urlscan.io logo urlscan.io
SecurityTrails logo

www.promosgo.com Open in urlscan Pro
45.79.150.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://45.79.150.226/
Effective URL: https://www.promosgo.com/
Submission Tags: krdprod
Submission: On September 16 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 118 HTTP transactions. The main IP is 45.79.150.226, located in Cedar Knolls, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is www.promosgo.com.
TLS certificate: Issued by R3 on July 24th 2023. Valid for: 3 months.
This is the only time www.promosgo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 45.79.150.226 63949 (AKAMAI-LI...)
19 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 13 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
14 2404:6800:400... 15169 (GOOGLE)
20 2404:6800:400... 15169 (GOOGLE)
7 2404:6800:400... 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 4 2404:6800:400... 15169 (GOOGLE)
1 1 202.233.84.8 131957 (MICROAD M...)
2 9 142.250.198.2 15169 (GOOGLE)
2 4 104.18.27.193 13335 (CLOUDFLAR...)
4 142.251.42.130 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.124.209.251 396982 (GOOGLE-CL...)
1 1 18.177.11.95 16509 (AMAZON-02)
1 1 185.196.197.130 39572 (ADVANCEDH...)
1 133.186.161.88 45974 (NHN-AS-KR...)
1 1 54.92.42.8 16509 (AMAZON-02)
1 1 184.27.185.21 20940 (AKAMAI-ASN1)
1 142.250.207.2 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
118 21
17    45.79.150.226 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 45-79-150-226.ip.linodeusercontent.com
45.79.150.226
www.promosgo.com
19    2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2404:6800:4004:822::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2404:6800:4004:821::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2404:6800:4004:818::2002 (Australia)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
14    2404:6800:4004:825::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
20    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2404:6800:4004:827::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
3    2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2404:6800:4004:80a::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2404:6800:4004:828::2006 (Australia)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    2404:6800:4004:811::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
9    142.250.198.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f2.1e100.net
cm.g.doubleclick.net
4    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    142.251.42.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net
www.googleadservices.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.124.209.251 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 251.209.124.34.bc.googleusercontent.com
um.simpli.fi
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    185.196.197.130 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    133.186.161.88 (Japan)

ASN45974 (NHN-AS-KR NHNCLOUD, KR)
app.cauly.co.kr
1    54.92.42.8 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-92-42-8.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    184.27.185.21 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-27-185-21.deploy.static.akamaitechnologies.com
analytics.pangle-ads.com
1    142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
39 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
502 KB
23 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 396
175 KB
18 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1542
www.google.com — Cisco Umbrella Rank: 2
63 KB
16 promosgo.com
www.promosgo.com
220 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
96 KB
5 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1183
www.googleadservices.com — Cisco Umbrella Rank: 151
603 B
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
227 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 56
4 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 980
s.tribalfusion.com — Cisco Umbrella Rank: 2310
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
309 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2910
1 KB
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 24924
515 B
1 cauly.co.kr
app.cauly.co.kr — Cisco Umbrella Rank: 66501
161 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11310
293 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 72481
684 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 943
716 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 30518
397 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 331
90 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
80 KB
118 20
Domain Requested by
20 tpc.googlesyndication.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.promosgo.com
tpc.googlesyndication.com
19 pagead2.googlesyndication.com www.promosgo.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
16 www.promosgo.com www.promosgo.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
13 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
www.promosgo.com
googleads.g.doubleclick.net
9 cm.g.doubleclick.net 2 redirects googleads.g.doubleclick.net
7 www.gstatic.com googleads.g.doubleclick.net
4 www.googleadservices.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
www.promosgo.com
3 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 googleads4.g.doubleclick.net www.promosgo.com
1 analytics.pangle-ads.com 1 redirects
1 ds.uncn.jp 1 redirects
1 app.cauly.co.kr googleads.g.doubleclick.net
1 s.uuidksinc.net 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 s-cs.send.microad.jp 1 redirects
1 s0.2mdn.net googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com www.promosgo.com
118 27

This site contains links to these domains. Also see Links.

Domain
uk.promosgo.com
fr.promosgo.com
au.promosgo.com
de.promosgo.com
Subject Issuer Validity Valid
www.promosgo.com
R3		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.cauly.co.kr
Sectigo RSA Organization Validation Secure Server CA		 2023-02-17 -
2024-03-06		 a year crt.sh

This page contains 18 frames:

Primary Page: https://www.promosgo.com/
Frame ID: F460E2EDDEE407E25F7C70B83DD5FB17
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Frame ID: B3A87B35CB1F79103D105F8ECB55D9E1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3347751211128375&output=html&adk=1812271804&adf=3025194257&lmt=1694853406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.promosgo.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885805814&bpp=3&bdt=449&idt=188&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6513370099808&frm=20&pv=2&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: F580D6C66C8D9560D6784304AB3EE34F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Frame ID: 2A3BA44EE032A86CA55F99D5464A2DD9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0092D57DAB909FDA103ACB52F36A0729
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: 646DAA10F46C4B02044BF8FE8E6AC12B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Frame ID: CE23ED9559726682455A6E9459720C23
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPDyAIQkNrxAhjRzIr2ATAB&v=APEucNW6esHM_v6pnOSpxjM0q_lFtv9apDkAdzlCLQrZGVKQ11U0guu7TgYBJrU0dN1k8_uKVdemhFxTmukKWHMybWHv7uRGug
Frame ID: ADCCBC028661B09C7C16C0E5D98602DF
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Frame ID: 7B389E2CFE9FEBF19FA3576C35E7A98C
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D5056602F937C8F7F2FC78309EAFE55
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 68C8891769B52BFDC50590FBF50A3D38
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FD8CE08007F7324DBB6EF9EB496B70FA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2167B49556E2A20453C241055A2591DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C22D631A58A735AA1807DBF9BD5E7EF9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Frame ID: 30E2E1270B0C4D7548E2CAE1DFDE8B05
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Frame ID: CD63AF0BDEFF8361D457D29C4BF15FCD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F38957A64DBB2EF9992C56A058263962
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Frame ID: 9CFA85411043D76CFC0CF72B4B4A0710
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🏆PromosGo coupon codes - save much with coupons and deals

Page URL History Show full URLs

  1. https://45.79.150.226/ HTTP 302
    https://www.promosgo.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

