redman.work Open in urlscan Pro
157.7.107.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://redman.work/
Submission: On July 14 via manual (July 14th 2022, 1:39:37 am UTC) from JP — Scanned from JP

Summary HTTP 99 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 99 HTTP transactions. The main IP is 157.7.107.138, located in Fukuoka, Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is redman.work.

This is the only time redman.work was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	157.7.107.138 157.7.107.138	7506 (INTERQ GM...) (INTERQ GMO Internet)
4	2404:6800:400... 2404:6800:4004:80c::200a	15169 (GOOGLE) (GOOGLE)
15	2404:6800:401... 2404:6800:4012:3::2002	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:81c::200e	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:821::2003	15169 (GOOGLE) (GOOGLE)
11	2404:6800:401... 2404:6800:4012:1::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.207.98 142.250.207.98	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:810::2002	15169 (GOOGLE) (GOOGLE)
18	2404:6800:401... 2404:6800:4012:3::2001	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:81c::2002	15169 (GOOGLE) (GOOGLE)
1 3	2404:6800:400... 2404:6800:4004:801::2004	15169 (GOOGLE) (GOOGLE)
1	2620:116:800e... 2620:116:800e:21:a878:7c6e:cf7b:3362	16509 (AMAZON-02) (AMAZON-02)
1 1	34.211.82.183 34.211.82.183	16509 (AMAZON-02) (AMAZON-02)
4	172.217.175.226 172.217.175.226	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:214... 2600:9000:2142:7200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
1	103.231.99.243 103.231.99.243	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
99	17

26 157.7.107.138 (Fukuoka, Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: 157-7-107-138.virt.lolipop.jp

redman.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80c::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4012:3::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81c::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:821::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2404:6800:4012:1::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.98 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:810::2002 (Australia)

ASN15169 (GOOGLE, US)

adservice.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2404:6800:4012:3::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:801::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:a878:7c6e:cf7b:3362 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.211.82.183 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-82-183.us-west-2.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s29-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2142:7200:19:fc2c:a140:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.231.99.243 (Japan)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166	429 KB
26	redman.work redman.work	2 MB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net — Cisco Umbrella Rank: 223	110 KB
9	gstatic.com fonts.gstatic.com www.gstatic.com	128 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	128 KB
3	google.co.jp adservice.google.co.jp — Cisco Umbrella Rank: 41714	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 372	459 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 684	166 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1052	639 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 603	693 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3451	375 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1205	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	694 B
99	16

	Domain	Requested by
26	redman.work	redman.work
18	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	pagead2.googlesyndication.com	redman.work pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com redman.work googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	redman.work googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.jp	pagead2.googlesyndication.com
2	www.google-analytics.com	redman.work www.google-analytics.com
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
99	20

This site contains links to these domains. Also see Links.

Domain
fit-jp.com
wordpress.org

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
redman.work R3	`2022-05-07` - `2022-08-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh

This page contains 14 frames:

Primary Page: http://redman.work/
Frame ID: 52E53E6891A1EF5A739FFF0E8079D813
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html
Frame ID: FCF3BF95A5C7CF3075C418802471353C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&adk=1812271804&adf=3025194257&lmt=1657762771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fredman.work%2F&ea=0&pra=5&wgl=1&dt=1657762770787&bpp=3&bdt=322&idt=240&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3669876045852&frm=20&pv=2&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=253
Frame ID: B85A6EA170C55175AF1914BEDDEC60FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16
Frame ID: F7B8C25605A7079268BC6C7744B0B964
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5955A76FAFB6F53F62EBBE51E42F8401
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Frame ID: 33790CE74079E0F15A85A5D2950A9ACF
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DFC78EF2F86D8A75757CA4B19CAEAE9F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FAEB3AADFE1EFB9545573479CBC041D
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%B1%9E%E3%81%97%E5%BB%BA%E6%B0%97%E4%BB%BB%E5%A4%96%E3%81%A7%E3%81%A0%E9%87%91%E3%83%88%E5%B1%8B%E3%82%A4%E6%A0%B9%E3%82%89%E3%81%8A%E3%83%B3%E7%89%A9%E3%81%AE%E3%83%BC%E3%82%BF%E3%81%95%E3%81%BE%E3%83%8D%E3%81%8F%E3%81%AA%E3%82%8C%E3%82%B0%E3%81%A8%E3%82%83%E3%81%84%E9%9B%A8%E6%8F%9B%EF%BC%81%E3%83%AB%E3%83%90%E8%A3%BD%E3%82%A3%E3%82%AC%E3%83%87%E3%81%8B%E3%82%B5%E8%A3%85%E6%A3%9F%E6%9D%90%E3%82%B3%E3%81%9B%E3%80%81
Frame ID: 5929169C715860DA7E9FC9427ACC0450
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 91139775EC4A37361A384BE10CD59C47
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 26000AAF692350F804D3FBF0A867D03D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64A915B14681DF8835068E99D0C1CB82
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 2EF87B9A4C2BA2C6D6ED3C742161EAC7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js
Frame ID: 430DA787778F74B44A98BCB322B992CC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

【あかいろTV ブログ】30万円で買った家（ボロ屋）をDIYしています│あかいろTV

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

99
Requests

82 %
HTTPS

63 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

3099 kB
Transfer

4723 kB
Size

14
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://fit-jp.com/
Title: FIT-Web Create

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 93

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4D_nVbomisoUroz8ufKNNAsv3ISvrjz0O75jhYYKAO48OHSV7g-qgiSD3OMV0Vpja_0epUio8gmqUBQqz6p4Fx3XrRgWIE&google_gid=CAESEM8Qz7xWKtTb1Huop-c5Lyo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM5ejFBQUFBYlM1TVY4eQ&google_push=AehlK4D_nVbomisoUroz8ufKNNAsv3ISvrjz0O75jhYYKAO48OHSV7g-qgiSD3OMV0Vpja_0epUio8gmqUBQqz6p4Fx3XrRgWIE

Request Chain 94

https://d.agkn.com/pixel/2175/?google_gid=CAESECxNLeo5D95bieeAI85KpdM&google_cver=1&google_push=AehlK4AUIVOhx5q1tTjgUm1RaYfeYrgIHJZMSqPuut7RqtplDObgmaZFsR4UQtvK0kujnXAKOhOqq4hRsFukbng49rZSMle2WSI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AUIVOhx5q1tTjgUm1RaYfeYrgIHJZMSqPuut7RqtplDObgmaZFsR4UQtvK0kujnXAKOhOqq4hRsFukbng49rZSMle2WSI&google_hm=Q0FFU0VDeE5MZW81RDk1YmllZUFJODVLcGRN

