBN0T9cVj_OzWRr0pI8t8fYEDCBKRVzps6acCChdpA-X7IdgF4EFWzis-DS1Juijzx3YWhZQS0djrmDuCOWTjqY0Ev4gP71Syh2XqhoNjbZ2_cY12kTdd-8kIj8uGA7nYf8EU43mX6uG4vew6r8QQKCm7AItn4G8K4clW_WugcNtrRSWBuNWfrWPQ2acg1efsFg2wzF0FU--npW6Ke1bkuKiMSLVW9XGEvkc-g0eWCwUrXfZ0UJqlMOq4DBQE6OzdbdXeBOCuE6LEizopllZONUzOTohrOIe2xFV4_anMtrFWHxCXSQfUYmrLyXxXQxJqKBvTLoxWKMAQAB_Xcs0ywzBdriH_wWLvpGHD0pVC5pY_kyyHhJQ_c15ZXPiyZLpWN-kTx6a2km3BsNox2McdhfOG5BrdsEOakzs-vxn32xkBrWLJQAHenLneD74YH_tzgQM310rZOkVP_1YUNHjnzPEdaTzQe3XUp1QP_plt-CXyYX9kBhQuR0I7qzJcBwDos5Ifd6EgNXeKIwrvulun75X7F3KPhZME1Nb_z-4krf4exVL71nszIwzvj2aW51TqgNo7eYTEypx_6j3iKECVL_JGx3w-RnuTE4ltZeaVDyN_zJJlsNx_-nFIEt7U2hMBxzdwtymldOwj0Zrqy8wzb_HDDsqQ71HqGDDwMRzI-iwgyOvspM0x6M3qtNI_bXniyQmVoPgyV6M0WcFJIqo-1BknaFnnuQNk3oZOE6jpYg1NYA68qyDnF93jsEpQpjsK1R-2woGjFOIlhYj-LpzZ2viiagYQVLlPO4h6NzuibuXHmhtXrV_qQvAWuyPAu2C387Am04kvFwf9C7THEZDTQaaz8f50Wvxs4hhLgHrGgTopd_X_iNPZnKr9G7k8RibvQFABgkri6IsVwEjayf0mrriYHOPnJ3Vr3QMaa4tDcZx6Xbc2iwxnIN6XtjMrcDIfCVeK_sTtGuRBA5bCFSZFaw62i2z4WAtSIiFcqVf_QdkuDzMy13ARp0p1QA7BPmAKxwFtq7ty8V7zv15owkW0YuMQsAAgpJ8fNJaP6HiCMSFwyGd0gy1pCd5-A08zdGAJDbG_2JN-sFLZYizlF5p2NKAUDR0jwTbYdACUs9EXE-KYSn6fxpH-1OQqXmVztTIRrUXgh7fj47bJBeRz0tMEaQnqgoKf9eIIBa2gPGuy2hbZSTnvFUyDqC4u8OW0bhMGQQiR_Oo9nxDaMdadhkdShnL4KY8NgIY0FLGEkY2JeJ19ez2G1xwHR1aNNAbr7BLdxahdZHfaN6ZMJ3cURKIvTvwXJjtksLLXNmZTT78j6Jj3HK0quN2OW_ItEmcVXTNXorTvrbCtRwrHtwtBhpyAuIeQ&sai=AMfl-YS3oXkVT0yCz2QjkmJC0w1PbCuMjGndPO_HgR6YPfGhcZs8h5Q_xOD0dyYVNu-_auyxpD-tupSy_CfETXc5EOrnEwOLxi0HojQ9qm-csE2xWEQmCjM6hpjEH5pzQxUhVjcHVy3S5YsUFMatKJXMiEdPqDXBTCw4cIHBoPPOPEf3G3LiDVJcAckr3da8sU91xyJotmQxMa-XAI634HKhlwDnsIyAsneGBX5BKh5HZUZhX5vInYuVvGN4xM_XlGHQTjbrMSYCK5zAEd6IyVpfaQl8cYBsyI8plUB5c5mm_dSZOP5s&sig=Cg0ArKJSzLAbPif-jwp2EAE&cid=CAQSsgEAwksa0WjryZJqxBuNNfpZs1ENBBUU1x_GO2Ozt10RwOQ1yJUBZI0qLe4Wy_P-bPSX3vlCJ06rnU6GfcZ2l3QECAEU0Ez61IIuHiNNE6ulwGa20yt4YC_OkhAnCyx1nyJ-lIuWmmu-lp4O92m5Kt_JjvhP0wxMhpK17Ogu4O2GJcBxp_SIYCyiK9HKK1kjlX22Luk1xl5ziiil4wTnl3H8BwXjW9uUZU3kMQw8jHLsSE-eGAE&id=ampim&o=268,414&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=570&tls=1570&g=100&h=100&tt=1570&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 05 Dec 2025 00:36:59 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 1280	42 B 65 B	43ms 43ms	Image image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssH742LIDwsX7JiWOnx2IRHcecK54Gqg_onBEBP6IYlgVzaAmmS_25XZbrYnFh800glxfACrQVIMETUphExAleU-PHp_Y8VDLkmqnQIk6_xrJHV0jXpybJ_OVINnKBr-leoQbclw7X2wuQUd0WFnvZw8StIEr9l-Q9ro2PKiHLOutWC1NNNTjoPKVVR7WbLP-bS6BcS8i7OXUZWdk02GOZ2CA4-xrL2-A1aTxUaruXYsxipRGrVMNikTiwvhID1eFrdIWwWml-EV3Rhtjnt6SLzeXiP8D4Vki_rTGtNHjPUFsfIcLeHPeONiZxuXm1VDH4fR_pAOxUYxj8puekAKF0HFSkY3luNUr-pP7qflTVyt0PGiTqrhNspUF3XbLEPrhlcK9urNOtqAXO1TsEiOa8HKkZ3ZybV2Co6mJ6fUMvcMMnaw4FyzKszHGGBd9gx7S-livP9nzESXKzc3KkIlV5UvmyTkyJh8EPCIgwH7KlWTFKSxp5ExS8U2-dkJjFrO0pc6QwQhqmSVZBbtgf2OgTyQOiDQU3Vnb9c5Qz9qGtkMTiWGJMXrUjRli2AjaYFSJViM191MKD6X8GQw7XLi-9OqH63eVjIIcXoaSOoFtNt2uxcXuElufuhf4m1si6izNkxp71UhbnjLDo3Uswn9_9YwrDDhZe4PBXR5bjd4AQ2bAqCQqYzc6W_hgcMoZbfPZDhN432NJUPT5htG9t5kHLM1xVbi5qZgxj3zC4Il6TqTnp0ARfkcFnnVEO1CH17WCt06qe4oXSMOvoH_iNIDeKnFNiSWQ86eLNsDYpamR8LaMUmEf3A3wdU9kNpi_HWml7Yrj-VFAa-R46CMM2Kz8UAvsDImsSKK4jbzFrr2axQeD4paiJ7IlNOVc5QK0ddu9mt4rGg62L44kjttlV-vd53vVTxSCR5Qjl1wwGLZIGaSFv97tq-LQGwRR95qQyBYBwSupYa7P41E33WmlSEwdGOj18lppKpBienIW0qmIiiy2QfMa1K6NyAU5oEWJeQ7CYj6qSp-uz2rAjDuXAupq99beyOOc_MMkiy6G7YRWhDxqJnL43gbWDlwh-1EBAhgpOwtTHIFnTGrg8INko4WXI-EUGbYrfZrS-CDYjIx0u3_cTqumRR8phgepPTpbZs6NidAU9OAJRUvSrrBhX7Ut9fbtI50Mmn8rzANWqRsMFJMy41C_UqbylC4hRJVsC9b9jbvgCgulw3E2E47CbnfS8x6QgAbIVyp2_iqpUnWsc3bmQK3Iz69YnPmTsmr-kh3AoSV5QDfRBwhVA7tGy18sbXW6JSJe3hKTsA5L4uP6SUsVTCGIYCNhgfV0z8W4pVKiXgqmnyNPZymr4nBjs9Z6aynr7WBprO30jNtSajU7chDiq3Gw1JopEpJXdXqqBgjBmgNh24zjOUgklh-gvkXHkbEW2KgB9e_A7HBqvJXBn4mUFGoh73I5lyof8AJm1W9h3yxiq9QEZjaR4awcpntL40TKjBkRBLjV3FMukcApb4qaSjbj6OmECw7h0sCZVLf8wVWL-P5ezhk6_HeUWcpOG1MZAAjpwTW1mhK8883nASGsoubGoORKMGIEkSKumpLpaI6k4nD4yX3P7cH7Zsc9_Y2upeDq0Cn8_i9F9hVOwrmq1QkKWflxaetPbBI8bxlVbUgcU6j1R0eib1HvDoj2QJVYDuIorQQRn1Tm2_NOK2Y4qoQC-ZwJUoFLwo1SaJ9PLyCf3OfNYi0Wkq3uyNI91jUZ-o9jRKDdhx5zFBvsD7fdY7wpgHnAp5Rynv9mWXCh0zNpC6vfNd2D9CIZQ7NzfHG3mW-AxxH1VUJmhWG1KrSs2Pj3iQ8GAuiWFitLLFkt8jwlO-tHTuvA&sai=AMfl-YRNrpU7X9r60P-_3PBelOYBAtAnXX1rVsCBqObH50_l2CbXuXv9jnt7sMfj0PmWFAI_aOSQyKDYmzQjzcvStS3sGy56ZimHHn-dHLC1qM9sWCG-ABYspSltsiVZgoteKvID9MiKnQCI7hKWaeJt7631uS-d5KcrQeIZgetTybmXFdsoHd2Kl2zAGEvgU4kZTcruMrkPAHfgRyDj26SC3pUdpKAW6_H7LJincNb2xGIZd_XZ-bmvAADIGmNGhXsCRQvzj5XGnr94OSKGCdlJMQoZmCp7q6C0tnFwDf7NVGzblO4E&sig=Cg0ArKJSzAeUeH0oyy7xEAE&cid=CAQSsgEAwksa0XM2F8YM22xEz4y_97oFDf-sn0T0rYd8M_bbwirwBP-XCQXsEocdLu_aAzX6icbP0QKCqoUjZS6m7A9K1SalN6P6f9maUC0nuk1H9Kzn5193nKeRyJoyk8Qo-bD8iFlA5s-CmsBdx2SC4VnZGJBKjfMbElQ6R2qaMS81-nXLE1b9qMTlhVpzGTu0dQFHrxhDum3M0dqOu7wh0Kno7w3fRyOQAXpJXf_0fbkLnulOGAE&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=383&tls=1383&g=100&h=100&tt=1383&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 05 Dec 2025 00:36:59 GMT x-xss-protection 0 content-type image/gif server cafe