91 %
HTTPS

54 %
IPv6

20
Domains

27
Subdomains

21
IPs

6
Countries

1460 kB
Transfer

3699 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://45.79.150.226/ HTTP 302
    https://www.promosgo.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
Request Chain 64
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQXnrzwhMBorEnFjKyU8eAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
Request Chain 70
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 75
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CBK-GrucFZaS9CJjSqAHTu7fwAZ3N1e5u947H098Qr7KF0pQOEAEg9dGPN2CJ88WE9BOgAYz2ovMCyAEBqAMByAPDBKoEwwFP0Iweze7zYmWS2YBoVfBBcGbx6SQ5lolodaWXV9q8e-9OEiLaYjCVuv6ep_TRW5irUmSDzuvqGWNRcMuZkcJNamAfLaYTERsP3vwHxKvszczCKMNlU8IyE6Rb44I9GZkr5uQTLF-4hIfUGEf584EP7ue4Yh8cQaOK_YTRBKaiMxb25z7_jj36WQ1nZA7H2XRDa6XRshPnjP-A04pKSts2kuGOEjAX5c7KAb-mbX-UKqBxfvO1mmSL18mZjq63CbOU-eHABL2fnbWQBIgF9v-TlkWSBQQIBBgBkgUECAUYBKAGZoAH3IndjAGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDrsgPSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJLWh0dHBzOi8vYW5pbWVhcGUuY29tL2FuaW1lLWFwZS1kaXNjb3VudC1jb2RlL4AKAcgLAdoMEQoLEIDplIfAqJrI0AESAgED2BMLiBQB0BUBgBcBshccChoIABIUcHViLTMzNDc3NTEyMTExMjgzNzUYAA&sigh=dMeq-rZEqXw&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWEDqZbsRGPnYZWUEIfNyK-StxJJn63RgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8391a13843d0dc640000000000000000%22,%222%22:%220xc8eda1aac409e6f90000000000000000%22,%223%22:%220x4c0379d9b7f389710000000000000000%22,%224%22:%220xec6012d547b8f3ad0000000000000000%22,%225%22:%220xd3e8a154ec1b92760000000000000000%22},%22debug_key%22:%2218410272346377630889%22,%22debug_reporting%22:true,%22destination%22:%22https://animeape.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22778615564%22],%224%22:[%2209-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215489773370136361201%22}&andc=true
Request Chain 92
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECaU5_ECm_uuwOWnptwfyUM&google_cver=1&google_push=AXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECaU5_ECm_uuwOWnptwfyUM&google_cver=1&google_push=AXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 93
  • https://um.simpli.fi/gp_match?google_gid=CAESEK3utqst2qAoETKCW9XqtI8&google_cver=1&google_push=AXcoOmQs0pvXBzgG5RlQH_uj-I4SJO0lEtW_DxoC_Gw4Gy0J6nkqff9I-2goR0xpLm1gmvqIkrYjkGwzbk4JEmJF0tyOFU6pGGiMRw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5A8DC3264344CE89A956CE5D073B97&google_push=AXcoOmQs0pvXBzgG5RlQH_uj-I4SJO0lEtW_DxoC_Gw4Gy0J6nkqff9I-2goR0xpLm1gmvqIkrYjkGwzbk4JEmJF0tyOFU6pGGiMRw
Request Chain 94
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEMtuarUFx9hZtvzqpi8F7xo&google_cver=1&google_push=AXcoOmQqG5AWt_1DyVwMyAkArXLFhIa1mJwWihsJjN8O1lq1GMVM6mQM3k84fyaCGGrcEssoOirg5nNzuGEVFevCvSLqBHdOGcGaVhE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQqG5AWt_1DyVwMyAkArXLFhIa1mJwWihsJjN8O1lq1GMVM6mQM3k84fyaCGGrcEssoOirg5nNzuGEVFevCvSLqBHdOGcGaVhE&google_hm=NTZPSGFsMDBRQkRITjAwNkFWMEs
Request Chain 95
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENWNjTUCw1Cbh4usm_237Vc&c_param1=AXcoOmRU11iWJ9jIxLJn8GA7iSk3q3qKV3Lu1rkTPwAP4PcJRCarjQxPKZG5E0v-UlJCK_CnFZQMXDdOAq45C2Qs4Yud-NQqx7x2kU0&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRU11iWJ9jIxLJn8GA7iSk3q3qKV3Lu1rkTPwAP4PcJRCarjQxPKZG5E0v-UlJCK_CnFZQMXDdOAq45C2Qs4Yud-NQqx7x2kU0
Request Chain 97
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEG9hGYYhEORtfisNsXKNqlA&google_cver=1&google_push=AXcoOmSCFjmB9bcnK1mX4zAIzXrR2ZT_MT8k2bHG7Lw-XwHc8QvAxRUXI0oaGA-eD3LdEW77PfUWRrEKWgCW49J6H60E_yyZUwxrH70 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSCFjmB9bcnK1mX4zAIzXrR2ZT_MT8k2bHG7Lw-XwHc8QvAxRUXI0oaGA-eD3LdEW77PfUWRrEKWgCW49J6H60E_yyZUwxrH70&google_hm=ARRSFxBOtEBYqOQ2CdTvZjY
Request Chain 98
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESECRErjP0vy40JG9OZBe94tY&google_cver=1&google_push=AXcoOmTJ2mQd-lFwX4tITPUJ0kvEQALfUh6VyvFcm7PGxvZGRwKuYevvetXZJJPeOeLVtfUzmDtIwT7xewMckDmWsI8nCDsfpflQ1Kzq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTJ2mQd-lFwX4tITPUJ0kvEQALfUh6VyvFcm7PGxvZGRwKuYevvetXZJJPeOeLVtfUzmDtIwT7xewMckDmWsI8nCDsfpflQ1Kzq
Request Chain 103
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CNjLurucFZf7IO5WRqAGLtbXID-2CqM5vif-z1J4R29keEAEg9dGPN2CJ88WE9BOgAerp6uYCyAEJqQII7SoEJuGxPqgDAcgDywSqBMcBT9CUJXIS4ceKDGUB5WWMUMaGtaz8Lcy5q7U6PnUr48GRpPDA2aro7caaGz959R6IOVwbPZ806t9H9Zto3QD-EFXh0tZwVdeH0Qu9jVLOOYXpS06uApzvmoSKxMN9GhYzutYnAC3fSqzDh8RbtiL7uCQDe9FJWkMfSszY-JXkT--A801CnmHaf0kUThjDH19cu6ms7GUHwK_uU35Lbt9fSEp8-wGgLTOiX0v2MGf9LyLP0JQSGGBe9dkv3t7n0UKdHfhoVDt6e8AE1rSUoJ8EiAWlht2WSZIFBAgEGAGSBQQIBRgEoAYugAf-lZWZAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOuIAdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mglmaHR0cHM6Ly9ob3RlbGllci5ob3RlbGJlZHMuY29tP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09c2VhcmNoLXBwYyZ1dG1fY2FtcGFpZ249JTIwYWNxX3RvZnVfc2VhcmNogAoByAsB2gwRCgsQkPa_va6x-pbQARICAQPYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItMzM0Nzc1MTIxMTEyODM3NRgA&sigh=d2bOOAyySAk&uach_m=[UACH]&ase=2&cid=CAQSPABpAlJWZvAByHveR1ITAea2cywEnBcPFrVqLjXYcXQpHZehCQcUUFXRkEhYe3ryqkKyUhhNGPca36ScwhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2771d66cf9b34dd30000000000000000%22,%222%22:%220x3dfa31a6f36e35170000000000000000%22,%223%22:%220x287fb535cedfc29f0000000000000000%22,%224%22:%220x65a557217c313e970000000000000000%22,%225%22:%220x5a34aa1094fd186d0000000000000000%22},%22debug_key%22:%224640468610161403962%22,%22debug_reporting%22:true,%22destination%22:%22https://hotelbeds.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22752530666%22],%224%22:[%2209-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211379561900598226209%22}&andc=true

118 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.promosgo.com/
Redirect Chain
  • https://45.79.150.226/
  • https://www.promosgo.com/
55 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx / PHP/7.2.6
Resource Hash
a3e2cb80c40234b2f2a88c830bf8ac827d7cee51ea8ba8ee1bca1230e941746a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 17:36:26 GMT
server
nginx
vary
Accept-Encoding
x-powered-by
PHP/7.2.6

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 17:36:25 GMT
location
https://www.promosgo.com
server
nginx
x-powered-by
PHP/7.2.6
global.css
www.promosgo.com/public/css/ 		59 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/css/global.css?v201709
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
ea83b08d7f5d83056b092ec4784b0ba61dc737656176f8f30a2b5c65d5b428fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 16:31:28 GMT
server
nginx
etag
W/"62336260-eae0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
iziToast.min.css
www.promosgo.com/public/css/ 		22 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/css/iziToast.min.css?v201709
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
515fdc63d3e2c3975825a395c0b45516716dcbfb0d3f1923a3ef469d7b998c7b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
W/"5b1e652a-5890"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a7cebaf1c1e68f32af5e542bf92b3c43a93e1f9627e0441a4f12d7c3234dc658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50706
x-xss-protection
0
server
cafe
etag
4058660736575410298
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:45 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P5S6812Z2K
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
94fedc808946c4a291b3f77f076727d9228cc279a70d107cf1ff9af499314c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81258
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 16 Sep 2023 17:36:45 GMT
ppt1.jpg
www.promosgo.com/public/images/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/ppt1.jpg
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
af2b6e3703532a7f8b5eb544a3cee2fa8edbc9ad623b828cd810bbe0929a1e1c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-1b449"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
111689
expires
Mon, 16 Oct 2023 17:36:26 GMT
jquery-1.7.min.js
www.promosgo.com/public/js/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/js/jquery-1.7.min.js?v201709
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
W/"5b1e652a-16f44"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
clipboard.min.js
www.promosgo.com/public/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/js/clipboard.min.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Sun, 13 Oct 2019 15:51:40 GMT
server
nginx
etag
W/"5da3480c-2a02"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
jquery.lazyload.min.js
www.promosgo.com/public/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/js/jquery.lazyload.min.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
W/"5b1e652a-d35"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
site.js
www.promosgo.com/public/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/js/site.js?v201709
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
d94c847f5bb52c865fc087df9a8959aba74647742b196f35b6da2b1ccfcf8ef4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Mon, 10 Jan 2022 15:27:42 GMT
server
nginx
etag
W/"61dc506e-2ccd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
iconfont.js
www.promosgo.com/public/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/public/js/iconfont.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
5a8ba9904ae71879d5f1dc8d0a90c87832cec64273600d94ec752a13ff10ece9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
W/"5b1e652a-504f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Sun, 17 Sep 2023 05:36:26 GMT
logo.png
www.promosgo.com/public/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/logo.png
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/public/css/global.css?v201709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
d2c802379361c68cfac71aff878a8dd98e42117d53f3939f5ffefb83c3a7534c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/public/css/global.css?v201709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-17b1"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
6065
expires
Mon, 16 Oct 2023 17:36:26 GMT
images.png
www.promosgo.com/public/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/images.png
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/public/css/global.css?v201709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
d5dc32c3b3518e0182fe2e6d59a9ed4690b2f7e038ace03fa8c8b0173be9d9dd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/public/css/global.css?v201709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-5133"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
20787
expires
Mon, 16 Oct 2023 17:36:26 GMT
main_title.png
www.promosgo.com/public/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/main_title.png
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/public/css/global.css?v201709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
c8ef3dfffb808bf9ba58a6cdeb2065f70a6b27c025ba2c6a58e323c78b54293a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/public/css/global.css?v201709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-405"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1029
expires
Mon, 16 Oct 2023 17:36:26 GMT
red_but.png
www.promosgo.com/public/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/red_but.png
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/public/css/global.css?v201709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
189950071cf197c173abc4de30e99db846195dddd600c0480c31aab5dbf2c8e8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/public/css/global.css?v201709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-4be"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1214
expires
Mon, 16 Oct 2023 17:36:26 GMT
green_but.png
www.promosgo.com/public/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/green_but.png
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/public/css/global.css?v201709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
cf8e921337b3b27d2b53c59ebce94b97865f200913fdbbf54165d3eafa77fadf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/public/css/global.css?v201709
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-4bb"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1211
expires
Mon, 16 Oct 2023 17:36:26 GMT
collect
www.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P5S6812Z2K&gtm=45je39d0&_p=102181545&cid=418610547.1694885806&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1694885805&sct=1&seg=0&dl=https%3A%2F%2Fwww.promosgo.com%2F&dt=%F0%9F%8F%86PromosGo%20coupon%20codes%20-%20save%20much%20with%20coupons%20and%20deals&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5S6812Z2K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.promosgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2476cc1b2ae4a53812a7b54c7eeb4e4bc18b35084846bbe72d9748838e413e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131886
x-xss-protection
0
server
cafe
etag
10137954069937067017
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/ Frame B3A8 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
55693
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 02:08:32 GMT
etag
8554266389219770021
expires
Sat, 30 Sep 2023 02:08:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.promosgo.com/api/record/ 		1 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.promosgo.com/api/record/
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/public/js/jquery-1.7.min.js?v201709
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx / PHP/7.2.6
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Accept
*/*
Referer
https://www.promosgo.com/
X-Requested-With
XMLHttpRequest
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.2.6
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
loading.gif
www.promosgo.com/public/images/ 		381 B
554 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.promosgo.com/public/images/loading.gif
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.79.150.226 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
45-79-150-226.ip.linodeusercontent.com
Software
nginx /
Resource Hash
f627b902dbb57bcca1ab7ccba32a015c45d2c84cae719ca5626993d7ced3c428