Request Chain 97

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIhN84fY6-dUlPXH7oeKXBg&google_cver=1&google_push=AehlK4BOpC8qw117LiC_MO_Rbq1kO9dRBkKnqZuxfjGwth_eoySEuSRcrQoAnv8mYWvx-Jh3ddJ_MfNkob1wQMFIKIc1qwKzug HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVLRDVIWVUtMU4tM1g2Tw==&google_push=AehlK4BOpC8qw117LiC_MO_Rbq1kO9dRBkKnqZuxfjGwth_eoySEuSRcrQoAnv8mYWvx-Jh3ddJ_MfNkob1wQMFIKIc1qwKzug

99 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
redman.work/ 32 KB
8 KB 701ms
652ms Document
text/html 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache / PHP/7.4.12
Resource Hash: 9b795702782453669f1e2f84320e042d73ac2159a26a0fed6a819de82299f5fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Accept-Ranges: none
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7711
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Jul 2022 01:39:30 GMT
Link: <https://redman.work/wp-json/>; rel="https://api.w.org/"
Server: Apache
Vary: Range,Accept-Encoding
X-Powered-By: PHP/7.4.12

GET
H/1.1 200
OK style.min.css
redman.work/wp-includes/css/dist/block-library/ 57 KB
9 KB 67ms
66ms Stylesheet
text/css 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-includes/css/dist/block-library/style.min.css?ver=5.7.6
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Apr 2021 10:20:01 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 8685

GET
H/1.1 200
OK widgets.css
redman.work/wp-content/plugins/wpforo/wpf-themes/classic/ 18 KB
3 KB 57ms
48ms Stylesheet
text/css 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/plugins/wpforo/wpf-themes/classic/widgets.css?ver=1.9.6
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 1b81e141b5c06e711c279f7bed065e62a91992cdc894600a9c7708eaea2cff72

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Apr 2021 05:05:14 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 2823

GET
H/1.1 200
OK jquery.fancybox.min.css
redman.work/wp-content/plugins/easy-fancybox/css/ 4 KB
1 KB 51ms
42ms Stylesheet
text/css 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css?ver=1.3.24
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:46 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1111

GET
H/1.1 200
OK colors.css
redman.work/wp-content/plugins/wpforo/wpf-themes/classic/ 61 KB
8 KB 34ms
26ms Stylesheet
text/css 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/plugins/wpforo/wpf-themes/classic/colors.css?ver=1.9.6.71b0eca09d127e7550c720bd96314ce6
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: bb89588553c1a21bb27b016ac79be4be3009f8cdecb566193901a53df113e60b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Apr 2021 05:09:52 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 7494

GET
H/1.1 200
OK jquery.min.js Show response
redman.work/wp-includes/js/jquery/ 87 KB
30 KB 66ms
32ms Script
application/javascript 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:11 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 30916

GET
H/1.1 200
OK jquery-migrate.min.js Show response
redman.work/wp-includes/js/jquery/ 11 KB
4 KB 64ms
21ms Script
application/javascript 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:11 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 4169

GET
H/1.1 200
OK style.css
redman.work/wp-content/themes/lionmedia/ 48 KB
11 KB 42ms
35ms Stylesheet
text/css 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/themes/lionmedia/style.css
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 2177b90dd76dcd31e8847ddfa0eefc1af08a7d270019c812f1932a36981d61c3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Jul 2018 11:52:20 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 10567

GET
H/1.1 200
OK icon.css
redman.work/wp-content/themes/lionmedia/css/ 1 KB
750 B 52ms
46ms Stylesheet
text/css 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/themes/lionmedia/css/icon.css
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 78dcfa1d7e5fdfce09883170ada28b86d37d06b564254d0e3aedaa7e9d9add6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Jul 2018 11:52:20 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: none
Content-Length: 489

GET
H2 200 css
fonts.googleapis.com/ 2 KB
914 B 91ms
43ms Stylesheet
text/css 2404:6800:4004:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: redman.work
URL: http://redman.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f886fd1b5af3a3e24b1ecf7c9f46da418c49b5d3a5f4903dee72ef4fcdae5e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:10:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 01:39:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 01:39:30 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 123ms
51ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: redman.work
URL: http://redman.work/

Protocol

HTTP/1.1

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7673776b0b24c92e4b7edc029812a84504fe81d9cfd5133054b57666105fd4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 16264782955187647956
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 56601
X-XSS-Protection: 0
Expires: Thu, 14 Jul 2022 01:39:30 GMT

GET
H/1.1 200
OK jquery.fancybox.min.js Show response
redman.work/wp-content/plugins/easy-fancybox/js/ 19 KB
6 KB 80ms
33ms Script
application/javascript 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/plugins/easy-fancybox/js/jquery.fancybox.min.js?ver=1.3.24
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:46 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 6330

GET
H/1.1 200
OK jquery.easing.min.js Show response
redman.work/wp-content/plugins/easy-fancybox/js/ 2 KB
1 KB 71ms
20ms Script
application/javascript 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/plugins/easy-fancybox/js/jquery.easing.min.js?ver=1.4.1
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:46 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 767

GET
H/1.1 200
OK jquery.mousewheel.min.js Show response
redman.work/wp-content/plugins/easy-fancybox/js/ 3 KB
1 KB 87ms
35ms Script
application/javascript 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/plugins/easy-fancybox/js/jquery.mousewheel.min.js?ver=3.1.13
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:46 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 1145

GET
H/1.1 200
OK wp-embed.min.js Show response
redman.work/wp-includes/js/ 1 KB
1 KB 70ms
10ms Script
application/javascript 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-includes/js/wp-embed.min.js?ver=5.7.6
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Apr 2021 05:20:11 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: none
Content-Length: 765

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
3ms Script
text/javascript 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: redman.work
URL: http://redman.work/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5673
date: Thu, 14 Jul 2022 00:04:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Jul 2022 02:04:57 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 41ms
3ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://redman.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:09:40 GMT
x-content-type-options: nosniff
age: 116990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 17:09:40 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 32ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://redman.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:17:39 GMT
x-content-type-options: nosniff
age: 116511
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 17:17:39 GMT

GET
H/1.1 200
OK icomoon.ttf
redman.work/wp-content/themes/lionmedia/fonts/ 4 KB
3 KB 29ms
29ms Font
application/x-font-ttf 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: http://redman.work/wp-content/themes/lionmedia/fonts/icomoon.ttf?gizg5m
Requested by: Host: redman.work
URL: http://redman.work/wp-content/themes/lionmedia/css/icon.css
Protocol: HTTP/1.1
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: e4ddabafeb39589e498cb770f01aa92f769b04bcd4b9a0a997e0f8b871e49dd5

Request headers

Referer: http://redman.work/wp-content/themes/lionmedia/css/icon.css
Origin: http://redman.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 01:39:30 GMT
Content-Encoding: gzip
Last-Modified: Thu, 12 Jul 2018 11:52:20 GMT
Server: Apache
Vary: Range,Accept-Encoding
Content-Type: application/x-font-ttf
Connection: keep-alive
Accept-Ranges: none
Content-Length: 2569