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame FDC8	42 B 65 B	40ms 40ms	Image image/gif	172.217.175.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3u6k_3YhqUvKoSuzq8Lp1_0_UekIo0pLOTZPMy4Y1CHZ7rEYWi2cPfG6WDoCjFgTQ3uh1zQlh3pMuq6SgsViU-_9lXEZj6vvNWcQamWkR6WDaEx6-xV3R_zCWxbrvl5euQR5ooPzRcqArLGWETYGHGr5tmeyoBvJ0yaq8ocdEnb7ab-n8YtEiMLpO6QrUG521ioxQ6lvmXB1LcfWtq7JbAo4Ex24s7JHQ1cqE0QwXlQwRCW6bIUsgQwgBFosmIQ8wywiRDEklKGNEuB3wNHOic1gmOUJnFhnSQnn35181W7AfVXeTjvEhvCp4aAXtRMvTB_BZsYDrpreNSsJtadgOmmsB2y4wzr1rUbuQ_TLC7Zv9B0h8KuELU9iQyyAWYD0mm6lRrkamopsuQYz_DC6mybMq_q9ojrHkj_UjG9sr3pbvT-g2TSACFGsmBiyffaUdDxQ7vP_e_HMlX6P93q3z0Tg6F7VeDVXJNNgIpxPJHbuCOBpXrFwuzKe9HDWDujUwLEVZL3jNBnsdAtYgmn-r_Xru3AMuWKkYXNh83ZA-nqJo1I0U2XhcBUr1bayuF18CaUSNyFJeVf9vz-26H97VbiaoToL6iLxEuuGjeX8HaqC_QEZZE0n9YaUEPNMb4R1N0ML3dl_6LNN4JK-eU13mzecOUCdU4JEuscxXU2bsUg2k38zjRrUAw-yvIzY21jYUVoHTUMjCty_-M3aSfDIMUWokgfK0GNwCq2-gAoflmErdKu_9CxE0yqXv3UDfKj7xCwCbZr0AqpmnniBhyUFVzVetSF9u2yuV066KwQLx6TU3-PfeG8IMihMa-KzW1aHalN5pUukMOTHjTjpN5WYwnE-koogC4XSainM-ctMxZ2VxNMdvPh3S5kU6cNVnySPktUN_iyGwuhBrZli__dam1RlI_fBEicS0loWkmo09EjuERs_WB41KuAvoLiHaNpSzQRC_Vx6Q31LaAR8crGM6-Kf3X-PmAKEn0qpVpgrjl6cJW3F24TaPOCKrqFCv0ZTPzKK-2_ZPi2JJb9IT1XbZ2OtFE2xZH7J7m0M1if3Upq9ME83sP9R1aH-pzecGVBU6zbNXD0jjJZPx7XrPlzBSy28SGwnJt8alnWsmkQKwAOYSki_AJIuXTSpDMXhmrufmn4C89Wos5eL1ObOFfL3S-psv5zg94UbDiyTjg5umLy2KAt85uXFp38UbcCmQ17YeGVAkv6ZtcwIYlQz647Goev8iz4nTy5apzw3y3if3bKAHoWfODpCYpmVjEHweev6ZfH2d_LyZGXsEgpDyXcluywogvGPxXzkr_RhS1bGAOqqIjSrn14SI0zqhdTmyU0cnRqFEJ4HlH3jJOIIxw7o0tYZ8eLVSEdZVXPcUDDvw1yRjoqJWza6w0pyvq7z1UJ1uVZZgccusXgbvP6RbIhBAw6RyS6IlyZgGrvc2D__JyzlGt4ONTSSv9f_ybs_WlRwsVwmrqqV00jyX37v3eh4_R2bEh7x0fNc1kHWnddWBaiBdLgRY8x071ASFI1FXLErTPI0A1YqxtgBjWrMwGNvewo_Wgx_EvAk2I6DjtVDcmifl_xv4LU0BEk6ffLcS7q_5Syet5zkIMhiglal1tcoatCHO3gPoBniEQqyNKOolYj4PJ4dEREDV7DzM9N-Mv-JauWrMrALreM7MkOyQmcOuH_h591HHr5Ijh7I0FcP9-J8rS5dQTJ6gW5nj_vW5D7fqwPE48zHVGlkhuh_7iqEbwg2XH6865CxMX44qauCh2so5osXO_i44HiAD6_hcPlurSB2AMydIvSgJ0HyaScj7gfWdPI2BUfLnyDNX0XkXIr9PwLrD&sai=AMfl-YSxddSBZ7_Z6wkq_Cv2IEvuMPopEGiXmig2ADFv3EThSV_VA29JfHrF4Z5VKSjEPkUQprCfmte1-xqJYol7EuKQpS1N489Tc5RcyDJD7ejXBCYXwL6wl1E266jjUakCLssO9D3ZpS23sq2jH5a1eQdZozHWKlDDu_ZXzlHW78k6oYQ0dSGecHr75-GUGbNQG60EnI1w8e8IgzKKLxAxfHbPUx4y6Z1kHfAld2V2uKYpZRqmBfedV3LNbsIJg_AIhwASWpupe5FRQezUgcXlNT94vgcI227B3f1hVIRTq2UAH3nzkg&sig=Cg0ArKJSzDJeuwTb6xgeEAE&cid=CAQSswEAwksa0TYk8551BhdtgKtv9n7u3GIwxzRKgOd2rogVAVpcfDFRVIRrjI4PLh1JSxYdK9Y0k74d4SwwRbMJ2JmdljhDl358_tHwGURSQ-vYE1HSf5qz_tBGCW5_R5j0Zt-Ngj7QKMt1-W3j0HBQ1kmCA2Jb4uqLmEwiXpYyp5YVkoydV1xm2D4H8Oqo7-5GTGaGK5OTM2oldDOkmjxWhvAM0J7rvT7ZRA97PJGIZgso0m4rYxgB&id=ampim&o=0,601&d=300,600&ss=1600,1200&bs=300,600&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=837&tls=1837&g=100&h=100&tt=1837&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.175.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS nrt20s19-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://b55e5b14afd31a0ae198960e67c88ec4.safeframe.googlesyndication.com/ Response headers cache-control no-cache, must-revalidate timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true x-content-type-options nosniff expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-length 42 date Fri, 05 Dec 2025 00:36:59 GMT x-xss-protection 0 content-type image/gif server cafe