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:26 GMT
last-modified
Mon, 11 Jun 2018 12:03:54 GMT
server
nginx
etag
"5b1e652a-17d"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
381
expires
Mon, 16 Oct 2023 17:36:26 GMT
cookie.js
partner.googleadservices.com/gampad/ 		391 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.promosgo.com&callback=_gfp_s_&client=ca-pub-3347751211128375
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4b236a112bc6de7aca686ed515cad8bba68a974c97cc6b720e680127c631c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F580 		406 KB
114 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3347751211128375&output=html&adk=1812271804&adf=3025194257&lmt=1694853406&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x945_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.promosgo.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885805814&bpp=3&bdt=449&idt=188&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6513370099808&frm=20&pv=2&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f0d2d45c531fc8104f8f8113a8ded09af91d8a59c29d608c7be0fea32917e2a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
116750
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:46 GMT
expires
Sat, 16 Sep 2023 17:36:46 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230913&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f282f67cc56695f4575fd236066d4a2b5240754fcb7c8225ba226f4886992bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12103
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f661fd9aad67efdd5a963cb7a8840e07edce96fb0f31a4a92a2c42bb611369c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53718
x-xss-protection
0
server
cafe
etag
6161400257830905631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:46 GMT
ca-pub-3347751211128375
fundingchoicesmessages.google.com/i/ 		155 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-3347751211128375?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1744770b7ebaf3ce57367b5b9f9104bd91d42ca907a58bded63c7d9dc7e4afe0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7IifvPu97sL7hiyKSEZaBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-7IifvPu97sL7hiyKSEZaBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 17:36:46 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2A3B 		122 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7cf210bf75628e4c776390c3a62f3bb5eca593299c20c34a7ef8cc7ca0e4ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41983
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
expires
Sat, 16 Sep 2023 17:36:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame 0092 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
24476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 10:48:50 GMT
etag
8554266389219770021
expires
Sat, 30 Sep 2023 10:48:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame 646D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
24476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 10:48:50 GMT
etag
8554266389219770021
expires
Sat, 30 Sep 2023 10:48:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/ Frame CE23 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
24476
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4438
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 10:48:50 GMT
etag
8554266389219770021
expires
Sat, 30 Sep 2023 10:48:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUIF9TAEc-j0YAuCbEH5zyeT2wRsqpcWrSt9At32LfolBF5KumUvZJ-ULkuybFBjkMbcgZCEI9EgSkadzNnVi6dfZ4A3ZBCmUnhEaGt0QfeA8rnSGRN_BC7_GiWeRfFvHs-MUjlqQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUIF9TAEc-j0YAuCbEH5zyeT2wRsqpcWrSt9At32LfolBF5KumUvZJ-ULkuybFBjkMbcgZCEI9EgSkadzNnVi6dfZ4A3ZBCmUnhEaGt0QfeA8rnSGRN_BC7_GiWeRfFvHs-MUjlqQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0ODg1ODA2LDk2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucHJvbW9zZ28uY29tLyIsbnVsbCxbWzgsIkN5VE5lZFo4RHVnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5bce4ccda258db5c30e1af3c21c87411deed4a5381ce433b7c785fedb5594ade
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KdQwj1pfSSrN8PF9xGkzjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-KdQwj1pfSSrN8PF9xGkzjg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
2ab36c0d951b69d9c04f85f5eb613648.js
www.gstatic.com/mysidia/ Frame 0092 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3933
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 09:22:02 GMT
eb24e5338fb35f0e823aa45ca63cea7d.js
www.gstatic.com/mysidia/ Frame 0092 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4726
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:43:22 GMT
css
fonts.googleapis.com/ Frame 0092 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 16:40:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Sep 2023 17:36:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 0092 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
23148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 11:10:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 0092 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 03:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
50907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 03:28:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 0092 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
38904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 0092 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
38905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0092 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:47 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 0092 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 09:22:03 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame ADCC 		448 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPDyAIQkNrxAhjRzIr2ATAB&v=APEucNW6esHM_v6pnOSpxjM0q_lFtv9apDkAdzlCLQrZGVKQ11U0guu7TgYBJrU0dN1k8_uKVdemhFxTmukKWHMybWHv7uRGug
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
expires
Sat, 16 Sep 2023 17:36:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 7B38 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 07:19:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
37032
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 07:19:35 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/ Frame 7B38 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230913/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 23:41:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
64509
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Sep 2023 23:41:38 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7B38 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 08:37:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
205144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13692
x-xss-protection
0
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Sep 2024 08:37:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 7B38 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
38904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 7B38 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
38905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7B38 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B38 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDrjcPriXvzPrMp28-my8-SWwghU8MGVv3H_GmgjbyOm1p2aZr_9XT_Kz5nuFb0OPVAOMr5SMehJew_nfbHwPRu4ROgeggbPN3cXypLHq5j0LGh7A
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
13495893027235252011
s0.2mdn.net/simgad/ Frame 7B38 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13495893027235252011
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:828::2006 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca694a3509ba4552ac0d3c94b24a3d0595bbebcc7a3cccb22015e99cec505448
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 01:28:15 GMT
x-content-type-options
nosniff
age
403712
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
91699
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 19:24:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 11 Sep 2024 01:28:15 GMT
2ab36c0d951b69d9c04f85f5eb613648.js
www.gstatic.com/mysidia/ Frame CE23 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/2ab36c0d951b69d9c04f85f5eb613648.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:22:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116085
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3933
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 09:22:02 GMT
eb24e5338fb35f0e823aa45ca63cea7d.js
www.gstatic.com/mysidia/ Frame CE23 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eb24e5338fb35f0e823aa45ca63cea7d.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 19:43:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4726
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 17:48:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 12 Dec 2023 19:43:22 GMT
css