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 22 KB
22 KB 35ms
8ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://redman.work
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 07:57:58 GMT
x-content-type-options: nosniff
age: 322892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22504
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 10 Jul 2023 07:57:58 GMT

GET
H2 200 %E3%82%AA%E3%83%BC%E3%83%97%E3%83%8B%E3%83%B3%E3%82%B0-730x410.png
redman.work/wp-content/uploads/2021/05/ 543 KB
544 KB 127ms
118ms Image
image/png 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2021/05/%E3%82%AA%E3%83%BC%E3%83%97%E3%83%8B%E3%83%B3%E3%82%B0-730x410.png
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: a0b7506f992b41665229212b12c8e537496082c92659eaba16bc5477ec169b52

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sun, 30 May 2021 06:56:57 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/png

GET
H2 200 RIMG3278-730x410.jpg
redman.work/wp-content/uploads/2021/05/ 98 KB
75 KB 80ms
72ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2021/05/RIMG3278-730x410.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 3d91e4343c99a2ca0be138965916b7c141f636a3d737023fb26db4d821322ea8

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sat, 29 May 2021 09:59:30 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG3220-730x410.jpg
redman.work/wp-content/uploads/2021/05/ 170 KB
156 KB 92ms
90ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2021/05/RIMG3220-730x410.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: cdbd14df6c9cea0e809e42e928120ded0e2b8d2a9906751af0055158fba10417

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Wed, 05 May 2021 06:38:35 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG3057-730x410.jpg
redman.work/wp-content/uploads/2021/04/ 112 KB
96 KB 60ms
58ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2021/04/RIMG3057-730x410.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 68bcb54af28b5ddeb4cfb056ad02273a0e65e2c11044ddf4976ac0a2bfc934ca

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 13:37:03 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG2970-730x410.jpg
redman.work/wp-content/uploads/2021/04/ 108 KB
95 KB 69ms
68ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2021/04/RIMG2970-730x410.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: a7619248a003afebcdeabad59238689572e458f7b44deeee3b87ffe66a84f7aa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 13:23:34 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG2909-890x500.jpg
redman.work/wp-content/uploads/2021/04/ 153 KB
141 KB 77ms
75ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2021/04/RIMG2909-890x500.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: e0d27c3e3240d9f2c8107571dea17b3cf7d25d64865e455a26712b7c45e876d3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 11:27:57 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG2918-890x500.jpg
redman.work/wp-content/uploads/2019/11/ 166 KB
154 KB 70ms
68ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2019/11/RIMG2918-890x500.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 05890da023c2622aa08ce3804abdc9158ea5306767a0812af48c1f60a294b1d4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sat, 02 Nov 2019 20:56:35 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG2911-890x500.jpg
redman.work/wp-content/uploads/2019/11/ 161 KB
149 KB 95ms
94ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2019/11/RIMG2911-890x500.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 8da2eaf51c472b6450b11b2f30d0386bdd0970bc31e6065590a9a1f288054013

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sat, 02 Nov 2019 20:55:18 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 64212887.0bae4fd164d50c004139dedbd8e16994.20122611-852x500.jpg
redman.work/wp-content/uploads/2020/12/ 83 KB
80 KB 91ms
90ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2020/12/64212887.0bae4fd164d50c004139dedbd8e16994.20122611-852x500.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 994a00046c3779f2e30e75f5d184ebc429596b808cc95cf3b121bb95e3a707dd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sun, 27 Dec 2020 10:19:07 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 %E3%82%B5%E3%83%A0%E3%83%8D.png
redman.work/wp-content/uploads/2019/11/ 504 KB
504 KB 103ms
102ms Image
image/png 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2019/11/%E3%82%B5%E3%83%A0%E3%83%8D.png
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 8a5053ca17ce69eede770199bc356c32eb147d862c426f35b378742586b27c9a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sat, 02 Nov 2019 21:07:53 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/png

GET
H2 200 himetougan.jpg
redman.work/wp-content/uploads/2018/07/ 77 KB
77 KB 83ms
82ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2018/07/himetougan.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: b0ba1bc8dd7376d2914d920f58771bd85d397eccb116b8f9707d110151ab137b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sat, 14 Jul 2018 23:15:47 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

GET
H2 200 RIMG2011-890x500.jpg
redman.work/wp-content/uploads/2019/04/ 132 KB
119 KB 100ms
99ms Image
image/jpeg 157.7.107.138
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redman.work/wp-content/uploads/2019/04/RIMG2011-890x500.jpg
Requested by: Host: redman.work
URL: http://redman.work/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 157.7.107.138 Fukuoka, Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: 157-7-107-138.virt.lolipop.jp
Software: Apache /
Resource Hash: 33409b95353bdcd603d4e3444308ea324630a887c4ab0d47f575ab915232bd6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
last-modified: Sun, 14 Apr 2019 06:18:52 GMT
server: Apache
accept-ranges: none
vary: Range,Accept-Encoding
content-type: image/jpeg

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 38ms
37ms XHR
text/plain 2404:6800:4004:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=376928119&t=pageview&_s=1&dl=http%3A%2F%2Fredman.work%2F&ul=en-us&de=UTF-8&dt=%E3%80%90%E3%81%82%E3%81%8B%E3%81%84%E3%82%8DTV%20%E3%83%96%E3%83%AD%E3%82%B0%E3%80%9130%E4%B8%87%E5%86%86%E3%81%A7%E8%B2%B7%E3%81%A3%E3%81%9F%E5%AE%B6%EF%BC%88%E3%83%9C%E3%83%AD%E5%B1%8B%EF%BC%89%E3%82%92DIY%E3%81%97%E3%81%A6%E3%81%84%E3%81%BE%E3%81%99%E2%94%82%E3%81%82%E3%81%8B%E3%81%84%E3%82%8DTV&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1690971767&gjid=2077577234&cid=1754211049.1657762771&tid=UA-59628918-2&_gid=1164608065.1657762771&_r=1&_slc=1&z=2145890762

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://redman.work/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://redman.work
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 340 KB
120 KB 136ms
61ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b64767efe3868e04f592b60c91908e6f645d2730000a16c4a1cf722621b30f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122490
x-xss-protection: 0
server: cafe
etag: 2660363578658809428
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 01:39:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame FCF3 10 KB
5 KB 116ms
37ms Document
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 30470
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 17:11:40 GMT
etag: 10429905676100781186
expires: Wed, 27 Jul 2022 17:11:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
694 B 150ms
49ms Script
text/javascript 142.250.207.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=redman.work&callback=_gfp_s_&client=ca-pub-8918985646082661&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f2.1e100.net