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://togetter-d.openx.net/w/1.0/pd https://togetter-d.openx.net/w/1.0/pd?cc=1 https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMCKhoMlKNZ_Dfs0rwPPGs&google_cver=1	43 B 128 B	45ms 43ms	Image image/gif	35.244.159.8 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMCKhoMlKNZ_Dfs0rwPPGs&google_cver=1 Protocol H2 Server 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 8.159.244.35.bc.googleusercontent.com Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers cache-control private, max-age=0, no-cache pragma no-cache x-forwarded-for 146.70.138.221 via 1.1 google expires Mon, 26 Jul 1997 05:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 p3p CP="CUR ADM OUR NOR STA NID" date Fri, 05 Dec 2025 00:36:59 GMT content-type image/gif vary Accept Redirect headers cache-control no-cache, must-revalidate location https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEMCKhoMlKNZ_Dfs0rwPPGs&google_cver=1 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 295 date Fri, 05 Dec 2025 00:37:00 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H2	204	ImgSync image8.pubmatic.com/AdServer/ Redirect Chain https://image8.pubmatic.com/AdServer/ImgSync?p=156960 https://image8.pubmatic.com/AdServer/ImgSync?p=156960&rdf=1 https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QUZEQjFENEUtNUFCRC00M0ZELThGMTEtNjU4QTVBMEZCNjY3&gdpr=-1&gdpr_consent=&google_cm https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESEIA_P4N_FGptZsTJjVxc-vY&google_cver=1 https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=	0 217 B	5ms 5ms	Image text/plain	207.65.34.77 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= Protocol H2 Server 207.65.34.77 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=16070400; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Referer https://posfie.com/ Response headers date Fri, 05 Dec 2025 00:37:00 GMT strict-transport-security max-age=16070400; includeSubDomains p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers strict-transport-security max-age=16070400; includeSubDomains cache-control no-store, no-cache, private location https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy= p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Fri, 05 Dec 2025 00:37:00 GMT server nginx