fonts.googleapis.com/ Frame CE23 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 16:39:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Sep 2023 17:36:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame CE23 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
23148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 11:10:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame CE23 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 03:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
50907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 03:28:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame CE23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
38904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame CE23 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
38905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CE23 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:47 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame CE23 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 09:22:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D50 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
31110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 08:58:17 GMT
expires
Sun, 15 Sep 2024 08:58:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 68C8 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aba62411bca729ebe023f9c50cfe76c9ae3d341c47a533e14c318dcb2a51069a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TAsVww27wWal3608XY5pwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.promosgo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-TAsVww27wWal3608XY5pwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
expires
Sat, 16 Sep 2023 17:36:47 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
AGSKWxXOqum5ubXnh8MAG-ziKskXAbg7S676R-m5Nv2DhFpVTDcMJUDRqdqsAdUs0Jc_rMrRl32v0c9bd-4IPKs0v0NsyhtI0G9vtOngIce1ldRzk-xefAl8Esy8dXL2XJ0Qg0EPUueVIw==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXOqum5ubXnh8MAG-ziKskXAbg7S676R-m5Nv2DhFpVTDcMJUDRqdqsAdUs0Jc_rMrRl32v0c9bd-4IPKs0v0NsyhtI0G9vtOngIce1ldRzk-xefAl8Esy8dXL2XJ0Qg0EPUueVIw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0ODg1ODA3LDY0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly93d3cucHJvbW9zZ28uY29tLyIsbnVsbCxbWzgsIkN5VE5lZFo4RHVnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4c9451b186ad875597545898917cab6510c1ab55c31fff86446696248aaaf882
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-o_OY8U11Ol46XEUtwte-Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-o_OY8U11Ol46XEUtwte-Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FD8C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
205144
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 14 Sep 2023 08:37:43 GMT
expires
Fri, 13 Sep 2024 08:37:43 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame ADCC
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPDyAIQkNrxAhjRzIr2ATAB&v=APEucNW6esHM_v6pnOSpxjM0q_lFtv9apDkAdzlCLQrZGVKQ11U0guu7TgYBJrU0dN1k8_uKVdemhFxTmukKWHMybWHv7uRGug
Protocol
H2
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Sep 2023 17:36:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame ADCC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
43 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPDyAIQkNrxAhjRzIr2ATAB&v=APEucNW6esHM_v6pnOSpxjM0q_lFtv9apDkAdzlCLQrZGVKQ11U0guu7TgYBJrU0dN1k8_uKVdemhFxTmukKWHMybWHv7uRGug
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMNk%2BM%2BfISLZOA%2BtKRjnCNCFsEUlvoADLYoJg8DU4AAWB4OwvlLV1HRW0XU6rzLVji4%2FrSlrgYyM4fWOXZ4ctTY9HbkqGHSsA%2F9RXQZf8GBnTKBS%2BHWa8KccaDrqUZyw%2FwoPHLSyzMX2qw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807adfa78c16b00c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame ADCC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQXnrzwhMBorEnFjKyU8eAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIPDyAIQkNrxAhjRzIr2ATAB&v=APEucNW6esHM_v6pnOSpxjM0q_lFtv9apDkAdzlCLQrZGVKQ11U0guu7TgYBJrU0dN1k8_uKVdemhFxTmukKWHMybWHv7uRGug
Protocol
H3
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipiQwK6Dg0GMc4Yav%2Fg14C%2BCI4Spet51Ae68t3hlFPxhGLcY1oGvJ0CUOlKt0GRnGOmrVhVIMWs9oTaPUNbv4ZUlIWAy%2FS30w%2BP9%2BMdbylL1UCZ0lhrZg1e2u%2Bv4q%2F9rRqv6g6z6PNcFcg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807adfa78c18b00c-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFKsWSlxo2ST0-XWk-A7csw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2167 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 16:39:09 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C22D 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 16:39:09 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CE23 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b21ded14cf1aa9c3679a6054fcdbdc8b1d5099325eb4ce146dcd9589819033c0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 4D50 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 02:39:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
53822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Sep 2024 02:39:45 GMT
t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
pagead2.googlesyndication.com/bg/ Frame FD8C 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 01:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
316678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 01:38:49 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2167
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
expires
Sat, 16 Sep 2023 17:36:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame C22D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
expires
Sat, 16 Sep 2023 17:36:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 17:36:47 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 68C8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230913&jk=2050420011864688&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
pagead2.googlesyndication.com/bg/ Frame 30E2 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 01:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
316678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 01:38:49 GMT
generate_204
tpc.googlesyndication.com/ Frame 4D50 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qATl8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
www.googleadservices.com/pagead/ar-adview/ Frame CE23
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CBK-GrucFZaS9CJjSqAHTu7fwAZ3N1e5u947H098Qr7KF0pQOEAEg9dGPN2CJ88WE9BOgAYz2ovMCyAEBqAMByAPDBKoEwwFP0Iweze7zYmWS2YBoVfBBcGbx6SQ5lolodaWXV9q8e-9OEiL...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8391a13843d0dc640000000000000000%22,%222%22:%220xc8eda1aac409e6f90000000000000000%22,%223%22:%220x4c0379...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8391a13843d0dc640000000000000000%22,%222%22:%220xc8eda1aac409e6f90000000000000000%22,%223%22:%220x4c0379d9b7f389710000000000000000%22,%224%22:%220xec6012d547b8f3ad0000000000000000%22,%225%22:%220xd3e8a154ec1b92760000000000000000%22},%22debug_key%22:%2218410272346377630889%22,%22debug_reporting%22:true,%22destination%22:%22https://animeape.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22778615564%22],%224%22:[%2209-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215489773370136361201%22}&andc=true
Protocol
H3
Server
142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x8391a13843d0dc640000000000000000","2":"0xc8eda1aac409e6f90000000000000000","3":"0x4c0379d9b7f389710000000000000000","4":"0xec6012d547b8f3ad0000000000000000","5":"0xd3e8a154ec1b92760000000000000000"},"debug_key":"18410272346377630889","debug_reporting":true,"destination":"https://animeape.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["778615564"],"4":["09-16"],"6":["true"]},"priority":"500","source_event_id":"15489773370136361201"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 17:36:47 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x8391a13843d0dc640000000000000000","2":"0xc8eda1aac409e6f90000000000000000","3":"0x4c0379d9b7f389710000000000000000","4":"0xec6012d547b8f3ad0000000000000000","5":"0xd3e8a154ec1b92760000000000000000"},"debug_key":"18410272346377630889","debug_reporting":true,"destination":"https://animeape.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["778615564"],"4":["09-16"],"6":["true"]},"priority":"500","source_event_id":"15489773370136361201"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
pagead2.googlesyndication.com/bg/ Frame CD63 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 01:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