Software

cafe /

Resource Hash

0d61f91d93df7bf0fbcfcebe544bd48da7240ebf9ad019edf9253cb5d16760c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
792 B 81ms
43ms Script
application/javascript 2404:6800:4004:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=redman.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 165ms
43ms Script
application/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=redman.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B85A 241 KB
62 KB 544ms
464ms Document
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&adk=1812271804&adf=3025194257&lmt=1657762771&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fredman.work%2F&ea=0&pra=5&wgl=1&dt=1657762770787&bpp=3&bdt=322&idt=240&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3669876045852&frm=20&pv=2&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=253

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb386e599c3025e8b3a5a76587dbfd946ac9caed80dfbb2fef7ff50a963ec6fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 63453
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 01:39:31 GMT
expires: Thu, 14 Jul 2022 01:39:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 117ms
46ms XHR
application/json 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220707&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e161a0aa2ddc11b4e41d1c519efc428ba99ebb80b8bd1ee46f1476e887a4f804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11059
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/ 149 KB
53 KB 122ms
50ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/reactive_library_fy2019.js?bust=31068381

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

692c637ad042baf6faf67a30ca722285f605a068c686f49e2c901a7f22fa5be7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54384
x-xss-protection: 0
server: cafe
etag: 7351846976204314829
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 14 Jul 2022 01:39:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 119ms
43ms Script
application/javascript 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=redman.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 113ms
41ms Script
application/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=redman.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F7B8 95 KB
34 KB 511ms
511ms Document
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d21e682c7bb05f7d4b4d7972c9f369c5de7052cc8126bd33c1cb480d86bd5a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34646
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 01:39:32 GMT
expires: Thu, 14 Jul 2022 01:39:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 125ms
42ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 01:39:31 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.jp/adsid/ 107 B
122 B 42ms
42ms Script
application/javascript 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.jp/adsid/integrator.js?domain=redman.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
41ms Script
application/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=redman.work

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Jul 2022 01:39:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame 5955 10 KB
4 KB 38ms
37ms Document
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 25890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 18:28:01 GMT
etag: 10429905676100781186
expires: Wed, 27 Jul 2022 18:28:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/ Frame 3379 10 KB
4 KB 38ms
37ms Document
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207110101/show_ads_impl_fy2019.js?bust=31068381

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 25890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 18:28:01 GMT
etag: 10429905676100781186
expires: Wed, 27 Jul 2022 18:28:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 5955 4 KB
636 B 74ms
37ms Stylesheet
text/css 2404:6800:4004:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:19:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 01:39:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 01:39:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5955 205 B
744 B 42ms
2ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 22:47:09 GMT
x-content-type-options: nosniff
age: 355942
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 09 Jul 2023 22:47:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5955 604 B
695 B 42ms
2ms Image
image/png 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 22:06:59 GMT
x-content-type-options: nosniff
age: 99152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 12 Jul 2023 22:06:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/ Frame 5955 19 KB
8 KB 119ms
41ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1084
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:21:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3379 0
0 50ms
49ms Fetch
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvNHH03PPYqnECemS29gP_u2hqAeb2qKLa9bm0KS5D-C_io25IxABIO6D72JgifPFhPQToAGa17-AA8gBAqkCnwu8LJlEPz6oAwHIA8kEqgTiAU_QhWFc-nkipMJTA4PPRMpnDZUodsmT8WYR7fgRlF-XuRG6uA08d8mWOKGtikUX4tozoQAkJtADH8PLr8U6cm4M12rsM1Uy94cZ43Nvtu4tZIt8tlijEs0hiMeMRCw5-sULl6dlS8u6WB2ZzSn38bwkcv0mQy5rwPYU-gn4lsUVesWQFO5NOEEIHIkX4lWTjgM6uugKgn--7F7hhImgSX-ebUQxUv2gHQcwigd6VhY5oNtwmOu51GvgbhGL31Bn0-xyhU5yK0Aa6TsShcmIWb3Opa0Lv___2O4EFqqOUsDi9OrABIG_spK5A5IFBAgEGAGSBQQIBRgEoAYCgAfOqMB_qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgPM20ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTg5MTg5ODU2NDYwODI2NjEYAA&sigh=XC7q53ujZRs&uach_m=[UACH]

Requested by

Host: redman.work
URL: http://redman.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Jul 2022 01:39:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Jul 2022 01:39:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 3379 21 KB
8 KB 113ms
47ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:21:30 GMT

GET
H3 200 13631388999243774458
tpc.googlesyndication.com/simgad/ Frame 3379 24 KB
24 KB 129ms
63ms Image
image/png 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13631388999243774458?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnOGB43UzE_mJXbI4dg8IczKUh50g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8b5472d89433065a9b411c99b05145c7eca9315d4d2e0803fb14fac6bed3d76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 20:29:45 GMT
x-content-type-options: nosniff
age: 277787
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24877
x-xss-protection: 0
last-modified: Tue, 15 Feb 2022 02:23:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 10 Jul 2023 20:29:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3379 3 KB
1 KB 168ms
102ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:56:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3379 17 KB
7 KB 119ms
53ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:13:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3379 138 KB
43 KB 153ms
74ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 01:39:32 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 3379 31 KB
13 KB 102ms
37ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12985
x-xss-protection: 0
server: cafe
etag: 7466239315051897255
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:19:05 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DFC7 13 KB
5 KB 98ms
38ms Document
text/html 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 322290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Jul 2022 08:08:01 GMT
expires: Mon, 10 Jul 2023 08:08:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5FAE 783 B
1 KB 81ms
38ms Document
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9fc85917aaf116c97d7b29cb949573bb3ee9adc1077f891daf932bc89ea235e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Juws_JiTtlca2aK80XxpeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://redman.work/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-Juws_JiTtlca2aK80XxpeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 01:39:31 GMT
expires: Thu, 14 Jul 2022 01:39:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 css
fonts.googleapis.com/ Frame 5929 1 KB
699 B 41ms
41ms Stylesheet
text/css 2404:6800:4004:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A300%2C400%2C700&text=%E5%B1%9E%E3%81%97%E5%BB%BA%E6%B0%97%E4%BB%BB%E5%A4%96%E3%81%A7%E3%81%A0%E9%87%91%E3%83%88%E5%B1%8B%E3%82%A4%E6%A0%B9%E3%82%89%E3%81%8A%E3%83%B3%E7%89%A9%E3%81%AE%E3%83%BC%E3%82%BF%E3%81%95%E3%81%BE%E3%83%8D%E3%81%8F%E3%81%AA%E3%82%8C%E3%82%B0%E3%81%A8%E3%82%83%E3%81%84%E9%9B%A8%E6%8F%9B%EF%BC%81%E3%83%AB%E3%83%90%E8%A3%BD%E3%82%A3%E3%82%AC%E3%83%87%E3%81%8B%E3%82%B5%E8%A3%85%E6%A3%9F%E6%9D%90%E3%82%B3%E3%81%9B%E3%80%81