POST H3	204	collect analytics.google.com/g/	0 0	41ms 40ms	Fetch text/plain	216.239.34.181
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-5ZPETP1B9D&gtm=45je5c31v9104675881za200zd9104675881&_p=1764895016140&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=142496212.1764895017&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEIAAAQ&tag_exp=103116026~103200004~104527907~104528501~104684208~104684211~105391253~115583767~115616985~115938466~115938469~116184927~116184929~116217636~116217638&sid=1764895016&sct=1&seg=0&dl=https%3A%2F%2Fposfie.com%2F&dt=posfie%20-%20%E3%81%BF%E3%82%93%E3%81%AA%E3%81%A7%E3%81%A4%E3%81%8F%E3%82%8BX%E3%83%9D%E3%82%B9%E3%83%88%E3%81%BE%E3%81%A8%E3%82%81&_s=3&tfd=6336 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-5ZPETP1B9D Protocol H3 Security QUIC, , AES_128_GCM Server 216.239.34.181 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/143.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://posfie.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:169:0 report-to {"group":"ascnsrsggc:169:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:169:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://posfie.com cross-origin-opener-policy-report-only same-origin; report-to=ascnsrsggc:169:0 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 05 Dec 2025 00:37:02 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CYxuKKSkyafJPgI7b2A_bvPbxCbGn8eKDAbqKo7yZFZa7ot2wEBABIIPVmipgifPFhPQToAGMwa_fKcgBAakChsU_h5CzOz7gAgCoAwHIAwqqBJ4CT9DI-NoocBdBWYTJi6WpyttYUumlqFxBSkBWVmlkoh7ctWDlGx19ChFMsb9ApULyAfneiPXN9Hq5ZorWLhu8HDV_QXSgy-h8YDjBpcSmA88DSDZyZQlSn4Et6bGERRooPdGIrx_YMrcPH3o21BJdGyl_h0V-vPtqguY0pjKr5GnzOCRfcDxLSVY7_J9lgy3DEKrwOSTMTd8paTnR4SS05p0GlQUia-7JhqLJvVfRyY-uFJGgyUZkeS9gU8vZuekNJujS06A3Obbbxew3N6XwNdpopif0xF6auQmxa7gTxqSvMUJes6BbV4WKWETMy1SRy3uAQB4cx_fL5wdzvZIIrwnIY9EAAG9NmZ1VTUaDSpEB4nRAuI_DZby5V0PZPsAE_Nity9QF4AQBiAXJ_-3qVoAHjPn_vgSoB6fMsQKoB-LYsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgH98KxAtgHAfIHBBC10wTSCC8IgGEQARidATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljHkrekmqWRA5oJY2h0dHBzOi8vd3d3Lmxhd3Nvbi5jby5qcC9sYWIvdHN1dXNoaW4vYXJ0LzE1MTMwNDFfNDY1OS5odG1sP2dhZF9zb3VyY2U9NSZnYWRfY2FtcGFpZ25pZD0yMzMwOTU0OTUxM4AKA8gLAaIMA5ABAdoMEQoLENCj0uGF1JmolgESAgEDqg0CSlDiDRMIw7S3pJqlkQMVAMcWBR1bnj2e6g0TCOPlt6SapZEDFQDHFgUdW549nogO____________AdgTA4gUAdAVAZgWAcoWAgoA-BYBgBcBshcsChwIABIUcHViLTEzNzkwODMxMzYwOTgwMzAYy7YQGAEqCjY5MzI5OTM1MDe6FwI4AaoYFwkAAAAAUJvyQBIKNjkzMjk5MzUwNxgBshgJEgLwahgBIgEA0BgBwhkCCAE&sigh=Dg1DNxtw0sI&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSsgEAwksa0WjryZJqxBuNNfpZs1ENBBUU1x_GO2Ozt10RwOQ1yJUBZI0qLe4Wy_P-bPSX3vlCJ06rnU6GfcZ2l3QECAEU0Ez61IIuHiNNE6ulwGa20yt4YC_OkhAnCyx1nyJ-lIuWmmu-lp4O92m5Kt_JjvhP0wxMhpK17Ogu4O2GJcBxp_SIYCyiK9HKK1kjlX22Luk1xl5ziiil4wTnl3H8BwXjW9uUZU3kMQw8jHLsSE-eGAE&ebtr=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CIZ9sKSkyaYZ-95Db2A-y596JDbGn8eKDAbqKo7yZFZa7ot2wEBABIIPVmipgifPFhPQToAGMwa_fKcgBAakChsU_h5CzOz7gAgCoAwHIAwqqBKgCT9A6f1_XJPYvfe-Zrzb4PA6ST8nssqeapcBz-y46PxK-ws4zN4IL1TMAoUVKAI894Ovu-OgVGnYtDIxkKlItgCQshZdNtgzATUUuufPOYiNoF0PAQUJylh27xF1cUxMzA3uquJfin9KKoVsNbuC3yEPiBuBkkkBv3vPxqnjkeZzR5kjohsWhZrAmclwEapCHDf_YIendcDvssZTUXl7r-vxpYSRme9fj7JkheolXjoZzn4FjwHvRRC9l-Oqc2pLmINuZqG4kRNTwDGVrJ7JG-bLHwxUYvuHOY0L2gAc-yvYJO_Kkqu1xKjwW_WJt-1s6BzUm5UIdCNqRYx35qmMLojwVt53acDe15dkSUHS4_1r2EboXmO3Jol7W2UL2exJgg5q7gpbYH1TABPzYrcvUBeAEAYgFyf_t6laAB4z5_74EqAenzLECqAfi2LECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAfVyRuoB9m2sQKoB_fCsQLYBwHyBwQQ14sE0ggvCIBhEAEYnQEyCIqCgICAgIAIOg2AQIDAgICAgKiAAqgDSL39wTpY9bS3pJqlkQOaCWNodHRwczovL3d3dy5sYXdzb24uY28uanAvbGFiL3RzdXVzaGluL2FydC8xNTEzMDQxXzQ2NTkuaHRtbD9nYWRfc291cmNlPTUmZ2FkX2NhbXBhaWduaWQ9MjMzMDk1NDk1MTOACgPICwGiDAsqBgoE1tqxApABAdoMEAoKEKDcr4Wogdi1QhICAQOqDQJKUOINEwi237ekmqWRAxV3yBYFHbKzN9HqDRMI95C4pJqlkQMVd8gWBR2yszfRiA7___________8B2BMDiBQB0BUBmBYByhYCCgD4FgGAFwGyFywKHAgAEhRwdWItMTM3OTA4MzEzNjA5ODAzMBjLthAYASoKNjkzMjk5MzUwN7oXAjgBqhgXCQAAAABwXfBAEgo2OTMyOTkzNTA3GAGyGAkSAvBqGAEiAQDQGAHCGQIIAQ&sigh=xja7elba8Ho&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&cid=CAQSsgEAwksa0XM2F8YM22xEz4y_97oFDf-sn0T0rYd8M_bbwirwBP-XCQXsEocdLu_aAzX6icbP0QKCqoUjZS6m7A9K1SalN6P6f9maUC0nuk1H9Kzn5193nKeRyJoyk8Qo-bD8iFlA5s-CmsBdx2SC4VnZGJBKjfMbElQ6R2qaMS81-nXLE1b9qMTlhVpzGTu0dQFHrxhDum3M0dqOu7wh0Kno7w3fRyOQAXpJXf_0fbkLnulOGAE&template_id=5001&ebtr=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CKya4KSkyaaJJsoDa9g-e3MeRDrGn8eKDAbqKo7yZFZa7ot2wEBABIIPVmipgifPFhPQToAGMwa_fKcgBCakChsU_h5CzOz7gAgCoAwHIAwqqBJ4CT9A0fcUa1a2CktP1a97sfCdaK2Tp37_rPg4w85ZlbsEL_jlMmxsd_5pplAVRIhjksEsN-i7d58FbgrYYr8t-rFWyFfPL4hBVIjboyk15GzIW5o7V_E4NEXf4witkOxw1CS6iVcbLhFkEVNms2wfetK-S37iINxEjJAmLI1ifBgdhGnkd_9ch9ruaHVKay72F_lSVAWPfOYpWlWLRIw8x4SdpW1i6QP5wfnKR_QkfKWSBCv767jlYe0QpJot5HX7rjs2ub3h0fB50cQml39i4NXF8g3nEwDB55zbIK1Bs4rDWJ-BcrHD6NYfk1YmIQvJ7XyqKGJqtp_TWFj8KInCVi4vrvgtvCNHgOpJTHn4CK26Lj4MOMvrtPUpzikiCYcAE_Nity9QF4AQBiAXJ_-3qVqAGLoAHjPn_vgSoB6fMsQKoB-LYsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgH98KxAtgHAPIHBBC3vATSCC8IgGEQARidATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOlizj7ekmqWRA5oJY2h0dHBzOi8vd3d3Lmxhd3Nvbi5jby5qcC9sYWIvdHN1dXNoaW4vYXJ0LzE1MTMwNDFfNDY1OS5odG1sP2dhZF9zb3VyY2U9NSZnYWRfY2FtcGFpZ25