316678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 01:38:49 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x8391a13843d0dc640000000000000000%22,%222%22:%220xc8eda1aac409e6f90000000000000000%22,%223%22:%220x4c0379d9b7f389710000000000000000%22,%224%22:%220xec6012d547b8f3ad0000000000000000%22,%225%22:%220xd3e8a154ec1b92760000000000000000%22},%22debug_key%22:%2218410272346377630889%22,%22debug_reporting%22:true,%22destination%22:%22https://animeape.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22778615564%22],%224%22:[%2209-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215489773370136361201%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 17:36:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 2A3B 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 16 Sep 2023 16:34:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 16 Sep 2023 17:36:47 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2A3B 		2 KB
892 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 11:10:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
23148
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 11:10:59 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 2A3B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 03:28:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
50907
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9135
x-xss-protection
0
server
cafe
etag
9583221549990841032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 03:28:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2A3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
38904
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:23 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 2A3B 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:48:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
38905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8275
x-xss-protection
0
server
cafe
etag
7349537481621356269
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 30 Sep 2023 06:48:22 GMT
l
www.google.com/ads/measurement/ Frame 2A3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRGKpdOU3561OugbVylB-yxl0ipCHpgXEtk8Xuacj-_RX3GMTlt4dk1J9Ev-BgBp70wgLuyNo8BjyEl4hRCyvYEYdFXvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A3B 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80a::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:47 GMT
9041af033b7a690ba70e3134a2c135bf.js
www.gstatic.com/mysidia/ Frame 2A3B 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9041af033b7a690ba70e3134a2c135bf.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 09:22:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15189
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 23:26:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 14 Dec 2023 09:22:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F389 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
33726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 08:14:41 GMT
etag
48472445140208031
expires
Sun, 17 Sep 2023 08:14:41 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD8C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCElQrucFZaO9CJjSqAHTu7fwAQAAAAA4AeAEAg&bg=!S0ilSAfNAAZQjyUVcI87ADQBe5WfOEACjKBcf-Vig91JqFwu0hTDQR2Mbf9KaDlosaNYeVbmm8mvnPxCiYXls6fZSkkFAgAAAM9SAAAABmgBB5kDN0DS3hu9_C-LFS8BHeUBZEZ-69_lTwMvfsdEhWfHLvOdyb4ayZ3bJXia7buN18j0cVdp2jxSvSMpdqpXFQZ6cJqR08WA8Ccu0_uTFe4aT-Rf9KiArhxjYSOrS9a9qUcLC0e-quQOKgAhKXm6gG2m33NdTJZByBaEg7T6OEAbhM6Tm1UeU3tbFCE41VuHY0nJnxKnu7TulL9WVMVSzj8QHw8jKSzGT6hppNWpY8xar3VfOFEy1s9SmUWAspE-I2MpQxQQtgXU5K9v_xs43yUk381DHE1ahVxtgFbTbH3vHYaGBtrelOrLQc92rTYkyxvTtNn7QvCKc8j8y4fQJxnQIkPEH0zxXldHMuuTnOG3x9q9YdBxpoL6QJjjEvjjO6yPI4kR3IB3lRLQKCwQrqF0lJlU1Fyej7fq9c94C9T2h2xxtP_dzRsiCKbS3nGgFMw3Xxw6fP4tf3p4f60cFBp9AxcE3NNG5CPJioaCV790y0GnRluM4djS9rklKAxSQd-GiD8ZtI7LVNLp5c7lzvYsaUgCPWXwavPOavdj-trMWgpm4RMhvJxEaFRlNd9Oo_hlnbMRdG2DtxpKs4fnD72BvUWt4B-zaD2hfPYTaCY7oqV-HeftjLO9MlY8tbYSylxe-yVBvmg2kfPhOV2lddM0YFoA4oTQU83rpfILpLSBrQCDUbuYKRkHZihA5OjKhM1byeBFp31_0M3byTf55FsRdq1nICpdKq9dNESvyJsiFWIexEI3-mflhmaIC6r0QPBKOIxaT5fz4iZ1K6ZLb7XipxwqweOiHBh4gLcXx9x8PFATQGGJIKDQVVilfW4RxI2r8EQwUoAunGyMFigGIzZSKksMENdCJRxeaXtFYwI_BDa2MRLs19LDCKoCdTf806ZXGeESvuFzVxaVCHAbBOdv852_sZQywTQgcPr0EQ234REMEPRk-u8kfXzIYivIkwivR8NNTzyExy4jBAIrEeyvqespqj9B6FAgdFBSA_JDTkLOuWzsLXN-a9lTJ69Kq0_1-kZ6ShAAbrY3f44TgYm9wd_5if3cHxQmRIRDU9ulS1IPQrKtH3gUrE4YWrbXTItFlKSHb1OLuTk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10915232102923675160/ Frame 2A3B 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10915232102923675160/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf96dc71db18b4f181edf0658e0819aba48bc710ba4902ce46367de713e5784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 10 Sep 2023 18:38:57 GMT
x-content-type-options
nosniff
age
514670
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51624
x-xss-protection
0
last-modified
Wed, 18 Jan 2023 11:05:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Sep 2024 18:38:57 GMT
truncated
/ Frame 2A3B 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2A3B 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edb60b5c83de1324135ac34da4699e479b1db0e000840854d56d992c32c4ead4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 2A3B 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
339605214a967876acdce89155b69569a2596b80fb747dbc70e6530b51d23adf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
i.match
s.tribalfusion.com/z/ Frame F389
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESECaU5_ECm_uuwOWnptwfyUM&google_cver=1&google_push=AXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECaU5_ECm_uuwOWnptwfyUM&google_cver=1&google_push=AXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOF...
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECaU5_ECm_uuwOWnptwfyUM&google_cver=1&google_push=AXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
807adfa9fb46268f-NRT
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2823
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECaU5_ECm_uuwOWnptwfyUM&google_cver=1&google_push=AXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRT6mmGbK3UWLVkrKNHJJF2gs5JLEPQJftBRO0YCBYtzrZcLUiFSqbNJ98BYZIyS2qpEjQA6uNd7oYJV8Y6cN7_-yr5lOFY2FI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
807adfa91a81268f-NRT
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F389
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEK3utqst2qAoETKCW9XqtI8&google_cver=1&google_push=AXcoOmQs0pvXBzgG5RlQH_uj-I4SJO0lEtW_DxoC_Gw4Gy0J6nkqff9I-2goR0xpLm1gmvqIkrYjkGwzbk4JEmJF0tyOFU6pGGiMRw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5A8DC3264344CE89A956CE5D073B97&google_push=AXcoOmQs0pvXBzgG5RlQH_uj-I4SJO0lEtW_DxoC_Gw4Gy0J6nkqff9I-2goR0xpLm1gmvqIkrYjkGwzbk4JEmJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5A8DC3264344CE89A956CE5D073B97&google_push=AXcoOmQs0pvXBzgG5RlQH_uj-I4SJO0lEtW_DxoC_Gw4Gy0J6nkqff9I-2goR0xpLm1gmvqIkrYjkGwzbk4JEmJF0tyOFU6pGGiMRw
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 16 Sep 2023 17:36:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=2B5A8DC3264344CE89A956CE5D073B97&google_push=AXcoOmQs0pvXBzgG5RlQH_uj-I4SJO0lEtW_DxoC_Gw4Gy0J6nkqff9I-2goR0xpLm1gmvqIkrYjkGwzbk4JEmJF0tyOFU6pGGiMRw
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 15 Sep 2023 17:36:47 GMT
pixel
cm.g.doubleclick.net/ Frame F389
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEMtuarUFx9hZtvzqpi8F7xo&google_cver=1&google_push=AXcoOmQqG5AWt_1DyVwMyAkArXLFhIa1mJwWihsJjN8O1lq1GMVM6mQM3k84fyaCGGrcEssoOirg5nNzuGEVFevCvSLqBHdOGcGaVhE
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQqG5AWt_1DyVwMyAkArXLFhIa1mJwWihsJjN8O1lq1GMVM6mQM3k84fyaCGGrcEssoOirg5nNzuGEVFevCvSLqBHdOGcGaVhE&google_hm=NTZPSGFsMDBRQkRITjAw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQqG5AWt_1DyVwMyAkArXLFhIa1mJwWihsJjN8O1lq1GMVM6mQM3k84fyaCGGrcEssoOirg5nNzuGEVFevCvSLqBHdOGcGaVhE&google_hm=NTZPSGFsMDBRQkRITjAwNkFWMEs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Sat, 16 Sep 2023 17:36:47 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AXcoOmQqG5AWt_1DyVwMyAkArXLFhIa1mJwWihsJjN8O1lq1GMVM6mQM3k84fyaCGGrcEssoOirg5nNzuGEVFevCvSLqBHdOGcGaVhE&google_hm=NTZPSGFsMDBRQkRITjAwNkFWMEs
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame F389
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENWNjTUCw1Cbh4usm_237Vc&c_param1=AXcoOmRU11iWJ9jIxLJn8GA7iSk3q3qKV3Lu1rkTPwAP4PcJRCarjQxPKZG5E0v-UlJCK_CnFZQMXDdOAq45C2Qs4Yud-NQqx7x2kU0&gdpr=%%GDPR...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRU11iWJ9jIxLJn8GA7iSk3q3qKV3Lu1rkTPwAP4PcJRCarjQxPKZG5E0v-UlJCK_CnFZQMXDdOAq45C2Qs4Yud-NQqx7x2kU0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRU11iWJ9jIxLJn8GA7iSk3q3qKV3Lu1rkTPwAP4PcJRCarjQxPKZG5E0v-UlJCK_CnFZQMXDdOAq45C2Qs4Yud-NQqx7x2kU0
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRU11iWJ9jIxLJn8GA7iSk3q3qKV3Lu1rkTPwAP4PcJRCarjQxPKZG5E0v-UlJCK_CnFZQMXDdOAq45C2Qs4Yud-NQqx7x2kU0
date
Sat, 16 Sep 2023 17:36:48 GMT
server
nginx/1.23.2
content-length
0
doubleclick
app.cauly.co.kr/idsync_ssp/ Frame F389 		0
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESELG5nQfGYkuLobdN5aEqCG4&google_cver=1&google_push=AXcoOmSJ6Ljq8xAdXe6E-HQUWoTMxpQaNRpBGio11kGnJb2VlCVNqsyOFo9pS_Fw2_XlPGsa0OMP-8y4yahUClpLRUeUAk5LjLTx-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