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a771748ae81d42e0db32d0d2b6d119280e66d4e7431e802cb30c62ff5fc99ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 01:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 01:39:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 01:39:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 5929 2 KB
902 B 93ms
93ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:22:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame 5929 21 KB
8 KB 63ms
63ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:21:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 5929 3 KB
1 KB 94ms
93ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:56:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame 5929 17 KB
7 KB 70ms
69ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:13:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5929 138 KB
42 KB 118ms
117ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 01:39:32 GMT

GET
H3 200 9fbfea14cd545ec81bc54d3c558bfb70.js Show response
www.gstatic.com/mysidia/ Frame 5929 31 KB
13 KB 41ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 07:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13103
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 00:09:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Oct 2022 07:41:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FAE 0
0 56ms
56ms Image
text/html 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220707&jk=1838816007843257&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame DFC7 36 KB
14 KB 36ms
35ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 21:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 21:25:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9113 143 B
163 B 39ms
38ms Document
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 3529
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 00:40:43 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3379 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25be9959dbf7ac55913c6d4715a114cee380ae25247914f4502e00f2ab81234

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9113
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

46ms
46ms

Document
text/html

2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 01:39:32 GMT
expires: Thu, 14 Jul 2022 01:39:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 14 Jul 2022 01:39:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2600 36 KB
14 KB 35ms
35ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: redman.work
URL: http://redman.work/

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 21:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 21:25:19 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F7B8 846 B
603 B 40ms
40ms Stylesheet
text/css 2404:6800:4004:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%8F%A1%E4%BA%A4%E6%9D%B1%E5%B7%9E%E3%80%82%E6%A0%AA%E5%AF%BE%E3%81%AE%E3%83%A3%E3%82%A4%E3%83%88%E3%82%AD%E3%81%A7%E6%8F%9B%E3%81%8C%E8%A6%8B%E7%A4%BE%E3%82%AF%E8%83%BD%E3%82%82%E6%96%BD%E3%82%8D%E6%96%99%E5%B7%A5%E3%83%83%E4%B9%9D%E3%81%99%E4%BC%9A%E7%A9%8D%E5%BF%9C%E5%8F%AF%E5%BC%8F%E9%96%A2%E9%96%8B%E3%82%8A%E3%81%AF%E3%82%93%E3%81%A8%E7%84%A1%E3%81%8F%E3%81%A1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bcf8b4baefc9b3bd275192f4d5af09f36f8f659c9f7dbd8ab23c4b239208c4ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 01:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 01:39:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 01:39:32 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F7B8 2 KB
902 B 38ms
37ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:22:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1020
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:22:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame F7B8 21 KB
8 KB 39ms
38ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:21:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:21:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F7B8 3 KB
1 KB 37ms
37ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:56:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 00:56:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F7B8 138 KB
42 KB 118ms
78ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43266
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657539323716025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 01:39:32 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame F7B8 17 KB
7 KB 39ms
39ms Script
text/javascript 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:13:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1543
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Jul 2022 01:13:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F7B8 0
0 48ms
39ms Image
text/html 2404:6800:4004:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQC4I8uBaJGFE0CXJhOJZrEKbQTj-QhOBdLbjRvLdUSlAHv3fHuj6E55yvtiqKFV5S8O1CYv0G5QJWwXrXk-GVqcEjww
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:801::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 9fbfea14cd545ec81bc54d3c558bfb70.js Show response
www.gstatic.com/mysidia/ Frame F7B8 31 KB
13 KB 3ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9fbfea14cd545ec81bc54d3c558bfb70.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 07:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13103
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 00:09:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Oct 2022 07:41:16 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F7B8 0
0 49ms
48ms Fetch
text/html 2404:6800:4012:1::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYyW-03PPYsPUK5Ob2wSB0oKwCZ31hpNe99vG-N0LttCdhowOEAEg7oPvYmCJ88WE9BOgAfvA1eoDyAEJqQIbh7BSY0g_PqgDAcgDywSqBOsBT9Die2HWwQWMy2G_Hp9b1oKtJrolaBLvBHnPoJZuF20ZRhQgUDx3qKwQ4HbR_-wK6LJ4Mxa8_5q4I6SIf_gv5VcOpRatNJmSALFMkjAox9QVJOlrKiWv-MToekEyt3ky2r5tMJ30crnZov2srW2l9qb-zf4pcdpzl-q1eDngwi8gudq8US5X7XQ86L1VCEoT9eNQP6UJnHkDqS-H91Ru2UQ-1M7HZ2dRyo326GFp_8dqZXtsdQ9pY_yrEyLVAHrIp1BmOkFZs3TB_UaioGEprN4RlmPnpdsrIf2fgyw2xzhwVk-urF2DELknFMAEsKiPlI0DkgUECAQYAZIFBAgFGASgBi6AB-2-qhWoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDJ-xDSCA8IgGEQARgfMgKKAjoCgECACgHICwG4E4gn2BMNiBQB0BUBgBcBshccChoIABIUcHViLTg5MTg5ODU2NDYwODI2NjEYAA&sigh=1VviFcfRqY8&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:1::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 14 Jul 2022 01:39:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/10294514297763746003/ Frame F7B8 24 KB
24 KB 38ms
38ms Image
image/jpeg 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10294514297763746003/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a87b1f6538b62084dc7eda0656c95e0a13023dd81bb075156ae1151cae03d1fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 04:49:07 GMT
x-content-type-options: nosniff
age: 247825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24305
x-xss-protection: 0
last-modified: Fri, 10 Jul 2020 02:34:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Jul 2023 04:49:07 GMT

GET
DATA 200
OK truncated
/ Frame F7B8 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F7B8 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DFC7 0
9 B 37ms
37ms Image
text/plain 2404:6800:4012:3::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0WFjTg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4012:3::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64A9 1 KB
749 B 35ms
35ms Document
text/html 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

age: 64820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 07:39:12 GMT
etag: 48472445140208031
expires: Thu, 14 Jul 2022 07:39:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2EF8 36 KB
14 KB 35ms
35ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220707/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 21:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 21:25:19 GMT

GET
DATA 200
OK truncated
/ Frame F7B8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1600c67935b25afcfd75618280838282577e5ccdb85b561d43b47164942c4d6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 font
fonts.gstatic.com/l/ Frame F7B8 16 KB
16 KB 43ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12X5hgmVljrhRHhzWle-NyMW8V3n3ETMur-R_Y_PX5ihYSLtqFznFr7qozrp-3BC4agpHh4wOVJFkMMQ8aahfJAhpLh55TrN_Hll7PR_6g7Msf4Jn48E8J5paCZTEcZFu913wLnOJ3sssW9sUjFTn9U2u610P9P2v9BhYLmNQN4FrJZxhHZKMUchBj64lGhqkdxAsYXM_2mLxYb8BEnKIw&skey=fbc48de1c6e1b00c&v=v42