pZD0yMzMwOTU0OTUxM4AKA8gLAaIMA5ABAdoMEQoLEKCMt6-3qLDvpAESAgEDqg0CSlDiDRMI66-3pJqlkQMVMoDWCB0e7jHi6g0TCJbft6SapZEDFTKA1ggdHu4x4ogO____________AdgTA4gUAdAVAZgWAcoWAgoA-BYBgBcBshcsChwIABIUcHViLTEzNzkwODMxMzYwOTgwMzAYy7YQGAEqCjY5MzI5OTM1MDe6FwI4AaoYFwkAAAAAcOPxQBIKNjkzMjk5MzUwNxgBshgJEgLwahguIgEA0BgBwhkCCAE&sigh=_O4wW9aGhdA&uach_m=%5B%5D&ase=2&nis=6&cid=CAQSswEAwksa0TYk8551BhdtgKtv9n7u3GIwxzRKgOd2rogVAVpcfDFRVIRrjI4PLh1JSxYdK9Y0k74d4SwwRbMJ2JmdljhDl358_tHwGURSQ-vYE1HSf5qz_tBGCW5_R5j0Zt-Ngj7QKMt1-W3j0HBQ1kmCA2Jb4uqLmEwiXpYyp5YVkoydV1xm2D4H8Oqo7-5GTGaGK5OTM2oldDOkmjxWhvAM0J7rvT7ZRA97PJGIZgso0m4rYxgB&template_id=5000&ebtr=1

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/btr/view?ai=CYxuKKSkyafJPgI7b2A_bvPbxCbGn8eKDAbqKo7yZFZa7ot2wEBABIIPVmipgifPFhPQToAGMwa_fKcgBAakChsU_h5CzOz7gAgCoAwHIAwqqBJ4CT9DI-NoocBdBWYTJi6WpyttYUumlqFxBSkBWVmlkoh7ctWDlGx19ChFMsb9ApULyAfneiPXN9Hq5ZorWLhu8HDV_QXSgy-h8YDjBpcSmA88DSDZyZQlSn4Et6bGERRooPdGIrx_YMrcPH3o21BJdGyl_h0V-vPtqguY0pjKr5GnzOCRfcDxLSVY7_J9lgy3DEKrwOSTMTd8paTnR4SS05p0GlQUia-7JhqLJvVfRyY-uFJGgyUZkeS9gU8vZuekNJujS06A3Obbbxew3N6XwNdpopif0xF6auQmxa7gTxqSvMUJes6BbV4WKWETMy1SRy3uAQB4cx_fL5wdzvZIIrwnIY9EAAG9NmZ1VTUaDSpEB4nRAuI_DZby5V0PZPsAE_Nity9QF4AQBiAXJ_-3qVoAHjPn_vgSoB6fMsQKoB-LYsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgH98KxAtgHAfIHBBC10wTSCC8IgGEQARidATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOljHkrekmqWRA5oJY2h0dHBzOi8vd3d3Lmxhd3Nvbi5jby5qcC9sYWIvdHN1dXNoaW4vYXJ0LzE1MTMwNDFfNDY1OS5odG1sP2dhZF9zb3VyY2U9NSZnYWRfY2FtcGFpZ25pZD0yMzMwOTU0OTUxM4AKA8gLAaIMA5ABAdoMEQoLENCj0uGF1JmolgESAgEDqg0CSlDiDRMIw7S3pJqlkQMVAMcWBR1bnj2e6g0TCOPlt6SapZEDFQDHFgUdW549nogO____________AdgTA4gUAdAVAZgWAcoWAgoA-BYBgBcBshcsChwIABIUcHViLTEzNzkwODMxMzYwOTgwMzAYy7YQGAEqCjY5MzI5OTM1MDe6FwI4AaoYFwkAAAAAUJvyQBIKNjkzMjk5MzUwNxgBshgJEgLwahgBIgEA0BgBwhkCCAE&sigh=Dg1DNxtw0sI&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSsgEAwksa0WjryZJqxBuNNfpZs1ENBBUU1x_GO2Ozt10RwOQ1yJUBZI0qLe4Wy_P-bPSX3vlCJ06rnU6GfcZ2l3QECAEU0Ez61IIuHiNNE6ulwGa20yt4YC_OkhAnCyx1nyJ-lIuWmmu-lp4O92m5Kt_JjvhP0wxMhpK17Ogu4O2GJcBxp_SIYCyiK9HKK1kjlX22Luk1xl5ziiil4wTnl3H8BwXjW9uUZU3kMQw8jHLsSE-eGAE&ibtr=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/btr/view?ai=CIZ9sKSkyaYZ-95Db2A-y596JDbGn8eKDAbqKo7yZFZa7ot2wEBABIIPVmipgifPFhPQToAGMwa_fKcgBAakChsU_h5CzOz7gAgCoAwHIAwqqBKgCT9A6f1_XJPYvfe-Zrzb4PA6ST8nssqeapcBz-y46PxK-ws4zN4IL1TMAoUVKAI894Ovu-OgVGnYtDIxkKlItgCQshZdNtgzATUUuufPOYiNoF0PAQUJylh27xF1cUxMzA3uquJfin9KKoVsNbuC3yEPiBuBkkkBv3vPxqnjkeZzR5kjohsWhZrAmclwEapCHDf_YIendcDvssZTUXl7r-vxpYSRme9fj7JkheolXjoZzn4FjwHvRRC9l-Oqc2pLmINuZqG4kRNTwDGVrJ7JG-bLHwxUYvuHOY0L2gAc-yvYJO_Kkqu1xKjwW_WJt-1s6BzUm5