133.186.161.88 , Japan, ASN45974 (NHN-AS-KR NHNCLOUD, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 17:36:47 GMT
Server
nginx
Connection
close
Content-Length
0
Content-Type
Application/xml;charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F389
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEG9hGYYhEORtfisNsXKNqlA&google_cver=1&google_push=AXcoOmSCFjmB9bcnK1mX4zAIzXrR2ZT_MT8k2bHG7Lw-XwHc8QvAxRUXI0oaGA-eD3LdEW77PfUWRrEKWgCW49J6H...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSCFjmB9bcnK1mX4zAIzXrR2ZT_MT8k2bHG7Lw-XwHc8QvAxRUXI0oaGA-eD3LdEW77PfUWRrEKWgCW49J6H60E_yyZUwxrH70&google_hm=ARRSFxBOtEBYqOQ2C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSCFjmB9bcnK1mX4zAIzXrR2ZT_MT8k2bHG7Lw-XwHc8QvAxRUXI0oaGA-eD3LdEW77PfUWRrEKWgCW49J6H60E_yyZUwxrH70&google_hm=ARRSFxBOtEBYqOQ2CdTvZjY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AXcoOmSCFjmB9bcnK1mX4zAIzXrR2ZT_MT8k2bHG7Lw-XwHc8QvAxRUXI0oaGA-eD3LdEW77PfUWRrEKWgCW49J6H60E_yyZUwxrH70&google_hm=ARRSFxBOtEBYqOQ2CdTvZjY
Date
Sat, 16 Sep 2023 17:36:47 GMT
Server
Apache
Connection
keep-alive
Content-Length
234
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F389
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESECRErjP0vy40JG9OZBe94tY&google_cver=1&google_push=AXcoOmTJ2mQd-lFwX4tITPUJ0kvEQALfUh6VyvFcm7PGxvZGRwKuYevvetXZJJPeOeL...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTJ2mQd-lFwX4tITPUJ0kvEQALfUh6VyvFcm7PGxvZGRwKuYevvetXZJJPeOeLVtfUzmDtIwT7xewMckDmWsI8nCDsfpflQ1Kzq
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTJ2mQd-lFwX4tITPUJ0kvEQALfUh6VyvFcm7PGxvZGRwKuYevvetXZJJPeOeLVtfUzmDtIwT7xewMckDmWsI8nCDsfpflQ1Kzq
Protocol
H3
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
1179ff2c.10d4fda7
date
Sat, 16 Sep 2023 17:36:47 GMT
x-bytefaas-request-id
202309161736471D3732AFA5B452089B78
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a184-27-184-21.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
x-parent-response-time
195,184.27.184.21
server-timing
cdn-cache; desc=MISS, edge; dur=152, origin; dur=44, inner; dur=41
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202309161736471D3732AFA5B452089B78
x-cache-remote
TCP_MISS from a23-32-17-25.deploy.akamaitechnologies.com (AkamaiGHost/11.2.4-50766152) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmTJ2mQd-lFwX4tITPUJ0kvEQALfUh6VyvFcm7PGxvZGRwKuYevvetXZJJPeOeLVtfUzmDtIwT7xewMckDmWsI8nCDsfpflQ1Kzq
x-bytefaas-execution-duration
39.35
access-control-allow-origin
*
access-control-allow-credentials
true
x-origin-response-time
44,23.32.17.25
x-tt-trace-host
01fb4e909efa38abb24de94bf86e8c5ac67cb605cba9c6632d4d851d80eef540052b74efc2402d94215d430a7a19603d93b85ef2fba49c2cc1cc18ab193b8324d07e40f0da11ad3e41457071c797d50678497336291896e54d38cb8ea7d930275a3f1c6580559a82465cdd1ece3382409d
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Sat, 16 Sep 2023 17:36:47 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F389 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDOiy8SOG2vucJHXI2t-IravZEN_MUApoKzjvlxDx0oQYFFv82boY7Dvfxq8iLUpigNUF9fw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 7B38 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2a5142ec0dde264be636df71595951a94a2380be4f9986562970e52bf415bb2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame 7B38 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstapco2BFPBn_WGaLcxlOtS9iNytZvxOvdmq5tJa3Mj8Rtts3oqk6CoqS8-i57osm41PCU6Epqsur_Ss_Yb7RCvp-1NYpg1w_17WaHYXT4mLrRTwgV2v6CqmKaJdfu48REEJhPP6Gd7qLK5tSwjxKo9J17V30rb0RLt31GVeJLTPV4s2INgVplB6zYCQRFWxIH0Mx_CQn8uOb9GfCbae27zLiTrELDuOSqV_jjijDwRN52yugPvuD4RuQA3fB43PqyYcBNY6MtqP3FEgci8NkTHVEzaSLgefLB4Vx6jVm_C_0o645sfolIlQL-8W9i1rgYOBSlm8K12A91kgDkVA4RfE6E4Tcw7ifTXKjzNsvKKxBo-CVTmVeKo6BYl0e7hFDydro4pIVXvVuTIPInYPDtEBXt13hQukKZTDGzxMxeCUSpfUmazsLwW7CfcOB_ZrMsoE61qSml0pvIhPXrtpmOouJIo5F8B84e10gahtsUlU3V74pHx2M9RyLyU05yzIJ4J_lzG6HCfVoX41oufTyz9BUKv2viZ2Xr4lu4V1BSP1nj8WORwr9PLzREJIboBipMHDdIv39bq_O0yPhPV30BeGIhfBFudXgiBQ1FHSO18G4rfYdc-WjUY1wSbCAyUpDBsphfOXFum8qWqA2tq48A-ZYbNeuqUl4E-2zO7-97T6utJCumClKRyceH2EtqA7bhhlmVtPddbB4D380HB_flQOYLaOD7FFwtuFlVR9WbLFAo1vHhBlo9COPSZDMwteB54yhVA-57efGo9jA6WETV26bpA1bWypjQLL1h3jNd-XEOAp_Xwiah2NukfM8qpwCZNJUoo00F1Z-Hin_PPr8BSigHn5r0SyvZlRFtd7sxLJ0D5z3k6tDTIGDj5SoTBuk9A_aZqfyIj5BBuUbpY9DMmh7QXLHb-fafu2T4MaIfvRrEiHqbCUI94s0EH8f8yYkwU858xhY1nU8yRAN4ZbiZL63IBNd4e01eZtWybuvRF5F1IViw1msSZJfMkQURcEDGJ37obzsecTFTGVTU4wQtyRgIkvIy3tNj3ThtpXaw29CXqHKpoAtkyxLK56qJbdJQPPJ5t8hKabPCXYZQQ7rnSACRWyNNnpyALvULadZvlls_9OhK1y3r0Zr_MZOKM8kJFc7mDND8&sai=AMfl-YQXGMKj6-xvMlMFFA0IWA0idKYM03W-7MLDzRxI60LfBlxvna2WQOET69JUb_FzZKfOsfQdW4wGSD51xUvVPDNrWADCOzG4p5P-f_iBqrAhXv5Zoz538wNN__XsFWmRHQ1JgnibqkKC7vht9CwFcBQjTYYXDEZ8mXZltRVsgto7ljH2mVpljtIbsi_MISnE39UTo0CZr4Y_-tKVSmxoTn39g_XRGsNtn2ulopd-RvQ-lr4HkA&sig=Cg0ArKJSzEjmdF8HgR2NEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=492&cbvp=2&dett=2&cstd=0&cisv=r20230913.66913&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=
Requested by
Host: www.promosgo.com
URL: https://www.promosgo.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 16 Sep 2023 17:36:47 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 2A3B 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 09:32:29 GMT
x-content-type-options
nosniff
age
29058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 15 Sep 2024 09:32:29 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 2A3B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CNjLurucFZf7IO5WRqAGLtbXID-2CqM5vif-z1J4R29keEAEg9dGPN2CJ88WE9BOgAerp6uYCyAEJqQII7SoEJuGxPqgDAcgDywSqBMcBT9CUJXIS4ceKDGUB5WWMUMaGtaz8Lcy5q7U6PnU...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2771d66cf9b34dd30000000000000000%22,%222%22:%220x3dfa31a6f36e35170000000000000000%22,%223%22:%220x287fb5...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2771d66cf9b34dd30000000000000000%22,%222%22:%220x3dfa31a6f36e35170000000000000000%22,%223%22:%220x287fb535cedfc29f0000000000000000%22,%224%22:%220x65a557217c313e970000000000000000%22,%225%22:%220x5a34aa1094fd186d0000000000000000%22},%22debug_key%22:%224640468610161403962%22,%22debug_reporting%22:true,%22destination%22:%22https://hotelbeds.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22752530666%22],%224%22:[%2209-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211379561900598226209%22}&andc=true
Protocol
H3
Server
142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2771d66cf9b34dd30000000000000000","2":"0x3dfa31a6f36e35170000000000000000","3":"0x287fb535cedfc29f0000000000000000","4":"0x65a557217c313e970000000000000000","5":"0x5a34aa1094fd186d0000000000000000"},"debug_key":"4640468610161403962","debug_reporting":true,"destination":"https://hotelbeds.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["752530666"],"4":["09-16"],"6":["true"]},"priority":"500","source_event_id":"11379561900598226209"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 17:36:47 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 16 Sep 2023 17:36:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2771d66cf9b34dd30000000000000000","2":"0x3dfa31a6f36e35170000000000000000","3":"0x287fb535cedfc29f0000000000000000","4":"0x65a557217c313e970000000000000000","5":"0x5a34aa1094fd186d0000000000000000"},"debug_key":"4640468610161403962","debug_reporting":true,"destination":"https://hotelbeds.com","event_report_window":"259200","expiry":"2592000","filter_data":{"15":["51"],"16":["3"],"2":["752530666"],"4":["09-16"],"6":["true"]},"priority":"500","source_event_id":"11379561900598226209"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
pagead2.googlesyndication.com/bg/ Frame 9CFA 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t8GibRNARgYsE0Sx_-jM8Z9WBbCCL83x92A0C_FtaJU.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-3347751211128375&output=html&h=280&adk=1213588912&adf=3421370738&pi=t.aa~a.2116064224~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1694853406&rafmt=1&to=qs&pwprc=6705804310&format=1200x280&url=https%3A%2F%2Fwww.promosgo.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694885806795&bpp=2&bdt=1431&idt=-M&shv=r20230913&mjsv=m202309120101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D954831979dda9849-2261977bf0e30042%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w&gpic=UID%3D00000c489d96058f%3AT%3D1694885806%3ART%3D1694885806%3AS%3DALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ&prev_fmts=0x0&nras=2&correlator=6513370099808&frm=20&pv=1&ga_vid=418610547.1694885806&ga_sid=1694885806&ga_hid=102181545&ga_fc=1&u_tz=540&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876&oid=2&pvsid=2050420011864688&tmod=1798138116&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=AXJngFznwj&p=https%3A//www.promosgo.com&dtd=145
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 13 Sep 2023 01:38:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
316678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14716