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%8F%A1%E4%BA%A4%E6%9D%B1%E5%B7%9E%E3%80%82%E6%A0%AA%E5%AF%BE%E3%81%AE%E3%83%A3%E3%82%A4%E3%83%88%E3%82%AD%E3%81%A7%E6%8F%9B%E3%81%8C%E8%A6%8B%E7%A4%BE%E3%82%AF%E8%83%BD%E3%82%82%E6%96%BD%E3%82%8D%E6%96%99%E5%B7%A5%E3%83%83%E4%B9%9D%E3%81%99%E4%BC%9A%E7%A9%8D%E5%BF%9C%E5%8F%AF%E5%BC%8F%E9%96%A2%E9%96%8B%E3%82%8A%E3%81%AF%E3%82%93%E3%81%A8%E7%84%A1%E3%81%8F%E3%81%A1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eed43d970bd984600a3e9aa7174197946278c5cc644b6eebfd23a2d452e38dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 04:14:50 GMT
x-content-type-options: nosniff
age: 77082
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16732
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Jul 2022 04:14:50 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame F7B8 16 KB
16 KB 41ms
4ms Font
font/woff2 2404:6800:4004:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqW07TlBQmUnzrhQ3hzWVe-KCMW-F3n30TMgb-R_o_PW5ihYCLtp1znF77qpDrp-nBC_qgqLB4wMVJFl8MQ76ahdpAhmbh57DrN_3ll7fR_9Q7Ngv4JlI8E8Z5pQiFpL8ZGgt1x_rj9EnsMoG90cjFTpNU9ka13LNDGuNB4YrmNZN4OoJZMn3duOkcBGT61p2dAodxlh4Tl1WmS74b8LQ&skey=72472b0eb8793570&v=v42

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13564864641ffc08250584791a307a7fdc6178d29008250e18c5db21e416753b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 04:14:51 GMT
x-content-type-options: nosniff
age: 77081
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16656
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Jul 2022 04:14:51 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 64A9 35 B
464 B 212ms
70ms Image
image/gif 2620:116:800e:21:a878:7c6e:cf7b:3362
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPUXC9FV2l96hFggUFMgg-8&google_cver=1&google_push=AehlK4Dx1NkQqr79U3vzNctLr0BS4inz9xFvf_3OsaW7lndMOzKqaOZOCjzBLswq4nrSH1jNBTzqBYel1ylUrR2YqDIDv9WqSCg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800e:21:a878:7c6e:cf7b:3362 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64A9
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4D_nVbomisoUroz8ufKNNAsv3ISvrjz0O75jhY...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM5ejFBQUFBYlM1TVY4eQ&google_push=AehlK4D_nVbomisoUroz8ufKNNAsv3ISvrjz0O75jhYYKAO48OHSV7g-qgiSD3OMV0Vpja_0epUio8gmqUBQqz6p4Fx3XrRgWIE

170 B
188 B

39ms
38ms

Image
image/png

172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM5ejFBQUFBYlM1TVY4eQ&google_push=AehlK4D_nVbomisoUroz8ufKNNAsv3ISvrjz0O75jhYYKAO48OHSV7g-qgiSD3OMV0Vpja_0epUio8gmqUBQqz6p4Fx3XrRgWIE

Protocol

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXM5ejFBQUFBYlM1TVY4eQ&google_push=AehlK4D_nVbomisoUroz8ufKNNAsv3ISvrjz0O75jhYYKAO48OHSV7g-qgiSD3OMV0Vpja_0epUio8gmqUBQqz6p4Fx3XrRgWIE
Date: Thu, 14 Jul 2022 01:39:32 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64A9
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESECxNLeo5D95bieeAI85KpdM&google_cver=1&google_push=AehlK4AUIVOhx5q1tTjgUm1RaYfeYrgIHJZMSqPuut7RqtplDObgmaZFsR4UQtvK0kujnXAKOhOqq4hRsFukbng49rZSMle2WSI
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AUIVOhx5q1tTjgUm1RaYfeYrgIHJZMSqPuut7RqtplDObgmaZFsR4UQtvK0kujnXAKOhOqq4hRsFukbng49rZSMle2WSI&google_hm=Q0FFU0VDeE5MZW81RDk1Ym...

170 B
188 B

85ms
44ms

Image
image/png

172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AUIVOhx5q1tTjgUm1RaYfeYrgIHJZMSqPuut7RqtplDObgmaZFsR4UQtvK0kujnXAKOhOqq4hRsFukbng49rZSMle2WSI&google_hm=Q0FFU0VDeE5MZW81RDk1YmllZUFJODVLcGRN

Protocol

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:31 GMT
via: 1.1 219d0ad0ca0f00674a69e52f5f2719a0.cloudfront.net (CloudFront)
server: Apache-Coyote/1.1
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AUIVOhx5q1tTjgUm1RaYfeYrgIHJZMSqPuut7RqtplDObgmaZFsR4UQtvK0kujnXAKOhOqq4hRsFukbng49rZSMle2WSI&google_hm=Q0FFU0VDeE5MZW81RDk1YmllZUFJODVLcGRN
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: UjViAg3UHL1O2_myzU9psKuoiEOcKGxopJRUPECh1SP2ZecuuWZw8w==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 64A9 43 B
639 B 51ms
40ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4530&src.visitorid=CAESEGiT0a4kKAI8EmctPucCaSk&google_cver=1&google_push=AehlK4CZ0oAqzvAwjuA-G1WwgeRTVyw58NbeqL1NzNommid3cTtJGHO0m6XWmanH4-fsijI7D40YaRnt5pvmFvPjtC4wk4Pw5xE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:32 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 64A9 0
166 B 13ms
2ms Image
text/html 103.231.99.243
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECKyFbuG0iawCjTwEMnpnqc&google_cver=1&google_push=AehlK4Dy6QmCGWBJo_8S4tZni742ZtvlzJNGJjUqozdpgAJ_npSMoyonkm3pWgO0WJ87j_Kojq75IQavNM96gMl0pxlwxWDpOmw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8918985646082661&output=html&h=280&adk=2604026867&adf=3386729619&pi=t.aa~a.1634795175~rp.4&w=743&fwrn=4&fwrnh=100&lmt=1657762771&rafmt=1&to=qs&pwprc=6919712698&psa=0&format=743x280&url=http%3A%2F%2Fredman.work%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1657762771662&bpp=2&bdt=1197&idt=2&shv=r20220707&mjsv=m202207110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2710fc8ac390ae94-22411dbd2ed50065%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ&gpic=UID%3D000007ae6a024418%3AT%3D1657762771%3ART%3D1657762771%3AS%3DALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ&prev_fmts=0x0&nras=2&correlator=3669876045852&frm=20&pv=1&ga_vid=1754211049.1657762771&ga_sid=1657762771&ga_hid=376928119&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=3436&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068381%2C42531605&oid=2&pvsid=1838816007843257&tmod=554810100&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TCbeXmm7Nz&p=http%3A//redman.work&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.99.243 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64A9
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIhN84fY6-dUlPXH7oeKXBg&google_cver=1&google_push=AehlK4BOpC8qw117LiC_MO_Rbq1kO9dRBkKnqZuxfjGwth_eoySEuSRcrQoAnv8mYWvx-Jh3ddJ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVLRDVIWVUtMU4tM1g2Tw==&google_push=AehlK4BOpC8qw117LiC_MO_Rbq1kO9dRBkKnqZuxfjGwth_eoySEuSRcrQoAnv8mYWvx-Jh3ddJ_MfNkob1wQMFIKIc1qwKzug