UIdCNqRYx35qmMLojwVt53acDe15dkSUHS4_1r2EboXmO3Jol7W2UL2exJgg5q7gpbYH1TABPzYrcvUBeAEAYgFyf_t6laAB4z5_74EqAenzLECqAfi2LECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAfVyRuoB9m2sQKoB_fCsQLYBwHyBwQQ14sE0ggvCIBhEAEYnQEyCIqCgICAgIAIOg2AQIDAgICAgKiAAqgDSL39wTpY9bS3pJqlkQOaCWNodHRwczovL3d3dy5sYXdzb24uY28uanAvbGFiL3RzdXVzaGluL2FydC8xNTEzMDQxXzQ2NTkuaHRtbD9nYWRfc291cmNlPTUmZ2FkX2NhbXBhaWduaWQ9MjMzMDk1NDk1MTOACgPICwGiDAsqBgoE1tqxApABAdoMEAoKEKDcr4Wogdi1QhICAQOqDQJKUOINEwi237ekmqWRAxV3yBYFHbKzN9HqDRMI95C4pJqlkQMVd8gWBR2yszfRiA7___________8B2BMDiBQB0BUBmBYByhYCCgD4FgGAFwGyFywKHAgAEhRwdWItMTM3OTA4MzEzNjA5ODAzMBjLthAYASoKNjkzMjk5MzUwN7oXAjgBqhgXCQAAAABwXfBAEgo2OTMyOTkzNTA3GAGyGAkSAvBqGAEiAQDQGAHCGQIIAQ&sigh=xja7elba8Ho&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSsgEAwksa0XM2F8YM22xEz4y_97oFDf-sn0T0rYd8M_bbwirwBP-XCQXsEocdLu_aAzX6icbP0QKCqoUjZS6m7A9K1SalN6P6f9maUC0nuk1H9Kzn5193nKeRyJoyk8Qo-bD8iFlA5s-CmsBdx2SC4VnZGJBKjfMbElQ6R2qaMS81-nXLE1b9qMTlhVpzGTu0dQFHrxhDum3M0dqOu7wh0Kno7w3fRyOQAXpJXf_0fbkLnulOGAE&template_id=5001&ibtr=1

Domain

securepubads.g.doubleclick.net

URL

https://securepubads.g.doubleclick.net/btr/view?ai=CKya4KSkyaaJJsoDa9g-e3MeRDrGn8eKDAbqKo7yZFZa7ot2wEBABIIPVmipgifPFhPQToAGMwa_fKcgBCakChsU_h5CzOz7gAgCoAwHIAwqqBJ4CT9A0fcUa1a2CktP1a97sfCdaK2Tp37_rPg4w85ZlbsEL_jlMmxsd_5pplAVRIhjksEsN-i7d58FbgrYYr8t-rFWyFfPL4hBVIjboyk15GzIW5o7V_E4NEXf4witkOxw1CS6iVcbLhFkEVNms2wfetK-S37iINxEjJAmLI1ifBgdhGnkd_9ch9ruaHVKay72F_lSVAWPfOYpWlWLRIw8x4SdpW1i6QP5wfnKR_QkfKWSBCv767jlYe0QpJot5HX7rjs2ub3h0fB50cQml39i4NXF8g3nEwDB55zbIK1Bs4rDWJ-BcrHD6NYfk1YmIQvJ7XyqKGJqtp_TWFj8KInCVi4vrvgtvCNHgOpJTHn4CK26Lj4MOMvrtPUpzikiCYcAE_Nity9QF4AQBiAXJ_-3qVqAGLoAHjPn_vgSoB6fMsQKoB-LYsQKoB6a-G6gHzM6xAqgH89EbqAeW2BuoB6qbsQKoB47OG6gHk9gbqAfw4BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gH2baxAqgH98KxAtgHAPIHBBC3vATSCC8IgGEQARidATIIioKAgICAgAg6DYBAgMCAgICAqIACqANIvf3BOlizj7ekmqWRA5oJY2h0dHBzOi8vd3d3Lmxhd3Nvbi5jby5qcC9sYWIvdHN1dXNoaW4vYXJ0LzE1MTMwNDFfNDY1OS5odG1sP2dhZF9zb3VyY2U9NSZnYWRfY2FtcGFpZ25pZD0yMzMwOTU0OTUxM4AKA8gLAaIMA5ABAdoMEQoLEKCMt6-3qLDvpAESAgEDqg0CSlDiDRMI66-3pJqlkQMVMoDWCB0e7jHi6g0TCJbft6SapZEDFTKA1ggdHu4x4ogO____________AdgTA4gUAdAVAZgWAcoWAgoA-BYBgBcBshcsChwIABIUcHViLTEzNzkwODMxMzYwOTgwMzAYy7YQGAEqCjY5MzI5OTM1MDe6FwI4AaoYFwkAAAAAcOPxQBIKNjkzMjk5MzUwNxgBshgJEgLwahguIgEA0BgBwhkCCAE&sigh=_O4wW9aGhdA&uach_m=%5B%5D&ase=2&nis=4&cid=CAQSswEAwksa0TYk8551BhdtgKtv9n7u3GIwxzRKgOd2rogVAVpcfDFRVIRrjI4PLh1JSxYdK9Y0k74d4SwwRbMJ2JmdljhDl358_tHwGURSQ-vYE1HSf5qz_tBGCW5_R5j0Zt-Ngj7QKMt1-W3j0HBQ1kmCA2Jb4uqLmEwiXpYyp5YVkoydV1xm2D4H8Oqo7-5GTGaGK5OTM2oldDOkmjxWhvAM0J7rvT7ZRA97PJGIZgso0m4rYxgB&template_id=5000&ibtr=1