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 12 Sep 2024 01:38:49 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2771d66cf9b34dd30000000000000000%22,%222%22:%220x3dfa31a6f36e35170000000000000000%22,%223%22:%220x287fb535cedfc29f0000000000000000%22,%224%22:%220x65a557217c313e970000000000000000%22,%225%22:%220x5a34aa1094fd186d0000000000000000%22},%22debug_key%22:%224640468610161403962%22,%22debug_reporting%22:true,%22destination%22:%22https://hotelbeds.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%2215%22:[%2251%22],%2216%22:[%223%22],%222%22:[%22752530666%22],%224%22:[%2209-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211379561900598226209%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.130 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 17:36:47 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230913&jk=2050420011864688&bg=!oaKlou3NAAbP3fMH7907ADQBe5WfONvYciF40-OzKlAzarzOSiJPcxMUCG8SZ6qgRLvGH_UB8q9LvG72s27T_EglkgU8AgAAALdSAAAABWgBB5kC-CdV_QYrcxa-ak9_0nwIenGUP8sjujErnxXQDuM61dlrJJT88HHJAR_yA4QbPBVlX3O71Cd25KU6TlO8VYEN69fxpQ0WJCB-82VxIwpCnAGarDlnwrygdjsS-lJ_zK-XJW_Tqy7dilZFcmVOJYwSQn4BHAujH4ExtIrXwCiBZQCA8lxx6DzNr8eEboDnssGbFJE5Mg6vmlDqZzqhsGPC6I7jSRDckeKCaNi5lzcp3A5T7wqLamtBAfR-2P_MOjETRZfFa_xixi_OXUpfAyrY0oLa-9CePUUx3mknk_G2VLOmRThAjcZm3HzpXKGztcQDTOL2onB1IFQdYCOqbx2DaAyfO8gP3OVKLLI6hKHnWmqO1t1SQD90N1zs9Q3HlTftktRubPFj7nkc2OxJaCwz8hI-y3CBGjvruZjDlMzTIMcI--rYYLd_h02MJUlTMwVD2t4j3SrmFKa39NLuliGV-TPKAHKDRM5FE4p2zdb5Jy6XsHBDV3eSHpVaBoqP4yHVCej3NdjTAFCYW2bEUCLb8FX18BP2euZ6fB43trZN2MVVICfwtuJpvJQq-Pec-q46nN1ewh3AaJBJ6v3A-SfsMNzl1tgHqMiOkdSjc3jddlfyNgo0bDekNEy6FSGsco3RxwwzjRPXjUuf5LQO8qFRIOCUirU07wJ3H_726i45IsG8ny_bFKi1x6RtCqa1ix_0gKsdJFyRHlZ6ZD4AYcmS9m-cJe776RYUnIlDUXNh22eyZZV2tkJbInF8OlntfXkgscyjHJqX2Ee3jSartyfU8IEwB5hm1oaA7SKiW67flY9ENMY0CfOXhOfTa3rJaOzhtvqJH-FIZn1_kHLfOn3FG2rO02E-C1WclVtLSWmbSKYkbfuuc8cMIMYqdOyhGBTtwaCFHwrouygI5Cxl2h5SmG_0Q6AzOJYRtXbEjehdPtI0OfKJ-4e00NQtFgA8RzVLvapWc8LuCMcXBRhzqPbKmJQufOdRigtVok8649WEm60I9cd2Upn0GZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=2.763047084979945
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yjFVjEFDXrLOLn0qNwzLAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-yjFVjEFDXrLOLn0qNwzLAQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.115264654534454
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Y484yt9hJB-dhBkvQpIx8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-Y484yt9hJB-dhBkvQpIx8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CE23 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTxoo8FYl255bGt-uEjz1xZKpFRqAT8LtCTPmJlip9fnU5S86s0ZKtuv3N1sHRJRNQ3BeJfzRhhMTOa5hbL3dHzkc1jFnVjMbBBbFOB4i-Yc5BRPj7aSRK8E4h4-YSpBcToXiVThy1yg&sai=AMfl-YT5xBepUilBtedTCHcZggI2IMs5XkiW7EHQDkXRGim6oV0ooizhmyc1OQQPSjDafF4ahjvIaW1XfAyz&sig=Cg0ArKJSzExwNJQV9UwUEAE&cid=CAQSGwBpAlJWEDqZbsRGPnYZWUEIfNyK-StxJJn63RgB&id=lidar2&mcvt=1029&p=0,0,124,1005&mtos=167,865,1029,1029,1029&tos=167,698,164,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694885806953&rpt=431&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YOGXI8XTV6cuYGeFzNE4nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-YOGXI8XTV6cuYGeFzNE4nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7B38 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYvlopEUuWY71kwC9ELgMcFeA79m42yrtEj7Rw_egvcER_elQjYGIsEI-0GtW_MNqBdDyInwl7Uxk8v8pHXrd5OcRFOI2svBW7GSEnwnVmayNz1tkHFaPvqO2-Y51i&sai=AMfl-YTHDB-LT2isUMUdxrSWhvx56R8eXC8ZeqA1L9NUOKadpKIKpd8jmzdC3M8IeflwLNBe27PbF70OeyKT&sig=Cg0ArKJSzJPKF7mRi1tgEAE&cid=CAQSGwBpAlJWEDqZbsRGPnYZWUEIfNyK-StxJJn63RgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694885807022&rpt=480&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
_.swf
fundingchoicesmessages.google.com/f/AGSKWxV5Uo-wgJR1XDOz4sFypH0dYLw2aNgay402Euk-rEA0f_3ncVivm_wiGjEyDh-IVx6hFmxtoGa6Jg4HEpFmLiXh-JMoqzsy0DXy-alSgUKkINwrXzKERvBPRs0VfUMM-n_u5AI4IIk8yzITVOZzIuGbvO5zF... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV5Uo-wgJR1XDOz4sFypH0dYLw2aNgay402Euk-rEA0f_3ncVivm_wiGjEyDh-IVx6hFmxtoGa6Jg4HEpFmLiXh-JMoqzsy0DXy-alSgUKkINwrXzKERvBPRs0VfUMM-n_u5AI4IIk8yzITVOZzIuGbvO5zFsORDZG5-VCcsaZhhxNolGjkXjnUmFkU/_.swf?iurl=http/forum_ad._ad5._home_ad./phpads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87cf02bf534fa6f4ce5348348db884d3176b7bf1c2f5bee2fb8c194ba80bde8d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7aY0B0rUQ4FHYB7pN4FYsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7aY0B0rUQ4FHYB7pN4FYsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a95451be6e53fa4a280c90276478ea0365428962a3ff0db8290da826600b552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:20:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23241
x-xss-protection
0
server
cafe
etag
13973718040851992629
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 16 Sep 2023 18:20:30 GMT
AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8QqKCS_2599m0TttNb4kOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-8QqKCS_2599m0TttNb4kOA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fCL3FYRO1FGc-pJjY7-Lzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-fCL3FYRO1FGc-pJjY7-Lzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fcPIALlLbYl3JzC6yrJUIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fcPIALlLbYl3JzC6yrJUIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jAN-wdykHg3bGXWR4Gh_UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-jAN-wdykHg3bGXWR4Gh_UA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWQkXLTkYVKwiZ5pAMeLosh5_9-MySAek6Rg8CdtMlpeeDtK_N6CNLM_vtAbKCr57jXJgWJW6VH3PVsakjTIDd2u-fK1tuazmpYr__mjxDCtj1Xp-zT-BXeoQd9CP7Tsz3EpJlwLQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWQkXLTkYVKwiZ5pAMeLosh5_9-MySAek6Rg8CdtMlpeeDtK_N6CNLM_vtAbKCr57jXJgWJW6VH3PVsakjTIDd2u-fK1tuazmpYr__mjxDCtj1Xp-zT-BXeoQd9CP7Tsz3EpJlwLQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjk0ODg1ODA5LDIyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucHJvbW9zZ28uY29tLyIsbnVsbCxbWzgsIkN5VE5lZFo4RHVnIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b0ee035336842d5779c45cab79e32616ab93945d82638a0235df6f0c588f292
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8C3ajcSGclAtfCRnP71ZKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.promosgo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-8C3ajcSGclAtfCRnP71ZKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWf0U-RawqrPo9CgQGqPyxk2IfduT8G4uGAYkEtz0ckj-06K5mYNOxzHwu042sPHw3FWUUUYbJ8NNA4k9GuSc4EiC3Rxx0vpMFFUb6e9x6lflPiZ540bbrkNxmx6N7M_hiYK-nj0g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWf0U-RawqrPo9CgQGqPyxk2IfduT8G4uGAYkEtz0ckj-06K5mYNOxzHwu042sPHw3FWUUUYbJ8NNA4k9GuSc4EiC3Rxx0vpMFFUb6e9x6lflPiZ540bbrkNxmx6N7M_hiYK-nj0g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j5qbvVsxiDjdFYPhAal8OA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-j5qbvVsxiDjdFYPhAal8OA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV6ngdZxhjoDvyCYhqIcRgabM6BedklGsIjeGZe_-j0ze-Rtrgx90G10kDrQkSyDvEnTutbKwj-BUFpz051KrZfWluorJccWUXHrRxQO_1GqCsZkXX2nDqQosqkPQ_3ooSu7nInAg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.CyTNedZ8Dug.es5.O/d=1/rs=AJlcJMwwCeNX8qEaqrGT1lPNfJ8sHpbTsg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:825::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1CmvoH-BWhyZhuopc86MKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 17:36:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1CmvoH-BWhyZhuopc86MKA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.promosgo.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-P5S6812Z2K&gtm=45je39d0&_p=102181545&cid=418610547.1694885806&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEI&sid=1694885805&sct=1&seg=0&dl=https%3A%2F%2Fwww.promosgo.com%2F&dt=%F0%9F%8F%86PromosGo%20coupon%20codes%20-%20save%20much%20with%20coupons%20and%20deals&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P5S6812Z2K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:821::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.promosgo.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 17:36:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.promosgo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| googletag object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery function| ClipboardJS function| store_good function| store_bad function| code_good function| code_bad function| code_box_height_width_show function| pop_submit function| jump_url number| dot_t function| dot function| show_dot function| push_record function| emailsub function| emailsubone function| submit_coupon function| Getcode function| phone_nav function| phone_search function| auto_complete function| search_pop function| store_letter function| selection object| jQuery1704867990301329099 function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ZDQ5OGFmODEyYWY4MzYzZGxvYWRlcl9qcw== string| ZDQ5OGFmODEyYWY4MzYzZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_image_requests object| _google_rum_ns_ undefined| google_rum_values boolean| edbfcfaf-728f-481b-ad81-3422d5c75241