170 B
188 B

40ms
39ms

Image
image/png

172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVLRDVIWVUtMU4tM1g2Tw==&google_push=AehlK4BOpC8qw117LiC_MO_Rbq1kO9dRBkKnqZuxfjGwth_eoySEuSRcrQoAnv8mYWvx-Jh3ddJ_MfNkob1wQMFIKIc1qwKzug

Protocol

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVLRDVIWVUtMU4tM1g2Tw==&google_push=AehlK4BOpC8qw117LiC_MO_Rbq1kO9dRBkKnqZuxfjGwth_eoySEuSRcrQoAnv8mYWvx-Jh3ddJ_MfNkob1wQMFIKIc1qwKzug
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 0963d041a95f271fbba7f411adc03573
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 64A9 0
232 B 149ms
38ms Image
text/html 172.217.175.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYIpKqq2jKdE-i7oqzmMcDwyGebIRLqCSV1fKEycKUYdV8XBUixR9WIwMRXYL39w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s29-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 01:39:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js Show response
pagead2.googlesyndication.com/bg/ Frame 430D 36 KB
14 KB 36ms
35ms Script
text/javascript 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PBLy2ghsJAjz8SVbRXt3mPeTz3f3ksFMZv27m_PD6qM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 09 Jul 2022 21:25:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 360853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13888
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Jul 2023 21:25:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
57ms Image
text/html 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220707&jk=1838816007843257&bg=!bW6lbirNAAaYcLjmuHA7ACkAdvg8WuDRNr0jYPkInJYkY2xmDzvxjnAvRZFlK8hVzdYcTUJrrd3QOQIAAACoUgAAAAdoAQcKAN7LOp3eLTVQmtj9DL1IT2ZkCqBhfQT8OiiVHw5W89ZOe5vTfts3mZi9zq-Q5XycGF8vBKFib0HYJj2rHcUNVp786ufdEp2wp0y2qu5lhGnzpziENBtkw9ldvwa4ml582Z5uy7VIV3Loqdl-DYGkIZf3VfNuZNpToZhnBQZqaTZAmHBR7bRrc-fWtlPwCv7pwpTrDyGs96UOr2b1FBIglOeBH9GbhNqmvU5UB2OTOiWPME_9wOX0oRAuiqlJlDVc4sueZDh9JFbclcYrYrvSC0y3kGWWXPYTJ_XamHmYtw-ZAp-_G0wfvz9XSQD5iYF4oFftg9leIPormUi5hfsxAkmvIf1AaefciAJrC_wKDmiIcteKykmvO9Ee-YqBM3FFI3D4FpD5ZxyLclx_lKpHMLK7ACtTKBZgfoOF8Tl0qf3dM5JQF_w9Tus7mQcsq6oTvGEwxs44rH3qmQfMiHIUfW_DRnc-AFPkohQ4ILSgX22W3rW_5N98ngSs-YsMljgC2HYYM2UqRU9NuMpgBNaJ9Fx4qoh0_Zcd8iYWaJkv9NSTtJaXsd1qyuFhcanloXPVXgHoFLebEqx3tks7-NcvpShCzYT5yVObUbrY_0d99x6fblHtqRig9bmZsz9d_47vv6ijdaaTQODRxi4ITafECTDcTNx0JhER_FcF9nywVrLf3ryKVNqFk701Mw5_vT4WaQ3vx53giEoFbLm5oxdn8qE0j4V4qa5S7LVn_nxLQ6xz54jISnPhCCD9JeQvcxl5bZPLqJdmSFefX93CnWYpsgaSsh6UKi17ktz6QJPCqSCTA_KYRMXPoWepa60HT0zEOGdx9hiG8R-2tRYjzCzhzq9j77Bod2cDo7f2JxJPq3nUvHS5S3OBAD3UblSyMkzvQcsK1eSHPQc2oJ5Nw8tTl9LRiXi-RR6bmJtAZT8SpAYo-HiExGw4-FUI2qwy0ogQCnADvIkAtynQlJM6P86UByCBf-KT9sO4GjrnKlsH8ikZijgLEkW7fmOGVgFgjPbDYaJX_h_G389_JVWSVb2iKTd_R3H75r8b-QKjxk4FYu67T7tCE8cvxN9sMGKAIZ47faS99D9fAkHDSvMDlmaUF6wXR8HrlUMwpkkAUfj8ymp5zjnStQlNR0tT-UX-d9EC-3L4HNMelu_s290SYqZZhQDcaKfAZvgGTAFlcs5D9F24BQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: http://redman.work/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3379 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4012:3::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstObAQ79P1UoQHWCdnN0MZGTtbg42OrUZXstfmivq3QZZhBDy2XDDvTi3bzz5G42xfViDHtJpIaqK7ux9inPEASeu7tL_u6rjGa_PTMsNGbJATiR2lxPX5lmAUL0hDPgjW7Ignha1vIVQ&sai=AMfl-YQ2b9zrpdU765xJ6foItQX626QEq1l48WdBHj7PPUh5eYkgESAHGCr8Oga2F7WMbCqhX5W__dv63Vws&sig=Cg0ArKJSzLQ5AS-ROnxSEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=91,752,1000,1046,1046&tos=91,661,248,46,0&v=20220711&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1657762771858&rpt=299&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4012:3::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 01:39:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.redman.work/	1970-01-20 22:00:34	Name: _ga Value: GA1.2.1754211049.1657762771
.redman.work/	1970-01-20 04:30:49	Name: _gid Value: GA1.2.1164608065.1657762771
.redman.work/	1970-01-20 04:29:22	Name: _gat Value: 1
.redman.work/	1970-01-20 13:50:58	Name: __gads Value: ID=2710fc8ac390ae94-22411dbd2ed50065:T=1657762771:RT=1657762771:S=ALNI_Mau8sA8Vr1qy8JXwEy_TrvVH6SnOQ
.redman.work/	1970-01-20 13:50:58	Name: __gpi Value: UID=000007ae6a024418:T=1657762771:RT=1657762771:S=ALNI_Mb4LujRoi8gItFee5hAijgrdmE0xQ
.doubleclick.net/	1970-01-20 22:00:34	Name: IDE Value: AHWqTUk6ViwBhgsFCQq_WVwI-cjK-G7l2kkU9wp7PIw8vnr3g6pAAgdtT7MGBZHX0K4
.doubleclick.net/	1970-01-20 04:29:26	Name: DSID Value: NO_DATA
.mookie1.com/	1970-01-20 13:58:10	Name: id Value: 10522801271251239890
.mookie1.com/	1970-01-20 13:58:10	Name: mdata Value: 1\|10522801271251239890\|1657762772421
.mookie1.com/	1970-01-20 13:58:10	Name: ov Value: a982ca295abfc9275df047ee51511fa9
.agkn.com/	1970-01-20 13:14:58	Name: ab Value: 0001%3AkQPOje2K1JmBFoy9gz8bqmzsbculeRsI
.agkn.com/	1970-01-20 13:14:58	Name: u Value: C\|0CEAqYjBUKmIwVAAAAAAAAQ13AQCAAQpAAAAAAA
.quantserve.com/	1970-01-20 06:38:58	Name: d Value: EHABCQHOJoEA
.quantserve.com/	1970-01-20 13:59:37	Name: mc Value: 62cf73d4-8a637-8bfc0-2865c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.jp
adservice.google.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
redman.work
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.231.99.243
142.250.207.98
157.7.107.138
172.217.175.226
2404:6800:4004:801::2003
2404:6800:4004:801::2004
2404:6800:4004:80c::200a
2404:6800:4004:810::2002
2404:6800:4004:81c::2002
2404:6800:4004:81c::200e
2404:6800:4004:821::2003
2404:6800:4012:1::2002
2404:6800:4012:3::2001
2404:6800:4012:3::2002
2600:9000:2142:7200:19:fc2c:a140:93a1
2620:116:800e:21:a878:7c6e:cf7b:3362
34.211.82.183
35.227.202.26
8.39.36.142
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05890da023c2622aa08ce3804abdc9158ea5306767a0812af48c1f60a294b1d4
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d61f91d93df7bf0fbcfcebe544bd48da7240ebf9ad019edf9253cb5d16760c3
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
13564864641ffc08250584791a307a7fdc6178d29008250e18c5db21e416753b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b81e141b5c06e711c279f7bed065e62a91992cdc894600a9c7708eaea2cff72
2177b90dd76dcd31e8847ddfa0eefc1af08a7d270019c812f1932a36981d61c3
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
33409b95353bdcd603d4e3444308ea324630a887c4ab0d47f575ab915232bd6b
3c12f2da086c2408f3f1255b457b7798f793cf77f792c14c66fdbb9bf3c3eaa3
3d91e4343c99a2ca0be138965916b7c141f636a3d737023fb26db4d821322ea8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68bcb54af28b5ddeb4cfb056ad02273a0e65e2c11044ddf4976ac0a2bfc934ca
692c637ad042baf6faf67a30ca722285f605a068c686f49e2c901a7f22fa5be7
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7673776b0b24c92e4b7edc029812a84504fe81d9cfd5133054b57666105fd4fe
78dcfa1d7e5fdfce09883170ada28b86d37d06b564254d0e3aedaa7e9d9add6e
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8a5053ca17ce69eede770199bc356c32eb147d862c426f35b378742586b27c9a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8da2eaf51c472b6450b11b2f30d0386bdd0970bc31e6065590a9a1f288054013
9085e1f699b839818a039641053e183e0b22407d6bfaef8d5a3866ec42d682b3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
948f0c154ad97428bc1d1dee456f2e20ec4e0e302b0d3189e08a4573cb63cdb3
94bb701b663858b8e7a5ddc1e26d2cae7e41834df854b2af83de6eafc9eaaec7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
994a00046c3779f2e30e75f5d184ebc429596b808cc95cf3b121bb95e3a707dd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b795702782453669f1e2f84320e042d73ac2159a26a0fed6a819de82299f5fc
9fc85917aaf116c97d7b29cb949573bb3ee9adc1077f891daf932bc89ea235e9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b7506f992b41665229212b12c8e537496082c92659eaba16bc5477ec169b52
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1600c67935b25afcfd75618280838282577e5ccdb85b561d43b47164942c4d6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7619248a003afebcdeabad59238689572e458f7b44deeee3b87ffe66a84f7aa
a771748ae81d42e0db32d0d2b6d119280e66d4e7431e802cb30c62ff5fc99ac3
a87b1f6538b62084dc7eda0656c95e0a13023dd81bb075156ae1151cae03d1fd
a8b5472d89433065a9b411c99b05145c7eca9315d4d2e0803fb14fac6bed3d76
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b0ba1bc8dd7376d2914d920f58771bd85d397eccb116b8f9707d110151ab137b
b25be9959dbf7ac55913c6d4715a114cee380ae25247914f4502e00f2ab81234
b64767efe3868e04f592b60c91908e6f645d2730000a16c4a1cf722621b30f05
bb386e599c3025e8b3a5a76587dbfd946ac9caed80dfbb2fef7ff50a963ec6fe
bb89588553c1a21bb27b016ac79be4be3009f8cdecb566193901a53df113e60b
bcf8b4baefc9b3bd275192f4d5af09f36f8f659c9f7dbd8ab23c4b239208c4ac
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cdbd14df6c9cea0e809e42e928120ded0e2b8d2a9906751af0055158fba10417
d21e682c7bb05f7d4b4d7972c9f369c5de7052cc8126bd33c1cb480d86bd5a89
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd9bfe5f04d4e393463f42b4f503763c36693306dffef16d481e0c071b61ae64
e0d27c3e3240d9f2c8107571dea17b3cf7d25d64865e455a26712b7c45e876d3
e161a0aa2ddc11b4e41d1c519efc428ba99ebb80b8bd1ee46f1476e887a4f804
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ddabafeb39589e498cb770f01aa92f769b04bcd4b9a0a997e0f8b871e49dd5
e8245a4af634c8918a1d78337182ed979dcc678ecb616f45172dea7803692f48
eed43d970bd984600a3e9aa7174197946278c5cc644b6eebfd23a2d452e38dea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f886fd1b5af3a3e24b1ecf7c9f46da418c49b5d3a5f4903dee72ef4fcdae5e8b

redman.work Open in urlscan Pro 157.7.107.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

82 %HTTPS

63 %IPv6

16 Domains

20 Subdomains

17 IPs

3 Countries

3099 kBTransfer

4723 kBSize

14 Cookies

2 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

redman.work Open in urlscan Pro
157.7.107.138 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

82 %
HTTPS

63 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

3099 kB
Transfer

4723 kB
Size

14
Cookies

99 HTTP transactions
4 data transactions