17 Cookies

Domain/Path Name / Value
.promosgo.com/ Name: _ga
Value: GA1.1.418610547.1694885806
.promosgo.com/ Name: __gads
Value: ID=954831979dda9849-2261977bf0e30042:T=1694885806:RT=1694885806:S=ALNI_MYFvC5zSa1stCKAo5ns3TrUI35y9w
.promosgo.com/ Name: __gpi
Value: UID=00000c489d96058f:T=1694885806:RT=1694885806:S=ALNI_MblVwjFa6lktqqCblD8BTh4q6hCGQ
.casalemedia.com/ Name: CMID
Value: ZQXnrzwhMBorEnFjKyU8eAAA
.casalemedia.com/ Name: CMPS
Value: 5528
.casalemedia.com/ Name: CMPRO
Value: 5528
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUmuPmBrQp-3DwtfAg5N-IW1BCkvdkOcfuM55zkn4_Mkj-RYqUqc5VDIa-RbqV8
.promosgo.com/ Name: _ga_P5S6812Z2K
Value: GS1.1.1694885805.1.0.1694885807.0.0.0
.uncn.jp/ Name: t
Value: v_14521710-4eb4-4058-a8e4-3609d4ef6636
.r-ad.ne.jp/ Name: r_ad_token
Value: 56OHal00QBDHN006AV0K
.pangle-ads.com/ Name: _pangle
Value: 2VULeaIut5DozKZuO3GWPCbtTeB
.googleadservices.com/ Name: ar_debug
Value: 1
.simpli.fi/ Name: suid
Value: 2B5A8DC3264344CE89A956CE5D073B97
.tribalfusion.com/ Name: ANON_ID
Value: a3ntuJM0ing9PBmSTEpS6n70fyZaq3l6JWH6hKBPHnHJdbX468KYEiftHaLGh8pmVwuMluNmarJTttp6a9pIwUK9Q
.uuidksinc.net/ Name: jcsuuid
Value: RXkdfm0IrAoB592D33wE
.promosgo.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_TzVkoW916jSjub6xHC6C07mU6NsM637P2q_k0q7jkXL6iFfx0CnJE0hvGro_KKzQjgfjxHbYs0fbvCbUVj5NIGRENK5yoeNZrba8gStchFfYSiJCQDnppn2JZ-tNIRcoJgj_splgsWUQht9MmUkDja0vPmg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

3 Console Messages

Source Level URL
Text
network error URL: https://app.cauly.co.kr/idsync_ssp/doubleclick?google_gid=CAESELG5nQfGYkuLobdN5aEqCG4&google_cver=1&google_push=AXcoOmSJ6Ljq8xAdXe6E-HQUWoTMxpQaNRpBGio11kGnJb2VlCVNqsyOFo9pS_Fw2_XlPGsa0OMP-8y4yahUClpLRUeUAk5LjLTx-g
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-3347751211128375&fa=3&ifi=3&uci=a!3&btvi=2&xpc=6FPdjlBXsu&p=https%3A//www.promosgo.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20230913/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-3347751211128375&fa=1&ifi=5&uci=a!5&btvi=4&xpc=u8vYWRL2eu&p=https%3A//www.promosgo.com
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
analytics.pangle-ads.com
app.cauly.co.kr
cm.g.doubleclick.net
cs.r-ad.ne.jp
ds.uncn.jp
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
s-cs.send.microad.jp
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.promosgo.com
104.18.27.193
133.186.161.88
142.250.198.2
142.250.207.2
142.251.42.130
18.177.11.95
184.27.185.21
185.196.197.130
202.233.84.8
2404:6800:4004:80a::2002
2404:6800:4004:811::2004
2404:6800:4004:818::2002
2404:6800:4004:81c::2002
2404:6800:4004:821::200a
2404:6800:4004:821::200e
2404:6800:4004:822::2003
2404:6800:4004:822::2008
2404:6800:4004:825::200e
2404:6800:4004:826::2001
2404:6800:4004:826::2002
2404:6800:4004:827::2003
2404:6800:4004:828::2006
2606:4700::6812:18ad
34.124.209.251
45.79.150.226
54.92.42.8
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
1744770b7ebaf3ce57367b5b9f9104bd91d42ca907a58bded63c7d9dc7e4afe0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189950071cf197c173abc4de30e99db846195dddd600c0480c31aab5dbf2c8e8
2476cc1b2ae4a53812a7b54c7eeb4e4bc18b35084846bbe72d9748838e413e90
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
339605214a967876acdce89155b69569a2596b80fb747dbc70e6530b51d23adf
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4a95451be6e53fa4a280c90276478ea0365428962a3ff0db8290da826600b552
4c9451b186ad875597545898917cab6510c1ab55c31fff86446696248aaaf882
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f36c6941b3a0b755df6e1c1ba6919dc8eeab051a52504ff431c3564d4d791a
515fdc63d3e2c3975825a395c0b45516716dcbfb0d3f1923a3ef469d7b998c7b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a8ba9904ae71879d5f1dc8d0a90c87832cec64273600d94ec752a13ff10ece9
5bce4ccda258db5c30e1af3c21c87411deed4a5381ce433b7c785fedb5594ade
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
6b0ee035336842d5779c45cab79e32616ab93945d82638a0235df6f0c588f292
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4b236a112bc6de7aca686ed515cad8bba68a974c97cc6b720e680127c631c3
87cf02bf534fa6f4ce5348348db884d3176b7bf1c2f5bee2fb8c194ba80bde8d
8f9d88352b286107f60c320c4c088f718c2a3a273818cd61901edb7f235a9339
94fedc808946c4a291b3f77f076727d9228cc279a70d107cf1ff9af499314c37
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f282f67cc56695f4575fd236066d4a2b5240754fcb7c8225ba226f4886992bd
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a2a5142ec0dde264be636df71595951a94a2380be4f9986562970e52bf415bb2
a3e2cb80c40234b2f2a88c830bf8ac827d7cee51ea8ba8ee1bca1230e941746a
a7cebaf1c1e68f32af5e542bf92b3c43a93e1f9627e0441a4f12d7c3234dc658
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aba62411bca729ebe023f9c50cfe76c9ae3d341c47a533e14c318dcb2a51069a
af2b6e3703532a7f8b5eb544a3cee2fa8edbc9ad623b828cd810bbe0929a1e1c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b21ded14cf1aa9c3679a6054fcdbdc8b1d5099325eb4ce146dcd9589819033c0
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b7c1a26d134046062c1344b1ffe8ccf19f5605b0822fcdf1f760340bf16d6895
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8ef3dfffb808bf9ba58a6cdeb2065f70a6b27c025ba2c6a58e323c78b54293a
ca694a3509ba4552ac0d3c94b24a3d0595bbebcc7a3cccb22015e99cec505448
cf8e921337b3b27d2b53c59ebce94b97865f200913fdbbf54165d3eafa77fadf
d2c802379361c68cfac71aff878a8dd98e42117d53f3939f5ffefb83c3a7534c
d5dc32c3b3518e0182fe2e6d59a9ed4690b2f7e038ace03fa8c8b0173be9d9dd
d7cf210bf75628e4c776390c3a62f3bb5eca593299c20c34a7ef8cc7ca0e4ec9
d94c847f5bb52c865fc087df9a8959aba74647742b196f35b6da2b1ccfcf8ef4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e576f12e82c468567e420386b68476ff7045815976395bc6baad1a822c7368a7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6dcbbfd3b2b395e8440193551d30cf590736083dfed83bb67f976badca15699
ea83b08d7f5d83056b092ec4784b0ba61dc737656176f8f30a2b5c65d5b428fb
edb60b5c83de1324135ac34da4699e479b1db0e000840854d56d992c32c4ead4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d2d45c531fc8104f8f8113a8ded09af91d8a59c29d608c7be0fea32917e2a6
f627b902dbb57bcca1ab7ccba32a015c45d2c84cae719ca5626993d7ced3c428
f661fd9aad67efdd5a963cb7a8840e07edce96fb0f31a4a92a2c42bb611369c7
faf96dc71db18b4f181edf0658e0819aba48bc710ba4902ce46367de713e5784
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce